I have installed ssl on my server and it's working fine but the issue is that if any user try to access site without https than he/she get redirect to https without query string.
http://example.com?av=23423423 to https://example.com only it's not redirect with query string. I have try to add below code but it's not working.
if ($http_x_forwarded_proto = "http") {
return 301 https://$server_name$request_uri;
}
My conf file is below, anybody can help in this?
upstream mysitecombackend {
server unix:/var/run/php-fcgi-mysitecom.sock;
}
upstream exmplecombackend {
server unix:/var/run/php-fcgi-exmplecom.sock;
}
server {
listen 1.2.4.3:443 ssl;
server_name exmple.com *.exmple.com;
ssl on;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers AES256+EECDH:AES256+EDH:!aNULL;
ssl_prefer_server_ciphers on;
ssl_certificate /etc/ssl/www.exmple.com.cabundle;
ssl_certificate_key /etc/ssl/exmple.key;
location / {
proxy_pass http://127.0.0.1:80;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;
proxy_set_header X-Forwarded-Port 443;
# proxy_set_header Host $host$request_uri;
proxy_set_header Host $host;
proxy_set_header Ssl-Offloaded "1";
}
#rewrite ^/(.*) https://exmple.com/$1 permanent;
}
server {
listen 80 default_server;
server_name exmple.com www.exmple.com;
# return 301 https://$host$request_uri;
root /var/www/vhosts/exmple.com/public;
location / {
index index.html index.php;
try_files $uri $uri/ #handler;
expires 30d;
}
location /app/ { deny all; }
location /includes/ { deny all; }
location /lib/ { deny all; }
location /media/downloadable/ { deny all; }
location /pkginfo/ { deny all; }
location /report/config.xml { deny all; }
location /var/ { deny all; }
location /. {
return 404;
}
location #handler {
rewrite / /index.php;
}
location ~ .php/ {
rewrite ^(.*.php)/ $1 last;
}
include "ssl_offloading.inc";
location ~ .php$ {
if (!-e $request_filename) { rewrite / /index.php last; }
expires off;
fastcgi_pass exmplecombackend;
fastcgi_param HTTPS $fastcgi_https;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
# fastcgi_param MAGE_RUN_CODE default;
# fastcgi_param MAGE_RUN_TYPE store;
include fastcgi_params;
}
}
You never set $http_x_forwarded_proto to http so the if condition is always false.
You might try comparing the variable to https instead, for example:
if ($http_x_forwarded_proto != "https") {
return 301 https://$server_name$request_uri;
}
Related
I'm working on an application that utilizes Elasticsearch on the front-end as well as prerender.io.
I've setup SSL Certs but I cannot get the http to redirect to https, when I tried to add a 301 redirect to the secure version the secure version of the site then breaks.
The redirect at the bottom for the non-www version over to the www version works fine, but if I try to add return 301 https://www.dev.example.com$request_uri; it seems to break the application front-end.
