Wordpress inside docker container behind nginx proxy with ssl

Question

I alm facing a problem on my server configuration, and I can't figure out what am I doing wrong.

So I have a nginx proxy like this :

server {
    listen *:443 ssl;
    ssl_certificate /root/software/keys/mywebsite.keys/mywebsite.crt;
    ssl_certificate_key /root/software/keys/mywebsite.keys/mywebsite.key;

    server_name www.mywebsite.com mywebsite.com;

    access_log /var/log/nginx/mywebsite.access.log;
    error_log /var/log/nginx/mywebsite.error.log;

    root /srv/new-website;
    index index.html index.htm index.php;

    location  / {
        proxy_redirect          off;
        proxy_set_header        Host            $host;
        proxy_set_header        X-Real-IP       $remote_addr;
        proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
        client_body_buffer_size 128k;
        proxy_connect_timeout   90;
        proxy_send_timeout      90;
        proxy_read_timeout      90;
        proxy_buffers           32 4k;
        proxy_set_header X-Forwarded-Proto https;
        proxy_pass http://127.0.0.1:8082;
    }
}

My container is listening on port 8082 in my docker-compose.yml file :

version: '2'

services:
    websites:
        build: 
            context: ./dockerfiles/                                        
            args:                                                                      
                MYSQL_ROOT_PASSWORD: MyPassword
        volumes:
            - ./logs:/var/log
            - ./html:/var/www
            - ./mysql-data:/var/lib/mysql
        ports:
            - "8082:80"

Inside my container, I am installing nginx, with this configuration :

server {
    listen *:80;

    server_name www.mywebsite.com mywebsite.com;

    access_log /var/log/nginx/mywebsite.access.log;
    error_log /var/log/nginx/mywebsite.error.log;

    root /var/www/mywebsite;
    index index.html index.htm index.php;

    # WordPress single blog rules.
    # Designed to be included in any server {} block.

    # Uncomment the code below to use htpasswd authentication
    #location ~* (wp-login)\.php$ {
    #    auth_basic            "Administrator Login";
    #    auth_basic_user_file  /full/path/to/.htpasswd;
    #}

    # This order might seem weird - this is attempted to match last if rules below fail.
    # http://wiki.nginx.org/HttpCoreModule
    location / {
        try_files $uri $uri/ /index.php?$args;
    }

    # Add trailing slash to */wp-admin requests.
    rewrite /wp-admin$ $scheme://$host$uri/ permanent;

    # Directives to send expires headers and turn off 404 error logging.
    location ~* ^.+\.    (ogg|ogv|svg|svgz|eot|otf|woff|mp4|ttf|rss|atom|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf)$ {
       access_log off; log_not_found off; expires max;
    }

    # Uncomment one of the lines below for the appropriate caching plugin (if used).
    #include global/wordpress-wp-super-cache.conf;
    #include global/wordpress-w3-total-cache.conf;

    location ~ [^/]\.php(/|$) {

        try_files $uri =404;
        fastcgi_split_path_info ^(.+\.php)(/.+)$;

        fastcgi_index index.php;
        include fcgi.conf;
        fastcgi_pass unix:/var/run/php5-fpm.sock;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
    }
}

I alos configured my woordpress site with inside the wp-config.php

define('FORCE_SSL_ADMIN',   true);
define('FORCE_SSL_LOGIN',   true);
define('FORCE_SSL_CONTENT', true);

And changed the url inside the databse with the correct url https://www.mywebsite.com

My proble is, I've got the ERR_TOO_MANY_REDIRECTS problem. The proxy seems to work well, since I have some nginx logs inside the container :

[20/Mar/2017:10:50:17 +0100] "GET /wp-login.php HTTP/1.1" 302 5 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36"

Thanks all for the help you can provide.

EDIT 1 :

So I continue on my problem, and probably find some answers. The problem seems to be on wordpress, and not on the proxy configuration.

If I add :

define('WP_CACHE', true); // Added by W3 Total Cache
echo 'test';exit();

inside the wp-config.php, my website is loaded with my correct certificate, and eveything is working well. So my problem seems to be on wordpress, which is looping on https, but I can't figure out why. I will try to debug step by step.

Mayous · Accepted Answer · 2017-03-20 18:38:49Z

16

Finally, I found the solution. The reverse proxy was working well. The problem was in the wordpress configuration which is waiting for $_SERVER['HTTPS'] = 'on'. But as I am working on nginx inside my container, wordpress keep redirecting the website on HTTPS.

So I just set $_SERVER['HTTPS'] = 'on'; at the top of wp-config.php and that's it.

Hope this can help sometime.

answered Mar 20, 2017 at 18:38

Mayous

2,1683 gold badges15 silver badges19 bronze badges

Sign up to request clarification or add additional context in comments.

1 Comment

flks Over a year ago

Life saver! Also, a fastcgi_param HTTPS 'on'; in the nginx configuration for PHP files works good

GreensterRox · Accepted Answer · 2017-03-20 11:17:56Z

1

You are getting too many redirects because you're listening on 443:

listen *:443 ssl;

And redirecting to 443

proxy_set_header X-Forwarded-Proto https;

Remove this line from your nginx.conf:

proxy_set_header X-Forwarded-Proto https;

answered Mar 20, 2017 at 11:17

GreensterRox

7,2702 gold badges29 silver badges34 bronze badges

1 Comment

Mayous Over a year ago

Thanks for your answer. I found this line in another question, so I added it for testing. I just removed it but still have the 302 problem...

Cogwizzle · Accepted Answer · 2017-06-05 12:27:44Z

0

Just had a similar problem setting everything up. Below is an example YAML file that worked for me.

version: '2'

services:

  wordpress:
    image: wordpress
    ports:
      - 8080:80
    environment:
      WORDPRESS_DB_PASSWORD: MyPassword
      VIRTUAL_HOST: example.com # replace with real domain
      LETSENCRYPT_HOST: example.com # replace with real domain
      LETSENCRYPT_EMAIL: [email protected] # replace with real email

  mysql:
    image: mysql:5.7
    environment:
      MYSQL_ROOT_PASSWORD: MyPassword

  nginx-proxy:
    image: jwilder/nginx-proxy
    container_name: nginx-proxy
    ports:
      - 80:80
      - 443:443
    volumes:
      - /etc/certs:/etc/nginx/certs:ro
      - /var/run/docker.sock:/tmp/docker.sock:ro
      - /etc/nginx/vhost.d
      - /usr/share/nginx/html
    labels:
      com.github.jrcs.letsencrypt_nginx_proxy_companion.nginx_proxy: "true"

  letsencrypt:
    image: jrcs/letsencrypt-nginx-proxy-companion
    container_name: letsencrypt
    volumes:
      - /etc/certs:/etc/nginx/certs:rw
      - /var/run/docker.sock:/var/run/docker.sock:ro
    volumes_from:
      - nginx-proxy

answered Jun 5, 2017 at 12:27

Cogwizzle

5504 silver badges14 bronze badges

1 Comment

Surendra Patil Over a year ago

I am getting "502 Bad Gateway" on https

Collectives™ on Stack Overflow

Wordpress inside docker container behind nginx proxy with ssl

3 Answers 3

1 Comment

1 Comment

1 Comment

Your Answer

Hot Network Questions

Collectives™ on Stack Overflow

3 Answers 3

1 Comment

1 Comment

1 Comment

Your Answer

Sign up or log in

Post as a guest

Related