Nginx: Redirect non-www to www https

nginx

I have my below nginx config, I'm trying to redirect everything to https://www regardless of what comes in for example http://example.com, http://www.example.com or https://example.com.

I've looked at numerous topics on SO and tried a couple of things but still stumped, I can't ever get https://example.com to redirect to the https://www pattern!?

server {
    listen          80;
    listen          443 ssl;
    server_name     example.com;
    return          301 https://www.example.com$request_uri;
}

server {
    listen       443 ssl;

    ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_prefer_server_ciphers on;
    ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
    ssl_dhparam /etc/nginx/ssl/dhparams.pem;
    ssl_session_timeout 30m;
    ssl_session_cache shared:SSL:10m;
    ssl_buffer_size 8k;
    add_header Strict-Transport-Security max-age=31536000;

    root         /usr/share/nginx/html;

    # Load configuration files for the default server block.
    include /etc/nginx/default.d/*.conf;

    location / {
    }

    error_page 404 /404.html;
        location = /40x.html {
    }

    error_page 500 502 503 504 /50x.html;
        location = /50x.html {
    }
}

Make one server block a default server and give the other server block the one true server_name.

server {
    listen  80 default_server;
    listen  443 ssl default_server;

    ssl_certificate ...;
    ssl_certificate_key ...;
    return  301 https://www.example.com$request_uri;
}

server {
    listen  443 ssl;
    server_name www.example.com;

    ssl_certificate ...;
    ssl_certificate_key ...;
    ...
}

The default server for https requires a valid certificate. Assuming you have a wildcard certificate - most of the ssl_ statements could be moved into the outer block and be inherited by both server blocks. For example:

ssl_certificate ...;
ssl_certificate_key ...;
ssl_...;

server {
    listen  80 default_server;
    listen  443 ssl default_server;
    return  301 https://www.example.com$request_uri;
}

server {
    listen  443 ssl;
    server_name www.example.com;
    ...
}

See this document for more.

Related

Scanner error with nextInt() [duplicate]
python operator precedence of in and comparison
Powershell: passing json string to curl
Firestore - Merging two queries locally
Load a resource contained in a jar
"~/Desktop/test.txt: No such file or directory"
How to compute Discrete Fourier Transform?
USB: usb_device_handle_win.cc:1020 Failed to read descriptor from node connection error with ChromeDriver v87 / Chrome v87 using Selenium on Windows10
post increment operator java
Dictionary creation with fromkeys and mutable objects. A surprise [duplicate]
String Constant Pool
Selenium Google Login Block