Force www. and https in nginx.conf (SSL)
After purchasing a SSL certificate I have been trying to force all pages to secured https and to www.
https://www.exampl.com is working and secure but only if type it i
-
The following solution seems to be clear and simple, everything defined in one server block. So with this setup I force everything to https://www.domain.tld, so both handlers are here non-HTTPS and non-WWW on HTTPS. There are two IF's but if you don't want to duplicate entire SSL block two times to handle it... this is the way to do it.
server { listen 80; listen 443 ssl; server_name domain.tld www.domain.tld; # global HTTP handler if ($scheme = http) { return 301 https://www.domain.tld$request_uri; } # global non-WWW HTTPS handler if ($http_host = domain.tld){ return 303 https://www.domain.tld$request_uri; } }And even better solution to avoid IF's:
# Redirect all traffic from HTTP to HTTPS server { listen 80; server_name example.com www.example.com; # Destination redirect base URI set $RURI https://www.example.com; location / {return 301 $RURI$request_uri;} } # Redirect non-WWW HTTPS traffic to WWW HTTPS server { listen 443 ssl; # NOTE: SSL configuration is defined elsewhere server_name example.com; return 301 $scheme://www.$host$request_uri; } # MAIN SERVER BLOCK server { listen 443 ssl; # NOTE: SSL configuration is defined elsewhere server_name www.example.com; }讨论(0) -
The best way to implement WWW and HTTPS redirection is to create a new
serversection in Nginx config:server { listen 80; #listen for all the HTTP requests server_name example.com www.example.com; return 301 https://www.example.com$request_uri; }You will also have to perform https://example.com to https://www.example.com redirection. This may be done with code similar to the following:
server { listen 443 ssl; server_name example.com; ssl_certificate ssl.crt; #you have to put here... ssl_certificate_key ssl.key; # ...paths to your certificate files return 301 https://www.example.com$request_uri; }And of course, you must reload Nginx config after each change. Here are some useful commands:
check for errors in the configuration:
sudo service nginx configtestreload configuration (this would be enough to make changes "work"):
sudo service nginx reloadrestart the whole webserver:
sudo service nginx restartImportant note:
All your
serversections must be insidehttpsection (or in a file included inhttpsection):http { # some directives ... server { # ... } server { # ... } # ... }讨论(0) -
I searched a lot , finally this is my right answer. also remember to add a www A record in your domain registar's dns control panel.
# Force all users to https://www.example.com server { listen 80; server_name example.com www.example.com; return 301 https://www.example.com$request_uri; } server { listen 443 ssl; server_name example.com; ssl_certificate /etc/nginx/ssl/www.example.com.pem; ssl_certificate_key /etc/nginx/ssl/www.example.com.key; return 301 https://www.example.com$request_uri; } server { listen 443 ssl; server_name www.example.com; root /var/www/html error_page 403 /error/404.html; error_page 404 /error/404.html; error_page 500 502 503 504 /error/50x.html; ssl_certificate /etc/nginx/ssl/www.example.com.pem; ssl_certificate_key /etc/nginx/ssl/www.example.com.key; }讨论(0) -
If you have a sites-enabled directory, do not use the "http" top directive. Just create another file (with any name) in the site-enabled directory that has:
server { listen 80; #listen for all the HTTP requests server_name example.com www.example.com; return 301 https://www.example.com$request_uri; }and comment out the line
listen 80;where the server_name is the same in the other file that serves www.example.com
讨论(0)
加载中...
- 热议问题