NGINX Redirct All traffic www and non-www http TO https://example.com?

Question

my problem is i want to redirect all traffic https and http , www and non-www TO https://example.com but if I go to my website at https://example.com I get 'your connection is insecure'.

I followed this answer NGINX: redirect non-www https to https://www but it redirects only from http to https and non www to www !

How do I redirect all to https://?

       server
   {
    listen :80;
    server_name example.com www.example.com ;
    access_log /var/log/nginx/domains/example.com.log;
    access_log /var/log/nginx/domains/example.com.bytes bytes;
    error_log /var/log/nginx/domains/example.com.error.log;
    root /home/admin/domains/example.com/public_html;
    index index.php index.html index.htm;
    include /usr/local/directadmin/data/users/admin/nginx_php.conf;
    include /etc/nginx/webapps.conf;

    return 301 https://$host$request_uri;

   }

   server
   {
     listen :443 ssl http2;
    server_name example.com www.example.com ;
    access_log /var/log/nginx/domains/example.com.log;
    access_log /var/log/nginx/domains/example.com.bytes bytes;
    error_log /var/log/nginx/domains/example.com.error.log;
    root /home/admin/domains/example.com/private_html;
    index index.php index.html index.htm;
    ssl_certificate 
    /usr/local/directadmin/data/users/admin/domains/example.com.cert.combined;
    ssl_certificate_key    
    /usr/local/directadmin/data/users/admin/domains/example.com.key;
    include /usr/local/directadmin/data/users/admin/nginx_php.conf;
    include /etc/nginx/webapps.ssl.conf;
    add_header Strict-Transport-Security "max-age=3411" always; 


   open_file_cache max=200000 inactive=20s; 
   open_file_cache_valid 30s; 
   open_file_cache_min_uses 2;
   open_file_cache_errors on;
   client_header_timeout  3m;
   client_body_timeout    10;
   send_timeout           2;

   client_header_buffer_size    1k;
   large_client_header_buffers  4 4k;

   gzip on;
   gzip_min_length 10240;
   gzip_proxied expired no-cache no-store private auth;
   gzip_types text/plain text/css text/xml text/javascript application/x-      
   javascript    application/json application/xml;
   gzip_disable msie6;

   output_buffers   1 32k;
   postpone_output  1460;

   sendfile         on;
   tcp_nopush       on;
   tcp_nodelay      on;
   send_lowat       12000;

   keepalive_timeout 65;
   keepalive_requests 100000;
   reset_timedout_connection  on;

   server_tokens off;

   client_body_buffer_size 128k;

   client_max_body_size 10m;


    location = /favicon.ico {
        log_not_found off;
        access_log off;
    }

    location = /robots.txt {
        allow all;
        log_not_found off;
        access_log off;
    }

    location ~* \.(txt|log)$ {
        allow 192.168.0.0/16;
        deny all;
    }

    location ~ \..*/.*\.php$ {
        return 403;
    }

    location ~ ^/sites/.*/private/ {
        return 403;
    }

    location ~ ^/sites/[^/]+/files/.*\.php$ {
        deny all;
    }

    location ~* ^/.well-known/ {
        allow all;
    }

    location ~ (^|/)\. {
        return 403;
    }

    location / {
        try_files $uri /index.php?$query_string; # For Drupal >= 7
        if ($allowed_country = no) {
                return 443;
               }
    }

    location @rewrite {
        rewrite ^/(.*)$ /index.php?q=$1;
    }

    location ~ /vendor/.*\.php$ {
        deny all;
        return 404;
    }


    location ~ '\.php$|^/update.php' {
        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
        include fastcgi_params;
        fastcgi_param HTTP_PROXY "";
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        fastcgi_param PATH_INFO $fastcgi_path_info;
        fastcgi_param QUERY_STRING $query_string;
        fastcgi_intercept_errors on;
        #fastcgi_pass unix:/var/run/php5-fpm.sock;
        fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
    }

    location ~ ^/sites/.*/files/styles/ { # For Drupal >= 7
        try_files $uri @rewrite;
    }

    location ~ ^(/[a-z\-]+)?/system/files/ { # For Drupal >= 7
        try_files $uri /index.php?$query_string;
    }

       location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
        try_files $uri @rewrite;
        expires max;
        log_not_found off;
       }


   }

score 0 · Answer 1 · answered Dec 24 '18 at 13:02

0

you're redirects looks fine but are you sure you have valid ssl certificate for example.com and it is installed properly on your host? the 'your connection is insecure' message usually does not have anything to do with the redirects it is because of certificate problems.

answered Dec 24 '18 at 13:02

user2883215

67
6

yes i sure my ssl is right ! with apache without any problem work but nginx have no ! – Bijan Zand Dec 24 '18 at 13:19
and i use cloudflare – Bijan Zand Dec 24 '18 at 13:21
can you open you're site https://example.com without redirects without any problems? does the error occur only after redirects? can you post nginx access/error logs? – user2883215 Dec 24 '18 at 13:41

score 0 · Answer 2 · answered Dec 26 '18 at 10:29

0

instead of using this:

    return 301 https://$host$request_uri;

use:

    return 301 https://$server_name$request_uri;

answered Dec 26 '18 at 10:29

Kuldeep KD

97
2

NGINX Redirct All traffic www and non-www http TO https://example.com?

2 Answers2