In this article we list steps of basic Nginx configuration, in PROXY mode, with SSL. Nginx works as SSL terminator and proxies all requests to Apache port 80. In this recommended mode SSL certificate has to be installed in advance via cPanel SSL function.
In order to improve web site loading speeds for our shared cPanel customers, RedyHost implemented high performance stack using Nginx.
Nginx works in two different modes, allowing to proxy requests to Apache (and cache static files) or to serve PHP scripts directly, bypassing slower Apache web server completely. In both cases Nginx supports Google's famous mod_pagespeed module, allowing to compress and minify web page size. mod_pagespeed is configured in core filters mode to avoid compatibility issues with different CMS and website types. Core filters proven to work great for 99.99% of use cases, reducing page size and number of connections for up to 3x times.
By default, for all new accounts, Nginx is configured in Proxy mode.
To access Nginx configuration
- login to cPanel and click Nginx link
Configuring a domain in Nginx Proxy mode with SSL
In such configuration we recommend that you disable any SSL redirection functions in Apache. Apache will listen on port 80 and no SSL functions or redirects should be enabled in Apache, .htaccess file or in plugins of your website.
Drupal specific instructions
If you run Drupal, we recommend to disable securepages module. For Drupal 7, add the following to your settings.php file
$conf["https"] = TRUE;
$base_url = "https://[your-website-full-url]"; // Do not add / at the end.
If you have redirection to
www. in your
.htaccess file, make sure the
$base_url variable includes
www. in the URL of your website.
Configuring Nginx as SSL terminator in Proxy mode
- Click Nginx link (see above)
- Select domain to manage and click Configure button
- Accept the default options in the next page and click Submit button
- Ensure Backend type shows Apache (default). You can enable or disable mod_pagespeed option.
4.1. Nginx cache is disabled
4.2 Nginx cache is enabled
#FF0000;">- Do not select apache_SSL backend type, to avoid triple SSL encryption and decryption between Apache and Nginx.
#FF0000;">- Do not select redirect backend type to avoid infinite redirect loop
- Check your website is operational via SSL (https://yourdomain.com). To reconfigure Nginx, click the N logo in the top left corner
To configure non-SSL to SSL redirect (port 80 to port 443)
- Navigate to the beginning of Nginx configuration by clicking the Nginx logo (top left corner)
- Select non-SSL domain and click Configure button
- Ensure the Auto option is selected in the next page and click Submit
- Select PROXY as the backend type and click PROCEED button
- Select configuration template 'Nginx redirect http to https' and click GENERATE button
- Confirm your website redirects from http to https and no redirect loop occurs.