Force www. and https in nginx.conf (SSL)

ssl nginx https www-mechanize
Ender17 picture Ender17 · Sep 9, 2015 · Viewed 21.5k times · Source

After purchasing a SSL certificate I have been trying to force all pages to secured https and to www.

https://www.exampl.com is working and secure but only if type it in exactly. www.example.com or example.com are still pointing to http.

We use nginx as a proxy and need to input the rewrite there. I have SSH / root access via Putty. I have accessed nginx.conf by inputting into putty.

Now what? Do I input the nginx commands on this page? Starting where the cursor is? Any command lines first?

HTTPS:

.htacess – Original code I was given before I found out I had to input into nginx

RewriteEngine On 
RewriteCond %{HTTP_HOST} ^example.com [NC]
RewriteCond %{SERVER_PORT} 80 
RewriteRule ^(.*)$ https://www.example.com/$1 [R,L]

Nginx code converter – This is how it shows on the converter. Is everything on the correct lines?

# nginx configuration location / {
if ($http_host ~* "^example.com"){
rewrite ^(.*)$ http://example.com/$1 redirect; } }

and then

WWW

.htacess – Original code I was given before I found out I had to input into nginx

#Force www:
RewriteEngine on
RewriteCond %{HTTP_HOST} ^example.com [NC]
RewriteRule ^(.*)$ http://www.example.com/$1 [L,R=301,NC]

Nginx code converter – This is how it shows on the converter. Is everything on the correct line?

# nginx configuration location / { 
if ($http_host ~* "^example.com"){ 
rewrite ^(.*)$ http://www.example.com/$1 redirect; }

}

Do I then save? Restart?

Any help would be greatly appreciated. I have been battling this for weeks. My Hosting company helped as far as they could, now I am learning on the fly…. Or should I just stop and hire a developer? $$$

Thanks

Answer

Oleg picture Oleg · Sep 9, 2015

The best way to implement WWW and HTTPS redirection is to create a new server section in Nginx config:

server {
    listen      80;   #listen for all the HTTP requests
    server_name example.com www.example.com;
    return      301         https://www.example.com$request_uri;
}

You will also have to perform https://example.com to https://www.example.com redirection. This may be done with code similar to the following:

server {
    listen              443 ssl;
    server_name         example.com;

    ssl_certificate     ssl.crt; #you have to put here...
    ssl_certificate_key ssl.key; #   ...paths to your certificate files
    return      301     https://www.example.com$request_uri;
}

And of course, you must reload Nginx config after each change. Here are some useful commands:

check for errors in the configuration:

sudo service nginx configtest

reload configuration (this would be enough to make changes "work"):

sudo service nginx reload

restart the whole webserver:

sudo service nginx restart

Important note:

All your server sections must be inside http section (or in a file included in http section):

http {
    # some directives ...
    server {
        # ...
    }
    server {
        # ...
    }
    # ...
}

Related questions

What does "SSL_CTX_use_PrivateKey_file" "problems getting password error" indicate in Nginx error log?

I'm trying to set up SSL on Nginx. It doesn't work, and I am getting the following error in the error log, which is getting passed up from the OpenSSL library which nginx was compiled with. I don't know what …

Read More
Nginx does redirect, not proxy

I want to set up Nginx as a reverse proxy for a https service, because we have a special usecase where we need to "un-https" a connection: http://nginx_server:8080/myserver ==> https://mysecureservice But what happens is that the …

Read More
nginx proxy based on host when using https

I need to use Nginx as an SSL proxy, which forwards traffic to different back ends depending on the subdomain. I have seem everywhere that I should define multiple "server {" sections but that doesn't work correctly for SSL. Doing that …

Read More