seo Question posted in
Some basic information to get you started with this can be found here.

nginx www shall redirect permanently with 301 under https – SEO

I try to redirect www.example.com to https://example.com by adding the first serverblock. But it doesn’t redirect. And it has to be redirected permanently to avoid SEO issues and security warnings for the user.

Here is my complete NGINX config file:

<code>
    server {

    listen 80;
    listen 443;
    server_name www.example.com;   
    return 301 $scheme://example.com$request_uri;
    }

    server {       
    listen 80 default_server;

    listen [::]:80 default_server ipv6only=on;       
    listen 443 ssl http2 default_server;
    listen [::]:443 ssl http2 default_server;

    root /var/www/html;

    index index.php index.html index.htm;
    server_name example.com;

    #Password protects the test subdomain
    ##  auth_basic "Restricted Content";
    ##  auth_basic_user_file /etc/nginx/.htpasswd;


    # Make site accessible from https://example.com/

    server_name example.com;
    include snippets/ssl-example.com.conf;        
    include snippets/ssl-params.conf;        
    location ~ /.well-known {              
    allow all;
        }       
    location / {    
    try_files $uri $uri/ /index.php$is_args$query_string;
    #try_files $uri $uri/ /index.php?q=$request_uri;                
    # First attempt to serve request as file, then               
    # as directory, then fall back to displaying a 404.             
    # try_files $uri $uri/ =404;              
    # Uncomment to enable naxsi on this location            
    # include /etc/nginx/naxsi.rules
    }  
    error_page 500 502 503 504 /50x.html;  
    location = /50x.html {

    root /usr/share/nginx/html;     
    }
    location ~ [^/].php(/|$) {
    fastcgi_split_path_info ^(.+?.php)(/.*)$;
    if (!-f $document_root$fastcgi_script_name) {   
    return 404;
    }
    # Mitigate https://httpoxy.org/ vulnerabilities
    fastcgi_param HTTP_PROXY "";
    include snippets/fastcgi-php.conf;
    fastcgi_pass unix:/run/php/php7.0-fpm.sock;
    include fastcgi_params;
    }      
    location ~ .php$ {
    #match actual filename with extension or file not found
    #try_files $uri $uri =404;
    include snippets/fastcgi-php.conf;   
    fastcgi_pass unix:/run/php/php7.0-fpm.sock;       
    }

    # deny access to .htaccess files, if Apache's document root   
    # concurs with nginx's one  
    #
    #location ~ /.ht 
    {     
    #       deny all;
    #
    }

    }
</code>
Tags:

2

Answers


  1. Chosen as BEST ANSWER
    0

    I finally solved it. By adding both www.example.com and example.com to the Let's Encrypt certificate it suddenly worked.

    I did sudo letsencrypt certonly -a webroot --webroot-path=/var/www/html -d www.example.com,example.com

    So after restarting nginx, the www redirect suddenly worked! I also put the redirect at the bottom and changed the nginx file as below:

    server {
listen 443 ssl http2 default_server;
listen [::]:443 ssl http2 default_server;

include snippets/ssl-www.example.com.conf;
include snippets/ssl-params.conf;

root /var/www/html;
index index.php index.html index.htm;

server_name example.com;

#Password protects the test subdomain
##  auth_basic "Restricted Content";
##  auth_basic_user_file /etc/nginx/.htpasswd;

location ~ /.well-known {
allow all;
}
location / {
try_files $uri $uri/ /index.php$is_args$query_string;
# include /etc/nginx/naxsi.rules
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
location ~ [^/].php(/|$) {
fastcgi_split_path_info ^(.+?.php)(/.*)$;
if (!-f $document_root$fastcgi_script_name) {
return 404;
}
# Mitigate https://httpoxy.org/ vulnerabilities
fastcgi_param HTTP_PROXY "";
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/run/php/php7.0-fpm.sock;
include fastcgi_params;
}
location ~ .php$ {
#match actual filename with extension or file not found
#try_files $uri $uri =404;
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/run/php/php7.0-fpm.sock;
}
}
server {
listen [::]:80 default_server ipv6only=on;
listen 80 default_server;
server_name www.example.com;
return 301 https://example.com$request_uri;
}

  2. 0

    As a minimum, your server block is missing the ssl keyword to enable https on the 443 port and the certificate definitions.

    server {
    listen 80;
    listen 443 ssl;
    ssl_certificate     ...;
    ssl_certificate_key ...;

    server_name www.example.com;   
    return 301 $scheme://example.com$request_uri;
}

    If you only have one certificate file for both example.com and www.example.com, the ssl_xxx directives may appear in the surrounding block to be inherited by both server blocks. See this document for more.

    Login or Signup to reply.
Please signup or login to give your own answer.

Back To Top
Search