Nginx server redirects

So, you got yourself an SSL. Great! Now you want to redirect all traffic to https but without the “www” part. The easiest way is to use htaccess file, but if you are on Nginx that would be a waste of server’s time.

If you would put rewrite rules in htaccess, then the server would check those rules every time for every single url request coming towards your website. Okay, it is not like this is something bad, but there is a way to do it better. You can put those rules inside your ssl configuration file for server to have those rules in advance. To accomplish this you need exactly 3 (three) “server” blocks, no more no less.

1. The first block will redirect all http traffic to non-www https.

server {
    listen 80;
    server_name
	www.domain.com
	domain.com;
    return 301 https://domain.com$request_uri;
}


2. The second block will redirect https-www requests to non-www https.

In order to make this server block working and not to crash nginx, you have to include an ssl configuration right after the redirect part:

server {
    listen 443 ssl;
    server_name domain.com;
    return 301 $scheme://domain.com$request_uri;
	
ssl on;

	ssl_certificate /etc/letsencrypt/live/appname/fullchain.pem;
	ssl_certificate_key /etc/letsencrypt/live/appname/privkey.pem;

	root /srv/users/serverpilot/apps/appname/public;

	access_log /srv/users/serverpilot/log/appname/dev_nginx.access.log main;
	error_log /srv/users/serverpilot/log/appname/dev_nginx.error.log;

	proxy_set_header Host $host;
	proxy_set_header X-Real-IP $remote_addr;
	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
	proxy_set_header X-Forwarded-SSL on;
	proxy_set_header X-Forwarded-Proto $scheme;

	include /etc/nginx-sp/vhosts.d/appname.d/*.nonssl_conf;
	include /etc/nginx-sp/vhosts.d/appname.d/*.conf;
}


3. The third block will be the final output (https://domain.com) which will handle everything else. Here you can add whatever you might need in your ssl configuration.

server {
	listen 443 ssl http2;
	listen [::]:443 ssl http2;
	server_name
	domain.com

	;

	ssl on;

	ssl_certificate /etc/letsencrypt/live/domain.com/fullchain.pem;
	ssl_certificate_key /etc/letsencrypt/live/domain.com/privkey.pem;

	root /srv/users/serverpilot/apps/appname/public;

	access_log /srv/users/serverpilot/log/appname/dev_nginx.access.log main;
	error_log /srv/users/serverpilot/log/appname/dev_nginx.error.log;

	proxy_set_header Host $host;
	proxy_set_header X-Real-IP $remote_addr;
	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
	proxy_set_header X-Forwarded-SSL on;
	proxy_set_header X-Forwarded-Proto $scheme;

	include /etc/nginx-sp/vhosts.d/appname.d/*.nonssl_conf;	
        include /etc/nginx-sp/vhosts.d/appname.d/*.conf;
	}

To test your configuration, normally you would do that with nginx -t command. On Serverpilot you have to use this:
nginx-sp -t
If it is successful, then in order to see the changes, you need to restart the nginx:
service nginx restart
or if you run it on a Serverpilot:
service nginx-sp restart

If, by any chance you crashed the website, or something is not working, then you should checked your file paths inside the configuration or something else, because this config is bulletproof.

More from author

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Related posts

Latest posts

Winamp is the best music player for Windows PC

Winamp, it really whips the llama's ass! 🙂 The best music player of all time.Old school people should know why. My first music player is...

Preload, DNS Prefetch, Preconnect

Find out what does Preload, DNS Prefetch an Preconnect functions are, how they differ from each other and where to use them.

All in One SEO Pack Pro vs Yoast SEO Pro

The ultimate comparison: All in One SEO pack Pro vs Yoast SEO Pro. Find out which one is the best in the year 2020.