Force www. and https in nginx.conf (SSL)
The following solution seems to be clear and simple, everything defined in one server block. So with this setup I force everything to https://www.domain.tld, so both handlers are here non-HTTPS and non-WWW on HTTPS. There are two IF's but if you don't want to duplicate entire SSL block two times to handle it... this is the way to do it.
server {
listen 80;
listen 443 ssl;
server_name domain.tld www.domain.tld;
# global HTTP handler
if ($scheme = http) {
return 301 https://www.domain.tld$request_uri;
}
# global non-WWW HTTPS handler
if ($http_host = domain.tld){
return 303 https://www.domain.tld$request_uri;
}
}
And even better solution to avoid IF's:
# Redirect all traffic from HTTP to HTTPS
server {
listen 80;
server_name example.com www.example.com;
# Destination redirect base URI
set $RURI https://www.example.com;
location / {return 301 $RURI$request_uri;}
}
# Redirect non-WWW HTTPS traffic to WWW HTTPS
server {
listen 443 ssl;
# NOTE: SSL configuration is defined elsewhere
server_name example.com;
return 301 $scheme://www.$host$request_uri;
}
# MAIN SERVER BLOCK
server {
listen 443 ssl;
# NOTE: SSL configuration is defined elsewhere
server_name www.example.com;
}
The best way to implement WWW and HTTPS redirection is to create a new server
section in Nginx config:
server {
listen 80; #listen for all the HTTP requests
server_name example.com www.example.com;
return 301 https://www.example.com$request_uri;
}
You will also have to perform https://example.com to https://www.example.com redirection. This may be done with code similar to the following:
server {
listen 443 ssl;
server_name example.com;
ssl_certificate ssl.crt; #you have to put here...
ssl_certificate_key ssl.key; # ...paths to your certificate files
return 301 https://www.example.com$request_uri;
}
And of course, you must reload Nginx config after each change. Here are some useful commands:
check for errors in the configuration:
sudo service nginx configtest
reload configuration (this would be enough to make changes "work"):
sudo service nginx reload
restart the whole webserver:
sudo service nginx restart
Important note:
All your server
sections must be inside http
section (or in a file included in http
section):
http {
# some directives ...
server {
# ...
}
server {
# ...
}
# ...
}