I am using nginx and I figured out how to redirect http://[IP address] to my domain but I can't get https to work. I've tried:
server {
listen 443;
server_name 31.220.108.250;
return 301 https://mosachi.ga$request_uri;
}
but it doesn't work.
I wanted to redirect all different urls like:
http://example.com,
https://something.example.com
https://api.example.com
https://232.231.14.13
http://232.231.14.13
to https://example.com, so I went with something like:
server {
listen 80;
server_name example.com www.example.com;
return 301 https://example.com$request_uri;
}
server {
listen 443 ssl;
if ($host != "example.com") {
return 301 https://example.com$request_uri;
}
ssl_certificate /ssl/example.pem;
ssl_certificate_key /ssl/example.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
....
Related
what I try to achieve (redirecting only non-www to www - ignoring all subdomains)
example.com > https://www.example.com
example.com/query-string > https://www.example.com/query-string
http://example.com > https://www.example.com
https://example.com > https://www.example.com
es.example.com > https://es.example.com
http://es.example.com > https://es.example.com
http://es.example.com/query-string > https://es.example.com/query-string
...
My version is 1.22.1.
What I got so far:
server {
listen 80;
listen [::]:80;
server_name *.example.com;
return 301 https://$host$request_uri;
}
server {
listen 80;
listen [::]:80;
listen 443 ssl http2;
listen [::]:443 ssl http2;
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/example.com/key.pem;
ssl_trusted_certificate /etc/letsencrypt/live/example.com/ca.pem;
ssl_stapling_verify on;
server_name example.com;
#return 301 https://www.example.com$request_uri;
return 301 https://www.$host$request_uri;
}
server {
server_name www.example.com;
access_log /var/log/nginx/example.com.access.log rt_cache;
error_log /var/log/nginx/example.com.error.log;
root /var/www/example.com/htdocs;
index index.php index.html index.htm;
include ...
}
Second server block don't work. This
return 301 https://www.example.com$request_uri;
does not work because it redirs all subdomains to www (https://de.example.com > https://www.example.com)
This
return 301 https://www.$host$request_uri;
does not work even it redirs non-www do www version but in the same time it redirs all subdomains to www.subdomain (https://de.example.com > https://www.de.example.com).
I think the problem is in the server_name of the second server block. Any ideas how to solve this?
Try to use this config:
server {
listen 80;
server_name example.com www.example.com;
return 301 https://www.example.com$request_uri;
}
server {
listen 80;
server_name "~(?<!www)\.example\.com$";
return 301 https://$host$request_uri;
}
server {
listen 443 ssl;
server_name example.com;
return 301 $scheme://www.$host$request_uri;
}
server {
listen 443 ssl;
server_name *.example.com;
...
}
I have my below nginx config, I'm trying to redirect everything to https://www regardless of what comes in for example http://example.com, http://www.example.com or https://example.com.
I've looked at numerous topics on SO and tried a couple of things but still stumped, I can't ever get https://example.com to redirect to the https://www pattern!?
server {
listen 80;
listen 443 ssl;
server_name example.com;
return 301 https://www.example.com$request_uri;
}
server {
listen 443 ssl;
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
ssl_dhparam /etc/nginx/ssl/dhparams.pem;
ssl_session_timeout 30m;
ssl_session_cache shared:SSL:10m;
ssl_buffer_size 8k;
add_header Strict-Transport-Security max-age=31536000;
root /usr/share/nginx/html;
# Load configuration files for the default server block.
include /etc/nginx/default.d/*.conf;
location / {
}
error_page 404 /404.html;
location = /40x.html {
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
}
Make one server block a default server and give the other server block the one true server_name.
server {
listen 80 default_server;
listen 443 ssl default_server;
ssl_certificate ...;
ssl_certificate_key ...;
return 301 https://www.example.com$request_uri;
}
server {
listen 443 ssl;
server_name www.example.com;
ssl_certificate ...;
ssl_certificate_key ...;
...
}
The default server for https requires a valid certificate. Assuming you have a wildcard certificate - most of the ssl_ statements could be moved into the outer block and be inherited by both server blocks. For example:
ssl_certificate ...;
ssl_certificate_key ...;
ssl_...;
server {
listen 80 default_server;
listen 443 ssl default_server;
return 301 https://www.example.com$request_uri;
}
server {
listen 443 ssl;
server_name www.example.com;
...
}
See this document for more.
I have my app hosted in the base URL: https://myapp.com/
Now I want to add re-directions from "www" to "non www" / "http" to "https", where:
https://myapp.com/
https://www.myapp.com/
http://myapp.com/
http://www.myapp.com/
Last 3 URLs should 301 redirect to the first one.
