HAProxy - NGinx - Wordpress (SSL)


#1

Hi,

I am replacing httpd by Nginx on my platform (httpd, Nginx and wordpress), but I have a problem blocking.

My architecture is as follows:

INTERNET --------https------> HAPROXY (SSL) -------> http ------> NGinx -------> Wordpress.

I have installed / configured haproxy and nginx. Both work and my site is in HTTPS. SSL is managed by HAProxy and Nginx does not do SSL.

Now I downloaded and unzipped wordpress. To follow the installation, I went to the homepage from an internet browser and problems begin.

On the homepage for installing wordpress, CSS and java scripts are not loaded whereas the same architecture works with httpd instead of NGinx.

any idea?

My configurations:

#####HAProxy

frontend https-in
bind X.X.X.X:443 ssl crt /etc/pki/certs
mode http
option httplog

    acl my_site hdr(host) -i mon.site.fr
    use_backend wp if my_site 

    rspadd  Strict-Transport-Security:\ max-age=15768000

backend wp
mode http
option http-server-close
option forwardfor
http-request add-header X-Forwarded-Proto https if { ssl_fc }
server wp_1 X.X.X.X:8080

#####NGinx

server {
listen *:8080;
server_name mon.site.fr;

 root /var/www/html/site1;

 access_log /var/log/nginx/site1.access.log;
 error_log /var/log/nginx/site1.error.log;

 location / {

   index index.php index.html;
   try_files $uri $uri/ /index.php?$args;
 }

 if (!-e $request_filename) {
   rewrite ^.*$ /index.php last;
 }

 location = /favicon.ico {
   log_not_found off;
   access_log off;
 }

 location = /robots.txt {
   log_not_found off;
   access_log off;
   allow all;
 }

 location ~ /\. {
   deny all;
 }

 location ~* /(?:uploads|files)/.*\.php$ {
   deny all;
 }

 location ~* \.(html|css|js|png|jpg|jpeg|gif|ico|svg|eot|woff|ttf)$ {
   expires max;
   log_not_found off;
 }

 location ~ \.php$ {

   try_files $uri =404;
   fastcgi_pass unix:/var/run/php70-fpm.mon.site.fr.sock;
   fastcgi_index index.php;
   fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
   fastcgi_param SCRIPT_NAME $fastcgi_script_name;
   fastcgi_buffer_size 128k;
   fastcgi_buffers 256 16k;
   fastcgi_busy_buffers_size 256k;
   fastcgi_temp_file_write_size 256k;

   include fastcgi_params;
 }

}

http {
log_format main ‘$remote_addr - $remote_user [$time_local] “$request” ‘
’$status $body_bytes_sent “$http_referer” ‘
’"$http_user_agent" “$http_x_forwarded_for”’;

access_log  /var/log/nginx/access.log  main;

sendfile            on;
tcp_nopush          on;
tcp_nodelay         on;
keepalive_timeout   65;
types_hash_max_size 2048;

include             /etc/nginx/mime.types;
default_type        application/octet-stream;

include /etc/nginx/sites-enabled/*.conf;

# Real IP
set_real_ip_from X.X.X.X;
real_ip_header X-Forwarded-For;

gzip on;
gzip_disable "msie6";

gzip_vary on;
gzip_proxied any;
gzip_comp_level 6;
gzip_buffers 16 8k;
gzip_http_version 1.1;
gzip_types text/plain text/css application/json application/javascript application/x-javascript text/xml application/xml application/xml+rss text/javascript;

}

Thanx