Here's my NGINX Config:
map $http_origin $cors_origin {
default "";
"~^https?:\/\/(www\.)?dev.example.com" "$http_origin";
}
server {
ignore_invalid_headers off;
listen 80;
listen 443 ssl http2;
server_name www.dev.example.com;
ssl_certificate /etc/letsencrypt/live/dev.example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/dev.example.com/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/dev.example.com/chain.pem;
#return 301 https://www.dev.example.com$request_uri;
#Potential redirection placement
root /var/www/example/public;
index index.html index.htm index.php;
charset utf-8;
location / {
try_files $uri $uri/ /index.php?$query_string;
# Begin Prerender.io Config
proxy_set_header X-Prerender-Token exampletoken;
set $prerender 0;
if ($http_user_agent ~* "googlebot|bingbot|yandex|baiduspider|twitterbot|facebookexternalhit|rogerbot|linkedinbot|embedly|quora link preview|showyoubot|outbrain|pinterest|slackbot|vkShare|W3C_Validator") {
set $prerender 1;
}
if ($args ~ "_escaped_fragment_") {
set $prerender 1;
}
if ($http_user_agent ~ "Prerender") {
set $prerender 0;
}
if ($uri ~* "\.(js|css|xml|less|png|jpg|jpeg|gif|pdf|doc|txt|ico|rss|zip|mp3|rar|exe|wmv|doc|avi|ppt|mpg|mpeg|tif|wav|mov|psd|ai|xls|mp4|m4a|swf|dat|dmg|iso|flv|m4v|torrent|ttf|woff|svg|eot)") {
set $prerender 0;
}
#resolve using Google's DNS server to force DNS resolution and prevent caching of IPs
resolver 8.8.8.8;
if ($prerender = 1) {
#setting prerender as a variable forces DNS resolution since nginx caches IPs and doesnt play well with load balancing
set $prerender "service.prerender.io";
rewrite .* /$scheme://$host$request_uri? break;
proxy_pass http://$prerender;
}
# checks for static file, if not found proxy to app
#proxy_pass https://127.0.0.1:9200/example$path/_search?$query_string;
}
# end Prerender.io Config
# Various important file locations
location ~* ^/(robots.txt|admin|api|sitemap.xml|sitemap.xml.gz) {
try_files $uri $uri/ /index.php?$query_string;
}
# Favicon Location
location /favicon.ico {
access_log off;
log_not_found off;
}
# Robots.txt Location
location /robots.txt {
access_log off;
log_not_found off;
}
# NGINX Log Locations
access_log /var/log/nginx/example-access.log;
error_log /var/log/nginx/example-error.log error;
sendfile off;
# PHP Config - 7.3
location ~ (/index|/calculator/.*)\.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/run/php/php7.3-fpm.sock;
#fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_buffers 16 16k;
fastcgi_buffer_size 32k;
include fastcgi_params;
}
# This line below was disabled upon rewrite, leaving in for legacy - DR
# location ~ /\.ht {
# deny all;
# }
# ElasticSearch Config
location ~ ^/es/example(?<path>/.*)?/_(?<msearch>m?)search$ {
# This line below was disabled upon rewrite, leaving in for legacy - DR
# location ~ ^/es/quirks(?<path>/.*)?/_search$ {
access_log /var/log/nginx/elasticsearch.log;
error_log /var/log/nginx/elasticsearch-error.log error;
limit_except OPTIONS POST {
allow 96.93.229.26;
deny all;
}
proxy_pass http://127.0.0.1:9200/quirks$path/_${msearch}search?$query_string;
# This line below was disabled upon rewrite, leaving in for legacy - DR
# proxy_pass http://127.0.0.1:9200/example$path/_search?$query_string;
proxy_redirect off;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;
proxy_set_header X-Forwarded-Port 443;
proxy_set_header Host $http_host;
}
}
server {
listen 80;
listen 443 ssl default_server http2;
server_name dev.quirks.com;
ssl_certificate /etc/letsencrypt/live/dev.quirks.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/dev.quirks.com/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/dev.quirks.com/chain.pem;
return 301 https://www.example.quirks.com$request_uri;
}
{
server {
listen 80;
server_name www.example.com example.com;
return 301 https://www.example.com$request_uri;
}
server { #Redirect https, non-www to https, www
listen 443 ssl spdy;
server_name example.com;
ssl_certificate /var/www/web/example_com.crt;
ssl_certificate_key /var/www/web/www.expample.com.key;
return 301 https://www.example.com$request_uri;
}
server {
# SSL configuration
listen 443 ssl spdy;
server_name www.example.com;
ssl on;
ssl_certificate /var/www/web/example_com.crt;
ssl_certificate_key /var/www/web/www.expample.com.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # do not use SSLv3 ref: POODLE
root /var/www/web;
client_max_body_size 20M;
index index.php;
location / {
index index.php index.html index.htm;
try_files $uri $uri/ /index.php?$args;
}
location ~ ^/(protected|framework|themes/\w+/views) {
deny all;
}
#avoid processing of calls to unexisting static files by yii
location ~ \.(js|css|png|jpg|gif|swf|ico|pdf|mov|fla|zip|rar)$ {
try_files $uri =404;
}
location #bo {
rewrite ^/bo(.*) /bo/index.php?q=$1;
}
location /bo {
index index.php;
try_files $uri $uri/ #bo;
alias /var/www/web/bo;
}
location #app {
rewrite ^/app(.*) /app/index.php?q=$1;
}
location /app {
index index.php;
try_files $uri $uri/ #app;
alias /var/www/web/app;
}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
location ~ \.php$ {
include snippets/fastcgi-php.conf;
include fastcgi_params;
fastcgi_pass unix:/run/php/php7.0-fpm.sock;
fastcgi_param SCRIPT_FILENAME /var/www/web$fastcgi_script_name;