Right now second URL is not redirected and the last 2 are redirected using a 307 redirection instead of 301.
Here is my nginx configuration:
server {
listen 80;
server_name myapp.com www.myapp.com;
location / {
return 301 https://$host$request_uri;
}
}
server {
listen 443 ssl;
server_name myapp.com www.myapp.com;
server_tokens off;
ssl_certificate /etc/nginx/conf.d/self-signed-fullchain.pem;
ssl_certificate_key /etc/nginx/conf.d/self-signed-privkey.pem;
include /etc/nginx/conf.d/options-ssl-nginx.conf;
ssl_dhparam /etc/nginx/conf.d/ssl-dhparams.pem;
location / {
root /usr/share/nginx/html;
index index.html index.htm;
}
location ~ ^/(api)/ {
proxy_pass http://myapp:3000;
}
}
So how can I actually do this?
Just add one more server block with server_name www.myapp.com;, and add redirect:
return 301 https://myapp.com$request_uri;
Edit main server block to server_name myapp.com;
Should be something like that:
server {
listen 80;
server_name myapp.com www.myapp.com;
location / {
return 301 https://$host$request_uri;
}
}
server {
listen 443 ssl;
server_name www.myapp.com;
server_tokens off;
ssl_certificate /etc/nginx/conf.d/self-signed-fullchain.pem;
ssl_certificate_key /etc/nginx/conf.d/self-signed-privkey.pem;
include /etc/nginx/conf.d/options-ssl-nginx.conf;
ssl_dhparam /etc/nginx/conf.d/ssl-dhparams.pem;
return 301 https://myapp.com$request_uri;
}
server {
listen 443 ssl;
server_name myapp.com;
server_tokens off;
ssl_certificate /etc/nginx/conf.d/self-signed-fullchain.pem;
ssl_certificate_key /etc/nginx/conf.d/self-signed-privkey.pem;
include /etc/nginx/conf.d/options-ssl-nginx.conf;
ssl_dhparam /etc/nginx/conf.d/ssl-dhparams.pem;
location / {
root /usr/share/nginx/html;
index index.html index.htm;
}
location ~ ^/(api)/ {
proxy_pass http://myapp:3000;
}
}
I have a domain name called example.com now I have server running in VPS and example.com working fine. Now I want to redirect www.example.com to https://example.com
Working:
When user lands http://example.com -> nginx -> https://example.com now I want
I want:http://www.example.com -> https://example.com or http://example.com
Here is my existing domain configurations
nginx config
upstream backend {
server localhost:3000;
server localhost:3001;
}
server {
listen 443 ssl;
server_name example.com;
ssl_certificate cert.cert;
ssl_certificate_key privatekey.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
location / {
proxy_pass http://backend;
}
}
server {
listen 80;
server_name www.example.com;
return 301 https://example.com$request_uri;
}
server {
listen 443;
server_name www.example.com;
return 301 https://example.com$request_uri;
}
server {
listen 80;
return 301 https://$host$request_uri;
}
How to rewrite the url to use www and https all the time?
// The url can have https but not www
https://example.com
// The url can have www but not https
http://www.example.com
// The url can have neither https, neither www
http://example.com
=> rewrite to https://www.example.com
I already use the following to add https to all requests but what about http? Is there an efficient way of adding it?
server {
listen 80;
listen [::]:80;
return 301 https://$host$request_uri;
}
Thanks
Create 2 server blocks to handle the exceptions and 1 server block for the usual stuff.
server {
listen 80;
server_name www.domain.com
domain.com;
return 301 https://www.domain.com$request_uri;
}
server {
listen 443 ssl;
server_name domain.com;
return 301 https://www.domain.com$request_uri;
}
server {
listen 443 ssl;
server_name www.domain.com;
#
# The usual stuff..
#
}
TanHongTat answers is good but you have to take into account the default server behavior of nginx. If no server block matches, it will take the first one even though you defined server_name.
Also, do not forget to add the ssl certificate and key even for the block with only a return.
I ended up doing the following:
# Default server for http
server {
listen 80;
listen [::]:80;
return 301 https://www.domain.com$request_uri;
}
# Default server for https
server {
listen 443;
return 301 https://www.domain.com$request_uri;
ssl on;
ssl_certificate /..../ssl_certificate.crt;
ssl_certificate_key /..../ssl_certificate.key;
# Disable SSLv3 vulnerability
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
}
server {
listen 443;
server_name www.domain.com;
ssl on;
ssl_certificate /..../ssl_certificate.crt;
ssl_certificate_key /..../ssl_certificate.key;
# Disable SSLv3 vulnerability
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
#
# The usual stuff..
#
}