I have an nginx server running. I want it to redirect http://www.example.com
to https://www.example.com
, but not touch any other subdomains like http://foo.example.com
.
For some reason, no matter what I add in the subdomain, it still gets rerouted. My webpage shows on www.example.com (as it should), but also on foo.example.com and example.com (as it shouldn’t)
This is my example.com config file:
server {
listen 80;
server_name www.example.com;
# For debug
add_header X-debug-message "listen:80, server_name:www.example.com, redirect:https://$host$request_uri" always;
# Riderect
return 301 https://$host$request_uri;
}
server {
listen 443 ssl;
server_name www.example.com;
# For debug
add_header X-debug-message "listen:443, server_name:www.example.com, redirected:https://$host$request_uri" always;
# SSL
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
include /etc/letsencrypt/options-ssl-nginx.conf;
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
root /var/www/example.com;
# Redirect
location / {
proxy_pass http://192.168.1.224:80;
}
}
Going to www.example.com
shows me my webpage as expected. But going to foo.example.com
also gives me my webpage – which it shouldn’t. example.com
also gives me the webpage.
Opening www.example.com
in my browser, I see the following http header (as expected):
X-debug-message: DEBUG: listen:443, server_name:www.example.com, redirected:https://www.example.com/
Opening foo.example.com
in my browser, I see the following http header (not as expected):
X-debug-message: DEBUG: listen:443, server_name:www.example.com, redirected:https://foo.example.com/
How can I make my nginx only redirect www.example.com
?
3
Answers
Thank you for all the comments!
For other readers, and future reference, this is now my enlightened understanding.
nginx treats the first entry in it's enabled-sites conf as a default route. Thus, the first entry
is in fact treated as
So, my mistake, was to add
*.example.com -> MyIP
to my DNS, and assuming nginx would just404
all routes I didn't explicitly define. When in fact, it looks for a route that matchesfoo.example.com
, and if it doesn't, routes it to the default route.So, I now changed my DNS to explicitly handle all subdomains I want routed, and I list all of them explicitly in nginx.
Now - how I achieve my original plan - to just route
*.example.com
to my IP, and have nginx404
all requests except the ones I excplicitly define - I still don't understand.Explicitly routing all subdomains in the DNS is a bit less flexible, as I need to update the DNS and wait for the change to propagate if I want to test a new service internally. But, I guess that is fine for now.
Ensure that the dns record for foo.yourdomain.com is actually created with
dns provider
Create a second server block for the subdomain ‘foo.example.com’
otherwise all request to port 80
will be redirected to available server block, which in your case
http://www.example.com – the server block should look like this:
Add ssl certificate to the foo.example.com with the command:
Restart nginx and recheck foo.example.com again
You need to make the first entry listen on 443 for HTTPS and server name
_
and return 404.By having the typical HTTP to HTTPS redirect in the file (I have it as the last entry):
Then all HTTP requests get converted to the HTTPS counterparts. Then, if you request a subdomain that has not been configured in the NGINX configuration file, it will default to the first entry which returns a 404. All other configured subdomains, and the root domain, if you have that as an entry, will resolve correctly.
Also you can keep your wildcard DNS, which is more practical than having to add each subdomain as an entry, as you point out in your answer.