By apstone
I have an SSL through cloudflare, and i have uploaded it to /var/ssl/ssl.pem and /var/ssl/ssl.key. I changed the folder permissions to chmod 700 /var/ssl.
I can access my site via http://165.227.182.40/ and http://aaronstone.io/ but not https://aaronstone.io/
sudo ufw status returns:
WARN: / is group writable!
Status: active
To Action From
-- ------ ----
22 LIMIT Anywhere
443 ALLOW Anywhere
80 ALLOW Anywhere
443/tcp ALLOW Anywhere
22 (v6) LIMIT Anywhere (v6)
443 (v6) ALLOW Anywhere (v6)
80 (v6) ALLOW Anywhere (v6)
443/tcp (v6) ALLOW Anywhere (v6)
netstat -atn shows
Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 127.0.0.1:3306 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN tcp 0 0 127.0.0.1:60484 127.0.0.1:3306 ESTABLISHED tcp 0 0 165.227.182.40:22 63.131.219.239:58963 ESTABLISHED tcp 0 0 127.0.0.1:3306 127.0.0.1:60484 ESTABLISHED tcp 0 316 165.227.182.40:22 63.131.219.239:58846 ESTABLISHED tcp 0 0 127.0.0.1:60486 127.0.0.1:3306 ESTABLISHED tcp 0 0 127.0.0.1:3306 127.0.0.1:60486 ESTABLISHED tcp6 0 0 :::80 :::* LISTEN tcp6 0 0 :::22 :::* LISTEN
My NginX config is as follows:
server {
listen 80;
listen [::]:80;
# SSL configuration
#
listen 443 ssl;
listen [::]:443 ssl;
ssl_certificate /var/ssl/ssl.pem;
ssl_certificate_key /var/ssl/ssl.key;
root /var/www/html/;
# Add index.php to the list if you are using PHP
index index.php index.html index.htm index.nginx-debian.html;
server_name aaronstone.io www.aaronstone.io;
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
#try_files $uri $uri/ =404;
try_files $uri $uri/ /index.php$is_args$args;
}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
location ~ \.php$ {
include snippets/fastcgi-php.conf;
# With php7.0-cgi alone:
#fastcgi_pass 127.0.0.1:9000;
# With php7.0-fpm:
fastcgi_pass unix:/run/php/php7.0-fpm.sock;
}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
location ~ /\.ht {
deny all;
}
location ~ /.well-known {
allow all;
}
}
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
Become a contributor for community
Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.
DigitalOcean Documentation
Full documentation for every DigitalOcean product.
Resources for startups and SMBs
The Wave has everything you need to know about building a business, from raising funding to marketing your product.
The developer cloud
Scale up as you grow — whether you're running one virtual machine or ten thousand.
Get started for free
Sign up and get $200 in credit for your first 60 days with DigitalOcean.*
*This promotional offer applies to new accounts only.