Tag Archives: Nginx

Add Charset to css and js files

June 7, 2021 Lloyd Day AMP Version

I noticed that my css and js files were being served without the charset in the content type…

content-type: text/css;

It should be (source)…

content-type: text/css; charset=UTF-8

Per Domain

To resolve, login to Plesk and navigate to your domain, and click Apache & nginx Settings, scroll down to Additional nginx directives and add…

charset UTF-8;
charset_types text/plain text/css text/xml application/json application/manifest+json application/javascript application/rss+xml image/svg+xml;

as you can see, you can just list the file types as you would for gzip_types.

Server-wide

You can also apply this server-wide by creating a file in /etc/nginx/conf.d and adding the same directives I mentioned in the previous step.

# nano /etc/nginx/conf.d/charset.conf

Adding…

charset UTF-8;
charset_types text/plain text/css text/xml application/json application/manifest+json application/javascript application/rss+xml image/svg+xml;

You then just need to restart Nginx and you are done.

# systemctl restart nginx

Updated to add server-wide and image/svg+xml.

Plesk

Secure Redirects in Plesk

February 29, 2016 Lloyd Day AMP Version

More and more sites are only available via https, now with the Let’s Encrypt extension available in Plesk 12.5 it’s even easier to make your site secure. As such I thought it would be a good time to write this guide.

This guide assumes…

- You have already setup your SSL Certificate in Plesk for your domain,
- You are using Apache (FastCGI or FPM) and Nginx is serving static files,
- You want your site to be https only, redirecting all http requests to https
- You have set preferred domain in Plesk to www.domain.tld

Apache

I’ll start with Apache, browse to your domain in Plesk and click on Additional Apache & Nginx settings. under Additional directives for HTTP use this redirect..

<IfModule mod_rewrite.c>
	RewriteEngine On
	RewriteCond %{HTTPS} off
	RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L,QSA]
</IfModule>

And Additional directives for HTTPS…

<IfModule mod_headers.c>
       Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
</IfModule>

If you use Plesk’s built in SEO Safe redirect (preferred domain) from domain.tld to www.domain.tld, you will need to turn this off and add the following in the Additional HTTPS directives…

<IfModule mod_rewrite.c>
	RewriteEngine On
	RewriteCond %{HTTP_HOST} ^domain.tld$ [NC]
	RewriteRule ^(.*)$ https://www.domain.tld$1 [L,R=301]
</IfModule>

Nginx

Now onto the Nginx directives…

if ($scheme != https) {
    return 301 https://$host$request_uri;
}

Notice I’m using $scheme rather than the more common $host, as using the $host rewrite affected ssllabs scores in that domain.tld and www.domain.tld would score differently after adding HPKP and HSTS headers in Apache.

I hope that helps someone.

Updated to reflect changes at: https://hstspreload.org/

Plesk

Add DHParam to Plesk Panel

May 23, 2015 Lloyd Day AMP Version

You can fix Logjam for the Plesk Panel by simply adding the standard Nginx dhparam directive to the plesk.conf file.
Very similar to previous posts on adding OCSP and HSTS to Plesk.

First you will need to create your dhparam, you can follow my guide Creating DH Parameters, and then locate the file and edit with your favourite editor…

# nano /etc/sw-cp-server/conf.d/plesk.conf

And add the Nginx ssl_dhparam directive above the certificate entries like so…

ssl_dhparam /etc/ssl/dh/RSA2048.pem;
ssl_certificate /opt/psa/admin/conf/httpsd.pem;
ssl_certificate_key /opt/psa/admin/conf/httpsd.pem;

Save the file and restart the Plesk server…

# service sw-cp-server restart

And you are good to go.
I hope that helps someone.

My Blog