CODEWITHSUNDEEP
httpnginxhttps
betatester
betatester

Reputation: 11

nginx redirect all http to https

I am trying to redirect all website traffic to https://example.com. I want:

https://example.com
https://www.example.com
http://example.com
http://www.example.com
example.com
www.example.com

to all redirect to `https://example.com`

Right now, if I directly type in https://example.com, it works.

However, if I type in the non-SSL example.com or www.example.com or http://example.com or http://www.example.com, I get this error:

This site can’t be reached
vinnect.com refused to connect.
Search Google for vinnect
ERR_CONNECTION_REFUSED

I believe I need to fix my nginx, which is below. 

# For more information on configuration, see:
#   * Official English Documentation: http://nginx.org/en/docs/
#   * Official Russian Documentation: http://nginx.org/ru/docs/

user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /var/run/nginx.pid;

events {
    worker_connections 1024;
}

http {
    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                  '$status $body_bytes_sent "$http_referer" '
                  '"$http_user_agent" "$http_x_forwarded_for"';

access_log  /var/log/nginx/access.log  main;

sendfile            on;
tcp_nopush          on;
tcp_nodelay         on;
keepalive_timeout   65;
types_hash_max_size 2048;

include             /etc/nginx/mime.types;
default_type        application/octet-stream;

# Load modular configuration files from the /etc/nginx/conf.d directory.
# See http://nginx.org/en/docs/ngx_core_module.html#include
# for more information.
include /etc/nginx/conf.d/*.conf;

index   index.html index.htm;

server {
    listen 80 default_server;
    listen [::]:80 default_server;
    server_name example.com www.example.com;
    return 301 https://$host$request_uri;

listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; # 
managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; # 
managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot



# Redirect non-https traffic to https
# if ($scheme != "https") {
#     return 301 https://$host$request_uri;
# } # managed by Certbot

}

}

Upvotes: 1

Views: 4194

Answers (1)

mohessaid
mohessaid

Reputation: 390

In your code, you have to separate the two servers. Put the port 80 or http in a server clause and https in another server clause. The redirection will happen because of the return 301 https://$host$request_uri; line. And it should be in the http section not in the https. Looking at your configuration I noticed the three last lines that are checking for non https request and using the same method to redirect the user back to https. I never tried it, but it might work because the Cerbot guys know what they are doing.

# For more information on configuration, see:
#   * Official English Documentation: http://nginx.org/en/docs/
#   * Official Russian Documentation: http://nginx.org/ru/docs/

user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /var/run/nginx.pid;

events {
    worker_connections 1024;
}

http {
    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                  '$status $body_bytes_sent "$http_referer" '
                  '"$http_user_agent" "$http_x_forwarded_for"';

access_log  /var/log/nginx/access.log  main;

sendfile            on;
tcp_nopush          on;
tcp_nodelay         on;
keepalive_timeout   65;
types_hash_max_size 2048;

include             /etc/nginx/mime.types;
default_type        application/octet-stream;

# Load modular configuration files from the /etc/nginx/conf.d directory.
# See http://nginx.org/en/docs/ngx_core_module.html#include
# for more information.
include /etc/nginx/conf.d/*.conf;

index   index.html index.htm;

server {
    listen 80 default_server;
    listen [::]:80 default_server;
    server_name example.com www.example.com;
    return 301 https://$host$request_uri;
}

server {
    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; # 
    managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; # 
    managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot



    # Redirect non-https traffic to https
    # if ($scheme != "https") {
    #     return 301 https://$host$request_uri;
    # } # managed by Certbot
}
}

}

Upvotes: 1

Related Questions