Develop Reference

Nginx HTTPS (443) config ignored and HTTP (80) used instead

I was trying to redirect non secure (domain.com and www.domain.com) to secure version and I was getting a "too many redirects" error.
So, I decided to simplify the config to test and try to find out the error.
server {
listen 80;
listen [::]:80 ipv6only=on;
server_name example.com www.example.com;
return 302 https://www.google.com;
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2 ipv6only=on;
ssl_certificate /etc/ssl/cert.pem;
ssl_certificate_key /etc/ssl/cert.key;
server_name example.com www.example.com;
return 302 https://www.amazon.com;
}
If I am not wrong, when I visit http://example.com/ or http://www.example.com/, I should be redirected to https://www.google.com
And I if I visit https://example.com/ or https://www.example.com/, I should be redirected to https://www.amazon.com
But, any case, I am always redirected to https://www.google.com. What is wrong?

Your browser might be caching the redirects.
Try using Incognito windows for both the test cases. Your config file seems to be fine.
For your domain.com, you can have following configuration:
server {
server_name _;
listen 443;
root /var/www/html;
location / {
try_files $uri $uri/ /index.html;
}
}
server {
listen 80;
server_name _;
return 301 https://$host$request_uri;
}

nginx config catches domains not specified in server_name

I have two configs enabled in my nginx sites-enabled folder.
The first one (my-domain.fr.conf) looks like this:
server {
listen 443 ssl http2;
server_name my-domain.fr;
index index.html;
location / {
root /www/my-domain.fr;
}
include ssl_certif.conf;
}
# HTTP redirect
server {
listen 80 default_server;
server_name my-domain.fr;
location / {
return 301 https://my-domain.fr$request_uri;
}
}
The second one (sub.my-domain.fr.conf) looks like this:
server {
location / {
proxy_pass http://127.0.0.1:8080;
}
include ssl_certif.conf;
server_name sub.my-domain.fr;
listen [::]:443 ssl;
}
server {
if ($host = sub.my-domain.fr) {
return 301 https://$host$request_uri;
}
server_name sub.my-domain.fr;
listen [::]:80;
return 404;
}
I would expect the last one to only catch requests to sub.my-domain.fr subdomains, but instead it catches anything (I have wildcards subdomains set up on my DNS), and even masks my-domain.fr.
How can I make sure it only catches sub.my-domain.fr requests?

I found the reason.
sub.my-domain.fr supports ipv6 (listen [::]:443 ssl;). my-domain.fr doesn't.
I suppose my connection is using ipv6 when it can, and in this case, sub.my-domain.fr is the only match.
Adding ipv6 support (listen 443 ssl => listen [::]:443 ssl;, and listen 80; => listen [::]:80;) in all server entries fix it.

Ngnix setup for dedicated subdomains

I want Ngnix to handle only a few subdomains and if it is not matching it should return an 404.
The following subdomains should work: domain.com, www.domain.com, api.domain.com and ftp.domain.com.
I use the following config:
server {
listen 80;
listen [::]:80;
server_name *.domain.com;
return 301 https://$host$request_uri;
}
server {
listen 443;
listen [::]:443 ipv6only=on;
server_name domain.com www.domain.com api.domain.com ftp.domain.com;
.....
}
server {
listen 443 default_server;
server_name _;
return 444;
}
The problem is that the website keeps working on every subdomain like test.domain.com. Of casurse the DNS is setup with an wildcard and I don't want to change that.
With adding the default_server I'm getting ssl errors?
Any suggestions?

Nginx won't redirect http to https

I can't figure this out. Can you help?
This is my setup:
Single website on server.
Going to http://... worked fine until I added the https://... settings to my site config.
Going to https://... now works fine.
Going to http://... now just times out.
server {
listen 80;
server_name mywebsite.io www.mywebsite.io;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl;
server_name mywebsite.io www.mywebsite.io;
root /var/www/mywebsite.io/public_html;
index index.html index.htm;
ssl on;
ssl_certificate /etc/ssl/certs/cert_chain.crt;
ssl_certificate_key /etc/ssl/certs/mywebsite.key;
}
Am I doing something stupid?
Cheers

Try:
server {
listen 80;
server_name mywebsite.io www.mywebsite.io;
return 301 https://$host$request_uri;
}
As $server_name is ambiguous when you have more than one.

nginx redirect HTTPS to HTTP

How can i redireect from https to http?
i have the code below but it does not seem to work.
server {
listen 443;
server_name example.com;
rewrite ^(.*) http://example.com$1 permanent;
}

The answer above will work, you need to generate a self signed cert (or have a real one) and configure nginx as such:
server {
listen *:443;
ssl on;
server_name domain.com;
rewrite ^(.*) http://domain.com$1 permanent;
ssl_certificate /data/certs/domain.crt;
ssl_certificate_key /data/certs/domain.key;
}
Keep in mind, if it is a self signed cert the browser will give you an ugly warning.

Building off jberger's comment a configuration that should work would be:
server {
listen *:80;
server_name example.com;
}
server {
listen *:443 ssl;
server_name example.com;
ssl_certificate /etc/ssl/certs/example.com.cert;
ssl_certificate_key /etc/ssl/private/example.com.key;
return 301 http://$server_name$request_uri;
}

if ($host = 'foo.com') {
rewrite ^/(.*)$ http://www.foo.com$1 permanent;
}

You need to create 2 separate server blocks:
Port 443 (HTTPS) - Define everything like PHP, 404, home, root etc in this block. Even if you want to redirect https://www.example.com to https://example.com or vice-versa, do it over here as #coulix has done.
Port 80 (HTTP) - In here you will just use:
server {
listen 80;
listen [::]:80;
server_name example.com www.example.com;
# Redirect HTTP to HTTPS
return 301 https://example.com$request_uri;
}