}
# prevent nginx from serving dotfiles (.htaccess, .svn, .git, etc.)
location ~ /\. {
deny all;
access_log off;
log_not_found off;
}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
location ~ /\.ht {
deny all;
}
if (!-e $request_filename) {
rewrite /wp-admin$ $scheme://$host$uri/ permanent;
rewrite ^/[_0-9a-zA-Z-]+(/wp-.*) $1 last;
rewrite ^/[_0-9a-zA-Z-]+(/.*\.php)$ $1 last;
}
}
server {
listen 80;
listen [::]:80;
server_name supp.example.com;
access_log /var/log/nginx/supp.example.com.access.log;
error_log /var/log/nginx/supp.example.com.error.log;
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-NginX-Proxy true;
proxy_pass http://localhost:3001;
proxy_redirect off;
}
}
I had a server on OVH and I migrated to azure, inside the app I had a wordpress that is in the main root, a subfolder with an app on Yii2 and another subfolder with an app on CodeIgniter, When I test the config, everything works fine, I used the testnew.example.com for test it, when I do the deploy and use www.example.com, I got Moved permantly 301 on main root (Wordpress site), the rest of apps works good.
Nginx already running and i need to add location for example.com/owncloud
It turned out that my setting causes redirect loop for the link above.
Also there is an iRedMail bundle installed and it works with its default settings
Here is part of config for example.com/owncloud
location ~ ^/owncloud { rewrite ^ https://$host/owncloud; }
location ~ ^/owncloud(.*) {
alias /var/www/owncloud/;
index index.html;
}
Here is whole conf file
upstream php_workers {
server unix:/var/run/php-fpm.socket;
}
# HTTP
server {
listen 80;
server_name _;
root /var/www;
index index.php index.html index.htm;
location / {
root /var/www;
}
# Normal PHP scripts
location ~ \.php$ {
include fastcgi_params;
fastcgi_pass php_workers;
}
# Redirect webmail/SOGo/iredadmin to HTTPS
location ~ ^/mail { rewrite ^ https://$host$request_uri?; }
location ~* ^/sogo { rewrite ^ https://$host/SOGo; }
location ~ ^/iredadmin { rewrite ^ https://$host$request_uri?; }
location ~ ^/owncloud { rewrite ^ https://$host/owncloud; }
# Deny all attempts to access hidden files such as .htaccess.
location ~ /\. {
deny all;
access_log off;
log_not_found off;
}
# Handling noisy favicon.ico messages
location = /favicon.ico {
access_log off;
log_not_found off;
}
}
# HTTPS
server {
listen 443;
server_name _;
ssl on;
ssl_certificate /etc/ssl/certs/iRedMail.crt;
ssl_certificate_key /etc/ssl/private/iRedMail.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
index index.php index.html index.htm;
location / {
root /var/www;
