10

I'm trying to redirect www to non-www but it doesn't work. I've tried various answers from similar questions but those haven't worked.

I have SSL cert using certbot for 3 domains example.com, www.example.com and admin.example.com.

This is my current config, which works for non-www and admin, however www.example.com doesn't work.

# HTTP - redirect all requests to HTTPS server { listen 80; listen [::]:80; return 301 https://$host$request_uri; } # Redirect to non-www server { server_name www.example.com; listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/example.se/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/example.se/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot return 301 https://example.com$request_uri; } # non-www server { server_name example.com; location / { proxy_pass http://localhost:3000; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection 'upgrade'; proxy_set_header Host $host; proxy_cache_bypass $http_upgrade; } listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/example.se/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/example.se/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } # CMS server { server_name admin.example.com; location / { proxy_pass http://localhost:1337; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection 'upgrade'; proxy_set_header Host $host; proxy_cache_bypass $http_upgrade; } listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/example.se/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/example.se/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot }

I use DigitalOcean where both admin & non-www points to my droplet and www.example.com has a CNAME record to example.com (non-www).

Improve this question

1 Answer 1

Reset to default
19

Firstly, the www.example.com and example.com should be in one server block.

Secondly, you need to add this in your #non-www server configuration blog

if ($host = 'www.example.com') { return 301 https://example.com$request_uri; }

Thirdly, to redirect all requests to HTTPS, server_name must be added in your # HTTP - redirect all requests to HTTPS block.

Finally, your NGINX Configuration file will look like this

# HTTP - redirect all requests to HTTPS server { server_name example.com www.example.com admin.example.com; listen 80; listen [::]:80; return 301 https://$host$request_uri; } # non-www server { server_name example.com www.example.com; location / { proxy_pass http://localhost:3000; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection 'upgrade'; proxy_set_header Host $host; proxy_cache_bypass $http_upgrade; } if ($host = 'www.example.com') { return 301 https://example.com$request_uri; } listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/example.se/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/example.se/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } # CMS server { server_name admin.example.com; location / { proxy_pass http://localhost:1337; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection 'upgrade'; proxy_set_header Host $host; proxy_cache_bypass $http_upgrade; } listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/example.se/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/example.se/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot }

Once you update your NGINX configuration file, restart NGINX:

$ sudo systemctl restart nginx
Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

if ($host = 'www.example.com') {return 301 https://example.com$request_uri;} within the server block did the trick for me!

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.