Nginx: Redirect non-www to www https
I have my below nginx config, I'm trying to redirect everything to https://www regardless of what comes in for example http://example.com, http://www.example.com or https://example.com.
I've looked at numerous topics on SO and tried a couple of things but still stumped, I can't ever get https://example.com to redirect to the https://www pattern!?
server {
listen 80;
listen 443 ssl;
server_name example.com;
return 301 https://www.example.com$request_uri;
}
server {
listen 443 ssl;
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
ssl_dhparam /etc/nginx/ssl/dhparams.pem;
ssl_session_timeout 30m;
ssl_session_cache shared:SSL:10m;
ssl_buffer_size 8k;
add_header Strict-Transport-Security max-age=31536000;
root /usr/share/nginx/html;
# Load configuration files for the default server block.
include /etc/nginx/default.d/*.conf;
location / {
}
error_page 404 /404.html;
location = /40x.html {
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
}
Make one server
block a default server and give the other server
block the one true server_name
.
server {
listen 80 default_server;
listen 443 ssl default_server;
ssl_certificate ...;
ssl_certificate_key ...;
return 301 https://www.example.com$request_uri;
}
server {
listen 443 ssl;
server_name www.example.com;
ssl_certificate ...;
ssl_certificate_key ...;
...
}
The default server for https
requires a valid certificate. Assuming you have a wildcard certificate - most of the ssl_
statements could be moved into the outer block and be inherited by both server blocks. For example:
ssl_certificate ...;
ssl_certificate_key ...;
ssl_...;
server {
listen 80 default_server;
listen 443 ssl default_server;
return 301 https://www.example.com$request_uri;
}
server {
listen 443 ssl;
server_name www.example.com;
...
}
See this document for more.