}
# Deny all attempts to access hidden files such as .htaccess.
location ~ /\. {
deny all;
access_log off;
log_not_found off;
}
# Handling noisy favicon.ico messages
location = ^/favicon.ico {
access_log off;
log_not_found off;
}
# Roundcube webmail
location ~ ^/mail(.*)\.php$ {
include fastcgi_params;
fastcgi_pass php_workers;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /usr/share/apache2/roundcubemail$1.php;
}
location ~ ^/mail(.*) {
alias /usr/share/apache2/roundcubemail$1;
index index.php;
}
location ~ ^/owncloud(.*) {
alias /var/www/owncloud/;
index index.html;
}
location ~ ^/mail/(bin|SQL|README|INSTALL|LICENSE|CHANGELOG|UPGRADING)$ { deny all; }
# Normal PHP scripts
location ~ \.php$ {
include fastcgi_params;
fastcgi_pass php_workers;
}
# iRedAdmin: static files under /iredadmin/static
location ~ ^/iredadmin/static/(.*)\.(png|jpg|gif|css|js) {
alias /usr/share/apache2/iredadmin/static/$1.$2;
}
# iRedAdmin: Python scripts
location ~ ^/mail(.*) {
alias /usr/share/apache2/roundcubemail$1;
index index.php;
}
location ~ ^/owncloud(.*) {
alias /var/www/owncloud/;
index index.html;
}
location ~ ^/mail/(bin|SQL|README|INSTALL|LICENSE|CHANGELOG|UPGRADING)$ { deny all; }
# Normal PHP scripts
location ~ \.php$ {
include fastcgi_params;
fastcgi_pass php_workers;
}
# iRedAdmin: static files under /iredadmin/static
location ~ ^/iredadmin/static/(.*)\.(png|jpg|gif|css|js) {
alias /usr/share/apache2/iredadmin/static/$1.$2;
}
# iRedAdmin: Python scripts
location ~ ^/iredadmin(.*) {
rewrite ^/iredadmin(/.*)$ $1 break;
include uwsgi_params;
uwsgi_pass unix:/var/run/uwsgi_iredadmin.socket;
uwsgi_param UWSGI_CHDIR /usr/share/apache2/iredadmin;
uwsgi_param UWSGI_SCRIPT iredadmin;
uwsgi_param SCRIPT_NAME /iredadmin;
}
# iRedAdmin: redirect /iredadmin to /iredadmin/
location = /iredadmin {
rewrite ^ /iredadmin/;
}
# SOGo
location ~ ^/sogo { rewrite ^ https://$host/SOGo; }
location ~ ^/SOGO { rewrite ^ https://$host/SOGo; }
# For IOS 7
location = /principals/ {
rewrite ^ https://$server_name/SOGo/dav;
allow all;
}
location ^~ /SOGo {
proxy_pass http://127.0.0.1:20000;
#proxy_redirect http://127.0.0.1:20000/SOGo/ /SOGo;
rewrite ^/iredadmin(/.*)$ $1 break;
include uwsgi_params;
uwsgi_pass unix:/var/run/uwsgi_iredadmin.socket;
uwsgi_param UWSGI_CHDIR /usr/share/apache2/iredadmin;
uwsgi_param UWSGI_SCRIPT iredadmin;
uwsgi_param SCRIPT_NAME /iredadmin;
}
# iRedAdmin: redirect /iredadmin to /iredadmin/
location = /iredadmin {
rewrite ^ /iredadmin/;
}
# SOGo
location ~ ^/sogo { rewrite ^ https://$host/SOGo; }
location ~ ^/SOGO { rewrite ^ https://$host/SOGo; }
# For IOS 7
location = /principals/ {
rewrite ^ https://$server_name/SOGo/dav;
allow all;
}
location ^~ /SOGo {
proxy_pass http://127.0.0.1:20000;
#proxy_redirect http://127.0.0.1:20000/SOGo/ /SOGo;
# forward user's IP address
#proxy_set_header X-Real-IP $remote_addr;
#proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
#proxy_set_header Host $host;
proxy_set_header x-webobjects-server-protocol HTTP/1.0;
#proxy_set_header x-webobjects-remote-host 127.0.0.1;
#proxy_set_header x-webobjects-server-name $server_name;
#proxy_set_header x-webobjects-server-url $scheme://$host;
}
location ^~ /Microsoft-Server-ActiveSync {
proxy_pass http://127.0.0.1:20000/SOGo/Microsoft-Server-ActiveSync;
proxy_redirect http://127.0.0.1:20000/Microsoft-Server-ActiveSync /;
}
location ^~ /SOGo/Microsoft-Server-ActiveSync {
proxy_pass http://127.0.0.1:20000/SOGo/Microsoft-Server-ActiveSync;
proxy_redirect http://127.0.0.1:20000/SOGo/Microsoft-Server-ActiveSync /;
}
location /SOGo.woa/WebServerResources/ {
alias /usr/lib/GNUstep/SOGo/WebServerResources/;
}
location /SOGo/WebServerResources/ {
