Hello I have this config
server {
listen 82;
server_name myapp.mydomain.com;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl;
server_name myapp.mydomain.com
# ... remain of the stuff here
}
Before that I had other websites running in ports: 80, 3000 etc... now when I access http://myapp.mydomain.com automatically redirects me to my app (as is I were invoking port 82) and if I try to access another app running on 3000 port it tries to rewrite the https://myapp.mydomain.com:3000 as well... if I use the ip it works as expected (not the ssl part).
Full config can be found at:
https://gist.github.com/angvp/363f50ff8b8d345126adaf1595cd2523
Any ideas?
Ok after I start digging I had this on my nginx conf:
add_header Strict-Transport-Security max-age=15768000;
This is a security measure but that was causing all the subdomains even on different ports will try always https .. the correct way should be to have different subdomains per vhost per port..
Related
I'd like to redirect one of my domain to another one. Both domains are configured on Digital Ocean where I set up the DNS to point to the IP adresse of the server
nginx
server {
server_name domain1.com;
rewrite ^/(.*)$ http://domain2.com/$1 permanent;
}
server {
listen 80 default_server;
listen [::]:80 default_server ipv6only=on;
server_name domain2.com www.domain2.com;
......
}
nginx-t runs fine.
Problems
The address www.domain2.com is working but www.domain1.com is not redirected. What am I missing ?
I cleared the cache of Chrome and Safari and it is fine.
I've got a website sitting behind an Nginx proxy. I've set up Nginx to redirect all traffic from HTTP to HTTPS, like so:
server {
listen 80 default_server;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl default_server;
add_header Strict-Transport-Security "max-age=31536000";
location /api {
include uwsgi_params;
uwsgi_pass api-server:80;
}
location / {
root /web;
}
}
As far as I can tell, this should work. And when I hit my server from multiple locations using curl, I see the permanent redirect I was expecting. But I'm getting reports from some users that they're not getting redirected; instead they're seeing a generic Welcome to nginx! page.
Is there a better configuration I should be using? How can I debug this?
Create separate log files for the http and the https server and see if there are other status code than 301 in the one from the http server.
https://www.nginx.com/resources/admin-guide/logging-and-monitoring/
Yesterday I have changed my domain name hat was foobar.tk and it was running over https. For now, on my new domain foobar.eu I does not have ssl.
I have succeed with redireting using CNAME records while I am not using https, but somehow I cannot redirect https://www.example.tk to http://www.example.eu Chrome says that connection was resset. Firefox says that content cannot be validated,...
For redirection I am using these lines:
server {
listen 443; (note: i have tried with *:443, *:443 ssl, 443 ssl)
server_name www.example.tk; (i have tried with orwithout www.)
return 301 http://www.example.eu$request_uri; (i have tried to redir to $host also where then cname will handle the issue)
}
What works:
http://www.example.tk -> http://www.example.eu using CNAME (and all other subdomains)
What is not working:
https://www.example.tk -> http://www.example.eu
I still can certificates backed-up, so if it can help in some way please tell me.
Thank you
When setting up SSL on Nginx you should use ssl_certificate and ssl_certificate_key directives.
server {
listen 443 ssl;
server_name www.example.tk;
ssl_certificate /path/to/certificate; #.crt, .cert, .cer, or .pem file
ssl_certificate_key /path/to/private/key;
return 301 http://www.example.eu$request_uri;
}
These two files you can get from your Certificate Authority.
Also you should add ssl parameter to listen directive.
I have a node app that is running on port 8989 and it is being port-proxied to 80.
server {
listen 80;
server_name example.com www.example.com;
access_log /var/log/nginx/example.access.log;
location / {
proxy_pass http://127.0.0.1:8989/;
}
}
That works beautifully. But for some reason, the web address automatically goes to www when I type http://example.com into the browser bar. I didn't tell it to do that! haha
I checked the domain settings in my registrar to make sure I didn't stupidly set a www redirect over there. Nothing.
Finally, I looked at the console logs of requests to http://example.com and the response is a 302 moved temporarily. Not sure how that happened, or why.
Where else can I look?
Try rewriting the server name for permanent
server {
server_name www.domain.com;
rewrite ^(.*) http://domain.com$1 permanent;
}
server {
server_name domain.com;
#The rest of your configuration goes here#
}
I would suggest that your 8989 service is issuing the 302 redirect, which is then being relayed by nginx. You should be looking at your 8989 service configuration to determine why it thinks it lives at www.example.com.
I only have an SSL certificate for example.com and want to redirect both http://example.com and http://*.example.com to https://example.com using nginx. I'm aware of it being impossible to redirect subdomains via SSL without a certificate including all the subdomains, but at least, I should be able to redirect users who are typing www.example.com (port 80) to the SSL homepage.
My current nginx config starts as follows:
server {
# This should catch all non-HTTPS requests to example.com and *.example.com
listen 80;
server_name example.com *.example.com;
access_log off;
return 301 https://example.com$request_uri;
}
server {
listen 443 ssl;
# Actual server config starts here...
Requesting http://example.com will be redirected properly to https://example.com, whereas http://www.example.com leads to https://www.example.com (and of course, the browser is showing a certificate error). I think it has something to do with the processing order of the server_name values, but I haven't found any information about how to enforce a certain order.
Try to add another server {}
server {
listen 80;
server_name www.example.com
access_log off;
return 301 https://example.com$request_uri;
}
Try:
server_name example.com www.example.com *.example.com;
Taken directly from the Nginx docs.