I'm having trouble figuring out my nginx config.
My config is supposed to force the use of https and no www. Some subdomains api.domain.com, api.staging.domain.com is allowed. The last mentioned is currently configured in another conf file, not enclosed here.
Currently my problem is that this seems to allow www. I need www to be 301 redirected to no www. The subdomain www is setup as a cname in the dns config.
Can someone help me out?
server {
listen 54.00.00.00;
server_name 54.00.00.00;
rewrite .* https://domain.com$request_uri permanent;
}
server {
listen 80;
return 301 https://$host$request_uri;
}
server {
listen 443 default ssl;
server_name domain.com api.domain.com;
root /var/www/domain.com/current/web;
##
# Certificate Settings
##
ssl_certificate /etc/nginx/ssl/domain.com.pem;
ssl_certificate_key /etc/nginx/ssl/domain.com.key;
You problem is that this server
server {
listen 80;
return 301 https://$host$request_uri;
}
Matches all servers, even the ones with www mind that if you are requesting http://www.example.com, $host will be www.example.com, so you end up redirecting to the https version with www.
If you want to do a catch all and still strip www from those who have it I suggest it would be better to use regex in the server name
server {
server_name ~^(www\.)?(?<domain>.+)$;
return 301 https://$domain$request_uri;
}
Related
I want to redirect https://www.example.com to https://example.com in Nginx.
I tried to do this using with below code, but I have to redirect multiple domains so can't mention specific "example.com" in the return line. I have around 30 different domains for which this need to be done.
I have gone through many suggested solutions but all are with one domain which doesn't meet my requirement. Like if there are domains (example.com,example.com,xyz.com etc) all need to redirect to https://respectivedomain(non-www)
server {
listen 443 ssl http2;
server_name www.example.com;
# redirects www to non-www. wasn't work for me without this server block
return 301 $scheme://example.com$request_uri;
}
Update:
server {
server_name "www.(.+?\.\w+)" ;
return 301 https://$1$request_uri;
}
I tried the above code but still, there is an error "NET::ERR_CERT_COMMON_NAME_INVALID".
The site is working with below
example.com
http://example.com
https://example.com
but not with adding www to a domain, SSL certificate is issued to non-www domain
You can redirect using configuration below.
Single domain
server {
listen 443 ssl http2;
server_name www.example.com;
return 301 $scheme://example.com$request_uri;
}
Multiple domains
server {
listen 443 ssl http2;
server_name "~^www\.(.*)$" ;
return 301 $scheme://$1$request_uri;
}
source
I have 2 different server, Already added A record entry
I wanted redirect subdomain to different server.
I made changes in nginx configuration, but its still not working.
server {
server_name example.com subdomain.example.com;
return 301 https://www.example.com$request_uri;
}
How about:
server {
listen 80;
# listen [::]:80;
server_name example.com subdomain.example.com;
return 301 https://www.example.com$request_uri;
}
I'm not a nginx expert but usually you have to define the ports you want the server to listen to. Maybe you forgot that.
I want to redirect from https://example.com to https://www.example.com. I read multiple questions here and articles about how to do it but it doesn't seem to work. Here is what I tried:
server{
listen 80;
listen 443 ssl;
server_name example.com;
return 301 $scheme://www.example.com$request_uri;
}
I set an A record with Name www that points to my IP.
I also use Cloudflare if that is important to know ...
Any ideas what I'm doing wrong?
I have two server blocks in my nginx configuration:
server {
listen 80;
server_name domain.com;
return 301 https://domain.com$request_uri;
}
server {
listen 443 ssl;
server_name domain.com;
<ssl stuff>
<root directory>
}
I'm basically redirecting all HTTP traffic to HTTPS using the first server block. I'm hardcoding the redirect domain name because I want to explicitly avoid redirecting to htps://www.domain... - I want https://domain...
When I request non-www HTTP domain, nginx correctly redirects to non-www HTTPS domain
However, when I request the www HTTP domain, nginx is not redirecting to the non-www HTTPS domain. Somehow, it adds a www to the HTTPS redirect even when I explicitly specified not to.
WHY?
Just looking at this without testing, I would say it's not picking up www.domain.com because that's not specified in the config. I belive you need a separate specification for www, or use a regex.
server {
listen 80;
server_name domain.com
www.domain.com;
return 301 https://domain.com$request_uri;
}
In this example the domain has been replaced with domain.com
Our main issue:
When i type https://domain.com i don't get redirected to https://www.domain.com, we currently don't have a rule for this what would be the best way to solve this?
According to our nginx configuration we have not specified 443 for https://domain.com but still its accessible, why is that?
We have valid ssl certificates for both domain.com and www.domain.com.
We do not have a wildcard certificate *.domain.com.
Our Configuration:
#All non-matching patterns
server
{
listen 80;
#enabling this will cause things to break.
#2015/12/18 09:21:54 [error] 32165#0: *1661 no "ssl_certificate" is defined in server listening on SSL port while SSL handshaking, client: *censored*, server: 0.0.0.0:443
#listen 443 ssl;
#Horrible looking match all pattern.
server_name _ "" domain.com *.domain.com;
return 301 https://www.domain.com$request_uri;
}
#Main site ssl enforced
server
{
listen 443 ssl;
server_name www.domain.com ios.domain.com android.domain.com;
...
}
#Staging / Test site
server
{
listen 443 ssl;
listen 80;
server_name stage.domain.com;
...
}
#Rental cars site ssl enforced
server
{
listen 443 ssl;
server_name hyrbil.domain.com;
...
}
#ios redirect to enforce https
server
{
listen 80;
server_name ios.domain.com;
return 301 https://ios.domain.com$request_uri;
}
#android redirect to enforce https
server
{
listen 80;
server_name android.domain.com;
return 301 https://android.domain.com$request_uri;
}
Bonus question:
Is it possible to match all ssl traffic and do a redirect unless it matches a specific domain, for example make https://xxx.domain.com pass a 301 to https://www.domain.com even tho i don't have a certificate for xxx.domain.com without showing "This page is unsecure, are you sure that you want to proceeed"?
If you have one virtualhost listening on 443, all traffic reaches your IP address will be served by that virtualhost.
Create an SSL virtualhost for domain.com and put a simple redirect in it.
Or create a "catch all/default" SSL virtualhost, and check the HOST header and redirect regarding that, like:
if ($host !~* ^www\.doman\.com$) {
rewrite ^(.*)$ http://www.domain.com$1 permanent;
}
But it will show SSL certificate error on all FQDNs not included in your certificate!