alias /usr/lib/GNUstep/SOGo/WebServerResources/;
}
#proxy_set_header X-Real-IP $remote_addr;
#proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
#proxy_set_header Host $host;
proxy_set_header x-webobjects-server-protocol HTTP/1.0;
#proxy_set_header x-webobjects-remote-host 127.0.0.1;
#proxy_set_header x-webobjects-server-name $server_name;
#proxy_set_header x-webobjects-server-url $scheme://$host;
}
location ^~ /Microsoft-Server-ActiveSync {
proxy_pass http://127.0.0.1:20000/SOGo/Microsoft-Server-ActiveSync;
proxy_redirect http://127.0.0.1:20000/Microsoft-Server-ActiveSync /;
}
location ^~ /SOGo/Microsoft-Server-ActiveSync {
proxy_pass http://127.0.0.1:20000/SOGo/Microsoft-Server-ActiveSync;
proxy_redirect http://127.0.0.1:20000/SOGo/Microsoft-Server-ActiveSync /;
}
location /SOGo.woa/WebServerResources/ {
alias /usr/lib/GNUstep/SOGo/WebServerResources/;
}
location /SOGo/WebServerResources/ {
alias /usr/lib/GNUstep/SOGo/WebServerResources/;
}
location ^/SOGo/so/ControlPanel/Products/([^/]*)/Resources/(.*)$ {
alias /usr/lib/GNUstep/SOGo/$1.SOGo/Resources/$2;
}
}
So I'm setting up an nginx server and installed wordpress and SSL.
The site is working perfectly on both http and https but when I try to redirect http to https via nginx's server block, both http and https results in a endless redirect loop.
Here's my server block
server {
listen 80;
return 301 $server_name$request_uri;
listen 443 ssl spdy;
root /var/www/wordpress;
index index.php index.html index.htm;
server_name www.example.com;
ssl_session_cache shared:SSL:20m;
ssl_session_timeout 10m;
spdy_headers_comp 6;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_certificate /etc/ssl/certs/www.example.com.certchain.crt;
ssl_certificate_key /etc/ssl/private/www.example.com.key;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains";
add_header Alternate-Protocol 443:npn-spdy/2;
proxy_set_header X-Forwarded-Proto https;
access_log /var/log/nginx/example.com.access.log;
error_log /var/log/nginx/example.com.error.log;
error_page 404 /404.html;
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
location / {
proxy_set_header X-Forwarded-Proto $scheme;
# try_files $uri $uri/ =404;
try_files $uri $uri/ /index.php?q=$uri&$args;
if ($http_referer ~* (buttons-for-website.com)) { return 444; }
if ($http_referer ~* (semalt.com)) { return 444; }
}
location ~ \.(hh|php)$ {
proxy_set_header X-Forwarded-Proto https;
proxy_set_header X-Forwarded-Ssl on;
fastcgi_keep_conn on;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
fastcgi_cache_bypass $skip_cache;
fastcgi_no_cache $skip_cache;
fastcgi_cache microcache;
fastcgi_cache_valid 200 60m;
}
location ~ \.php$ {
location #fallback {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_cache_bypass $skip_cache;
fastcgi_no_cache $skip_cache;
fastcgi_cache microcache;
fastcgi_cache_valid 200 60m;
}
# Cache Static Files For As Long As Possible
location ~*
\.(ogg|ogv|svg|svgz|eot|otf|woff|mp4|ttf|css|rss|atom|js|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|$
{
access_log off;
log_not_found off;
expires max;
}
# Security Settings For Better Privacy Deny Hidden Files
location ~ /\. {
deny all;
access_log off;
log_not_found off;
}
# Return 403 Forbidden For readme.(txt|html) or license.(txt|html)
if ($request_uri ~* "^.+(readme|license)\.(txt|html)$") {
return 403;
}
# Disallow PHP In Upload Folder
location /wp-content/uploads/ {
location ~ \.php$ {
deny all;
}
}
}
I'd really appreciate anyone's help. I commented out that "return 301" in 3rd line and google indexed both http and https version of the same page and deindexed most of my pages and dropped rankings for several keywords.
