Using Node.js, LAMP(Wordpress), Nginx & Ssl(https) on the same server(Ubuntu) & configurations

My goal was using Node.js & LAMP(Wordpress) together on the same Ubuntu server over https. This blog demonstrates my Nginx and Wordpress configuration. I'll explain step by step to what I did.

But before my configurations, I want you to see final situtation of my server.

Port 3000 ---> Node-Server (Which is actually my main app)
Port 4000 ---> Apache-Server (Which runs Wordpress app)

The main idea is to use my Wordpress application as a sub route of my Node.js app.

For example;

https://www.domain.com/ + anyPath ---> Goes to my Node.js App
https://www.domain.com/PATH-TO-WORDPRESS-HOME ---> Goes to my Wordpress App

also I want to redirect all the http paths to https.

So let's begin.

Step 1: Routing http to https on Nginx

As I said before my Node application was running on port 300. This is actually my main application. I used Nginx to reroute my port 3000 to 443 for https.

For achieving this, inside etc/nginx/sites-enabled/default

...
server {  
    listen 80;
    server_name localhost;
    location / {
        rewrite ^/(.*) https://domain.com/$1 permanent;
    }
}
...

So this part is basically redirect requests http://domain.com/etc to the https://domain.com/etc.

Step 2: Using Node.js on port 443

Let's configure the 443 port redirect to port 3000 which runs Node.js app. To achieve this inside etc/nginx/sites-enabled/default

...
server {  
      listen       443 ssl;
      server_name  localhost;
      ssl_certificate /PATH/TO/YOUR/CRT;
      ssl_certificate_key /PATH/TO/YOUR/KEY;

      location / {
        proxy_pass http://localhost:3000;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection 'upgrade';
        proxy_set_header Host $host;
        proxy_cache_bypass $http_upgrade;
      }
}
...

Now we ran Node.js application run on https.

Step 3: Routing PATH-TO-WORDPRESS-HOME to Apache server on Nginx

We redirected all http routes to https that we did on first and second section.

But still https://domain.com/PATH-TO-WORDPRESS-HOME leading us to Node.js application. So let's redirect our wordpress route to wordpress application.

inside etc/nginx/sites-enabled/default and 443 server block

...
server {  
      listen       443 ssl;
      server_name  localhost;
      ssl_certificate /PATH/TO/YOUR/CRT;
      ssl_certificate_key /PATH/TO/YOUR/KEY;


      /// WE ADD THIS ON STEP 3 ///
      location ^~ /PATH-OF-WORDPRESS-HOME/ {
          proxy_pass         http://localhost:4000;
          proxy_redirect     off;
          port_in_redirect off;
          proxy_set_header   Host $host;
          proxy_set_header   X-Real-IP        $remote_addr;
          proxy_set_header   X-Forwarded-For  $proxy_add_x_forwarded_for;
          proxy_set_header   X-Request-URI    $request_uri;
      }
      ///


      location / {
        proxy_pass http://localhost:3000;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection 'upgrade';
        proxy_set_header Host $host;
        proxy_cache_bypass $http_upgrade;
      }
}
...

Now if you browse http://domain.com/PATH-TO-WORDPRESS-HOME you'll get redirect to https://domain.com/PATH-TO-WORDPRESS-HOME . But you'll notice some scripts,styles and images doesn't work. This is because wordpress configuration. But before wp-config let's do the same for wp-includes/ and wp-content/ inside nginx configuration. So your wordpress application sources will streamed from port 4000.

This is the FINAL Nginx configuration.

server {  
    listen 80;
    server_name localhost;
    location / {
        rewrite ^/(.*) https://domain.com/$1 permanent;
    }
}

server {  
      listen       443 ssl;
      server_name  localhost;
      ssl_certificate /PATH/TO/YOUR/CRT;
      ssl_certificate_key /PATH/TO/YOUR/KEY;

      location ^~ /PATH-OF-WORDPRESS-HOME/ {
          proxy_pass         http://localhost:4000;
          proxy_redirect     off;
          port_in_redirect off;
          proxy_set_header   Host $host;
          proxy_set_header   X-Real-IP        $remote_addr;
          proxy_set_header   X-Forwarded-For  $proxy_add_x_forwarded_for;
          proxy_set_header   X-Request-URI    $request_uri;
      }
    location ^~ /wp-content {
          proxy_pass         http://localhost:4000;
          proxy_redirect     off;
          port_in_redirect off;
          proxy_set_header   Host $host;
          proxy_set_header   X-Real-IP        $remote_addr;
          proxy_set_header   X-Forwarded-For  $proxy_add_x_forwarded_for;
          proxy_set_header   X-Request-URI    $request_uri;
    }
    location ^~ /wp-includes/ {
          proxy_pass         http://localhost:4000;
          proxy_redirect     off;
          port_in_redirect off;
          proxy_set_header   Host $host;
          proxy_set_header   X-Real-IP        $remote_addr;
          proxy_set_header   X-Forwarded-For  $proxy_add_x_forwarded_for;
          proxy_set_header   X-Request-URI    $request_uri;
    }
      location / {
        proxy_pass http://localhost:3000;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection 'upgrade';
        proxy_set_header Host $host;
        proxy_cache_bypass $http_upgrade;
      }
}

Step 4: Configuration for wp-config.php

As the last step we should configure wp-config.php file which is located in Wordpress route.

You'll see the following code part inside wp-config.php

define('WP_HOME','http://domain.com/');  
define('WP_SITEURL','http://domain.com/');  

You should change it to

define('WP_HOME','/PATH-OF-WORDPRESS-HOME');  
define('WP_SITEURL','/');  

To be honest I'm not an expert of Wordpress and dont know what these definition does in Wordpress. But if you want to fix your content urls(like wp-content/ or wp-includes/) you should change them like this.

After all they should all work fine.

Between making these changes dont forget to restart your nginx service on your server. Otherwise your new configurations wont work.

Dont hesitate to contact me if you have any question.