nginx redirect for a specific domain - nginx

I would like to redirect traffic from:
http://demo.foo.com/a.png
to http://demo.bar.com/a.png
One caveat is that foo.com and bar.com are both the same box. So I need specify that the redirect occur for foo.com traffic only, to avoid a redirect loop on bar.com traffic.
I tried this:
server {
server_name demo.foo.com;
return 301 $scheme://demo.bar.com$request_uri;
}
After waiting a minute for it to take effect... This looked promising:
curl -I http://demo.foo.com
The 301 appeared as expected. However, there are two issues:
1) running curl -I http://demo.bar.com also came back with a 301 redirect to demo.bar.com (so my server_name filter is not working)
2) after a few more minutes (~2-3) both curl commands stop working, and return a 503 Unavailable message (this may be due to a redirect loop caused by #1)

We are using such constraction:
server {
...
server_name demo.foo.com demo.bar.com;
if ($http_host = "demo.foo.com") {
rewrite ^ http://demo.bar.com:$server_port$request_uri permanent;
}
...
}

Related

DDEV: Redirect http to https using nginx-fpm and on various domains

I'm moving some small websites in production to DDEV and, some of them has multiple domains with a 301 redirection to the main HTTPS site.
This config was working well with the "natural" Nginx when I was using a .conf file to manage the domains that should be redirect to the main site on this way:
server {
listen 80;
server_name .domain1.com
.domain2.com
.domain3.com
;
return 301 https://www.maindomain.com;
}
I tried to create a new domains.conf file and add it inside the .ddev/nginx_full directory to be loaded in the restart process but seems the Nginx didn't recognize such file.
In the main "natural" Nginx config file I has this server to redirect all requests coming from HTTP to HTTPS:
server {
listen 80;
access_log off;
error_log off;
server_name maindomain.com www.maindomain.com;
return 301 https://www.$host$request_uri;
}
I tried to add these configs inside the .ddev/nginx_full/nginx-site.conf file but the server start to be crazy, doing sometimes infinite redirections and sometimes, not recognize the domains.
Inside the config.yaml file I have:
additional_fqdns:
- domain1.com
- domain2.com
- domain3.com
- maindomain.com
- www.maindomain.com
use_dns_when_possible: false
I'm sure that's a "right way" to handle this situation but, looking the docs, I didn't find and answer for that. On this way, I ask if someone here have the catch for that.
Thanks a lot
I think this will work for you.
Add the file .ddev/nginx/redirect.conf with these contents:
if ($http_x_forwarded_proto = "http") {
return 301 https://$host$request_uri;
}
This uses a DDEV nginx snippet, it could also be done with a full nginx config.
The ddev-router acts as a reverse proxy that terminates SSL/443 and passes along requests on port 80 to the web container.
You see the infinite redirects because it sees the request always on port 80.

Nginx redirect being ignored

I'm trying to create a redirect for all URLs on a domain that contains /comfy/ to another domain, but keeping the rest of the request.
For example
https://www.example.org/system/comfy/cms/files/files/000/002/012/profile/AdobeStock_194204879.jpeg
to
https://www2.example.org/system/comfy/cms/files/files/000/002/012/profile/AdobeStock_194204879.jpeg
In nginx in the server block for example.org I have
location ~ ^/comfy/(.*) {
return 301 $scheme://www2.example.org/$request_uri;
}
but i'm still getting a 404, with the original domain, ie it's still accessing
https://www.example.org/system/comfy/cms/files/files/000/002/012/profile/AdobeStock_194204879.jpeg
I have also tried
rewrite ^(/comfy/)(.*)$ http://www2.example.org/$2 permanent;
and
rewrite ^/comfy/(.*) http://www2.example.org/$1 break;
but these are failing too. What am I missing?
Thanks!
Ok, turns out I needed to do
location ~ ^/system/comfy/cms/(.*) {
return 301 $scheme://www2.example.org/$request_uri;
}

Nginx redirect not applied

I am configuring an nginx server at the moment and I have two domain types:
www.example.com
example.com
On the server I added a new server block with the following code to redirect every incoming requests to the domain without www.
server {
server_name www.example.com;
return 301 $scheme://example.com$request_uri;
}
The problem is that I only got HTTP 200 instead of 301.
The changed file is: /etc/nginx/sites-enabled/default
What am I missing? I did exactly how the documentation says in Digital Ocean.

Nginx redirect to non-https address failes in Firefox

On a website which currently is serving on HTTPS, I want to redirect some pages to HTTP and not use SSL on them. In nginx I configured it like this:
server{
listen 80;
server_name example.com;
location / {
root /var/some/where;
}
location /secure {
return 301 https://example.com$request_uri;
}
}
server{
listen 443 ssl;
server_name example.com;
include ssl_params;
location /secure {
root /var/some/where/secure;
}
location / {
return 301 http://example.com$request_uri;
}
}
Using curl I can see everything is fine as follow:
$ curl -sIL https://example.com/ | grep HTTP
HTTP/1.1 301 Moved Permanently
HTTP/1.1 200 OK
$ curl -sIL http://example.com/ | grep HTTP
HTTP/1.1 200 OK
But when I try to open HTTPS url in Firefox, I'll get this error:
The page isn't redirecting properly.
Firefox has detected that the server is redirecting the request for this address in a way that will never complete.
This problem can sometimes be caused by disabling or refusing to accept cookies
Using a private window, when I try to open url in HTTP for the first time, is OK. But as soon as I refresh the page, It'll be redirected to HTTPS scheme and the error will appear again.
Do you have a certificate set up? None showing in your config.
The way it works is to open the secure connection (using the certificate) then return the content (including any redirect). It is not possible to redirect before creating the secure connection (as that would be a huge security risk to https if it was possible).
Considering Strict-Transport-Security: max-age=15768000 as result of curl -i -L on target domain, which means hsts header exists and by definition:
tells your browser to always connect to a particular domain over HTTPS. Attackers aren’t able to downgrade connections, and users can’t ignore TLS warnings.

Nginx 301 redirection options

I have some 100 or so URLs that need to be permanently redirected from static HTML to dynamic pages served by Wordpress. All examples for Nginx 301 redirection I found suggest that each redirect should be defined as its own server block.
However, I have found out that multiple redirects within one server block work as well such as in this simplified configuration:
server {
listen 80;
server_name www.example.com;
root /var/www/;
location = /subdir/red1.html { return 301 /subdir/?p=1; }
location = /subdir/red2.html { return 301 /subdir/?p=2; }
location = /subdir/red3.html { return 301 /subdir/?p=3; }
}
Curl -I confirms the 301 code. The redirects take place. I prefer this configuration to the one with one server block per redirect because human readability is better. But does this configuration lack something that I'd otherwise have if each redirect was in its own server block?
Well, execrpts you found are probably dealing with http to https redirections where it makes sense not to have anything more in the server block because the vhost is only there to redirect to an other domain. That's completely wrong to pick random examples and take them as a rules of thumb instead of refering to the official documentation.
100 redirects is not a huge count, you could even use permanent rewrites in one unique server block and group them with regexs.
server {
server_name www.example.com;
root /var/www/;
location /subdir/ {
rewrite ^/subdir/red([1-3])\.html /subdir/?p=$1 permanent;
}
}

Resources