Thanks a bunch in advance!
Try separating the non ssl server block so you'd have this
server {
listen 80;
return 301 https://$host$request_uri;
}
server {
listen 443 ssl spdy;
root /var/www/wordpress;
....
I've just switched from Apache to Nginx.
Then I'm stucked with this problem.
When I was using Apache, first www(sub-domain) could be removed automatically by having this .htaccess
If I want the same on Nginx, how can I do that?
Here's my old .htaccess
.htaccess (I was using this when I was using Apache)
Options +FollowSymLinks -MultiViews
# Turn mod_rewrite on
RewriteEngine On
RewriteBase /
RewriteCond %{HTTP_HOST} ^www\.(test-sample-site\.com)$ [NC]
RewriteRule ^ http://%1%{REQUEST_URI} [R=301,L]
Then here's my current conf for Nginx
etc/nginx/conf.d/rails.conf
upstream sample {
ip_hash;
server unix:/var/run/unicorn/unicorn_sample.sock fail_timeout=0;
}
server {
listen 80;
server_name sample.jp;
root /var/www/html/sample/public;
location /wiki {
alias /usr/share/wiki;
index index.php;
}
location ~ ^/wiki.+\.php$ {
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_split_path_info ^/wiki(.+\.php)(.*)$;
fastcgi_param SCRIPT_FILENAME /usr/share/wiki$fastcgi_script_name;
include /etc/nginx/fastcgi_params;
}
location / {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $http_host;
proxy_redirect off;
if (!-f $request_filename) {
proxy_pass http://sample;
break;
}
}
location ~ ^/assets|system/ {
expires 1y;
add_header Cache-Control public;
log_not_found off;
}
}
UPDATE
upstream sample {
ip_hash;
server unix:/var/run/unicorn/unicorn_sample.sock fail_timeout=0;
}
server {
listen 80;
server_name sample.jp;
root /var/www/html/sample/public;
location /wiki {
alias /usr/share/wiki;
index index.php;
}
location ~ ^/wiki.+\.php$ {
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_split_path_info ^/wiki(.+\.php)(.*)$;
fastcgi_param SCRIPT_FILENAME /usr/share/wiki$fastcgi_script_name;
include /etc/nginx/fastcgi_params;
}
location / {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $http_host;
proxy_redirect off;
if (!-f $request_filename) {
proxy_pass http://sample;
break;
}
}
location ~ ^/assets|system/ {
expires 1y;
add_header Cache-Control public;
log_not_found off;
}
}
server { # <== redirection server block
server_name www.sample.jp;
return 301 sample.jp$request_uri;
}
Add this server block to your config ( at the bottom or top, but outside the other server block )
server {
server_name www.sample.jp;
return 301 sample.jp$request_uri;
}
Your can add it to your config like this
upstream sample { # <== upstream block
# ...
}
server { # <== server block
# ....
}
server { # <== redirection server block
server_name www.sample.jp;
return 301 sample.jp$request_uri;
}
As for what it would do, the $request_uri will append every thing that was in the original URL to the new one, for example
http://www.example.com/a/b/c
$request_uri = /a/b/c
new URL will be
http://example.com/a/b/c
I believe it should append the query string too, the ?x=y part in http://example.com/a/b?x=y