Bypass SSL on localhost when hitting nginx status

Question

I have a location for /nginx_status, and I installed an SSL cert last night.

server {
    listen 443;
    ...
    location /nginx_status {
        stub_status on;
        access_log off;
        allow 127.0.0.1;
        deny all;
    }
}

This was working pre-cert installation when it was still on port 80. Now, I have redirects in place to redirect www.domain.tld and domain.tld traffic to https e.g.

server {
        listen 80;
        server_name domain.tld;
        return 301 https://domain.tld$request_uri;
}

server {
        listen 80;
        server_name www.domain.tld;
        return 301 https://domain.tld$request_uri;
}

I'm using graphdat-relay to monitor nginx stats, and now curl http://127.0.0.1/nginx_status just gets the redirect page e.g.

<html>
<head><title>301 Moved Permanently</title></head>
<body bgcolor="white">
<center><h1>301 Moved Permanently</h1></center>
<hr><center>nginx/1.6.2</center>
</body>
</html>

How do I tell nginx to bypass SSL and allow /nginx_status locally only?

score 12 · Accepted Answer · answered Oct 10 '14 at 12:30

Add a special server for this that only listens on the local host.

server {
    listen 127.0.0.1:80;
    listen [::1]:80;
    ...
    location /nginx_status {
        stub_status on;
        access_log off;
        allow 127.0.0.1;
        deny all;
    }
}

Bypass SSL on localhost when hitting nginx status

1 Answers1