Nginx config - restarts but site down

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:
anners2honduras.org
I ran this command:
systemctl restart nginx
It produced this output:
restarted but site down
My web server is (include version):
nginx 1.18.0
The operating system my web server runs on is (include version):
amazon linux 2
My hosting provider, if applicable, is:
AWS
I can login to a root shell on my machine (yes or no, or I don’t know):
yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
no
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): 1.3.0

I used the certbot-dns-route53 plugin as I wanted a wildcard cert. Seems to have worked OK. Changed the owner of the certs to nginx as that is the nginx process. Left the permissions as they were. This is the nginx.conf I am trying (only thing changed is anything “managed by Certbot”):

server {
listen 80;
listen 443 ssl; # managed by Certbot
server_name anners2honduras.org *.anners2honduras.org;

root /var/www/html/;
	
ssl_certificate /etc/letsencrypt/live/anners2honduras.org/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/anners2honduras.org/privkey.pem; # managed by Certbot
	
    ssl_session_cache shared:le_nginx_SSL:1m; # managed by Certbot
    ssl_session_timeout 1440m; # managed by Certbot
	
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # managed by Certbot
    ssl_prefer_server_ciphers on; # managed by Certbot
	
ssl_ciphers "ECDHE-ECDSA-AES128-GCM-SHA256 ECDHE-ECDSA-AES256-GCM-SHA384 ECDHE-ECDSA-AES128-SHA ECDHE-ECDSA-AES256-SHA ECDHE-ECDSA-AES128-SHA256 ECDHE-ECDSA-AES256-SHA384 ECDHE-RSA-AES128-GCM-SHA256 ECDHE-RSA-AES256-GCM-SHA384 ECDHE-RSA-AES128-SHA ECDHE-RSA-AES128-SHA256 ECDHE-RSA-AES256-SHA384 DHE-RSA-AES128-GCM-SHA256 DHE-RSA-AES256-GCM-SHA384 DHE-RSA-AES128-SHA DHE-RSA-AES256-SHA DHE-RSA-AES128-SHA256 DHE-RSA-AES256-SHA256 EDH-RSA-DES-CBC3-SHA"; # managed by Certbot
	
   if ($scheme != "https") {
   return 301 https://$host$request_uri;
    } # managed by Certbot
	
    location / {
    index index.php index.html index.htm;
    try_files $uri $uri/ /index.php?$args;
	}
	
location ~ \.php$ {
try_files $uri =404;
    fastcgi_pass   127.0.0.1:9000;
    fastcgi_index  index.php;
    fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
    include        fastcgi_params;
fastcgi_read_timeout 1200;
    }

    # Add trailing slash to */wp-admin requests.
    rewrite /wp-admin$ $scheme://$host$uri/ permanent;

    # Directives to send expires headers and turn off 404 error logging.
    location ~* ^.+\. (ogg|ogv|svg|svgz|eot|otf|woff|mp4|ttf|rss|atom|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf)$ {
    access_log off; log_not_found off; expires max;
    }
	
    location ~ ^/\.user\.ini {
    deny all;
    }
 
 location ~ /wp-content/cache/page_enhanced.*gzip$ {
    gzip off;
    types {}
    default_type text/html;
    add_header Content-Encoding gzip;
    }

#error_page  404              /404.html;

    # redirect server error pages to the static page /50x.html
    #
    error_page   500 502 503 504  /50x.html;
    location = /50x.html {
        root   html;
    }

    }

I can restart nginx, but it kills the site. Have tried it with both http:// and https://. Any help appreciated.

1 Like

What’s the error message in the nginx log? It’s just a guessing game now.

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.