Im new to all this, but how do i redirect my from www to a non-www. I have tried multiple ways to fix it in NGINX but no mater how i change it, there is still a www and an non-www site. The payment gateway is redirected to a non-www website after a transaction.
server {
server_name example.com www.example.com;
location / {
proxy_pass http://123.0.0.1:5000;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
proxy_redirect off;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/dineshudayan.tech/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/dineshudayan.tech/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = example.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
if ($host = www.example.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
server_name www.example.com;
return 404; # managed by Certbot
}
server {
listen 80;
server_name admin.example.com www.admin.example.com;
location / {
proxy_pass http://123.0.0.1:8000;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
proxy_redirect off;
}
}
#richard-smith is right; here's a fully worked example with some comments:
# Your default server - assuming DNS is set up correctly
# will serve http & https requests for any *.example.com
# hosts and redirect to them to https://example.com
server {
listen 80 default_server;
listen 443 ssl default_server;
server_name www.example.com;
ssl_certificate /etc/letsencrypt/live/dineshudayan.tech/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/dineshudayan.tech/privkey.pem;
include /etc/letsencrypt/options-ssl-nginx.conf;
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
# redirect all requests to https://example.com
return 301 https://example.com$request_uri;
}
# http server for example.com
# - will redirect requests to https://example.com
server {
listen 80;
server_name example.com;
# redirect all requests to https://example.com
return 301 https://example.com$request_uri;
}
# Your example.com https server
server {
listen 443 ssl;
server_name example.com;
ssl_certificate /etc/letsencrypt/live/dineshudayan.tech/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/dineshudayan.tech/privkey.pem;
include /etc/letsencrypt/options-ssl-nginx.conf;
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
}
Related
I have a MERN stack app that I am trying to put into production.
I am able to get the client side running using NGINX as a reverse proxy to port 3000.
The issue I am having is when I am trying to get a response from my server running on port 5000. This is where I have my API to query against my database.
I believe the issue lies in my server block I have set up for my site. Below is an example for my signin endpoint that I am getting a TIMEOUT from. I have replaced my URL with example.com
server {
root /var/www/example.com/html;
index index.html index.htm index.nginx-debian.html;
server_name example.com www.example.com;
location / {
proxy_pass http://localhost:3000;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
location /users/signin {
proxy_pass http://localhost:5000/;
proxy_buffering on;
}
listen [::]:443 ssl ipv6only=on; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = www.example.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
if ($host = example.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
listen [::]:80;
server_name example.com www.example.com;
return 404; # managed by Certbot
}
Any help would be appreciated. I believe I just need help trying to expose these endpoints properly.
Thanks!
I have an express server running on port 3001 which serves a React app.
Lets say that my domain name is example.com;
What I am trying to achieve is:
The possibility to call https://example.net/api/getUsers
Redirecting from http://1.2.3.4:3001/ with port to https://example.net/
Basically redirecting all HTTP calls (whether as IP or domain) to https://example.net/
Could anyone help with setting up that Nginx config?
This is what I currently have under /etc/nginx/sites-available:
server {
server_name 1.2.3.4:3001;
return 301 https://example.net;
}
server {
listen 80 default_server;
listen [::]:80 default_server;
listen 443 default_server ssl;
listen [::]:443 default_server ssl;
server_name example.net www.example.net;
return 301 https://example.net$request_uri;
}
server {
listen 80;
server_name example.net www.example.net;
location / {
proxy_pass http://localhost:3001;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/example.net/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/example.net/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
Looks like your app is returning redirect with Location: http://1.2.3.4:3001/
You can rewrite it with proxy_redirect and reduce redundant stuff.
server {
listen 80 default_server;
return 301 https://example.net$request_uri;
}
server {
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/example.net/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/example.net/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
server_name example.net www.example.net;
location / {
proxy_pass http://localhost:3001;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
proxy_redirect http://1.2.3.4:3001/ $scheme://$host/;
}
}
Yes, you can add the following redirect:
server {
listen 1.2.3.4:3001;
return 301 https://example.net;
}
But note your react app. locally listens on localhost:3001
proxy_pass http://localhost:3001;
so ensure react app. is not listening on 1.2.3.4:3001 socket too.
Otherwise, you will get Address already in use error and nginx will fail to start.
i have nginx config on my server, but i'm facing an issue with the url
if access my domain directly using example.com it works (not secure - i have to redirect to https)
also if i tried to access it directly using www.example.com, it won't work and i got this message
so mainly i have two issues:
redirect non-http to https
and redirect www to non-www
my server running nodejs app
This site can’t be reached www.example.com’s server IP address could not be
found. DNS_PROBE_FINISHED_NXDOMAIN
server {
listen 80;
listen 443 ssl;
server_name www.example.com;
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; # managed by Certbot
return 301 $scheme://example.com$request_uri;
}
server {
listen 80;
server_name example.com;
location / {
proxy_pass http://127.0.0.1:8080;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
proxy_redirect off;
}
location /api {
proxy_pass http://127.0.0.1:3000;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
proxy_redirect off;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
To redirect to https, you should have a server block with all your config and listen 443 ssl; in it, and another server block with config like this one:
server {
return 301 https://$host$request_uri;
server_name example.com
listen 80;
}
The www site is a different domain, you should set the ip address to it in your dns server.
Your config for the www site looks ok
I have an express server running behind nginx reverse proxy and Certbot for certification. All my non-www traffic is redirected to www and https but on google page speed non-www version gives the following error "Lighthouse returned error: NO_FCP"
This is for a new Server deployed on AWS EC2 with nodejs installed.
server {
server_name www.compropertee.com compropertee.com;
location / {
proxy_pass https://localhost:3000/;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
proxy_set_header X-Real-IP $remote_addr;
}
listen [::]:443 ssl ipv6only=on; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/www.compropertee.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/www.compropertee.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = compropertee.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
listen [::]:80;
server_name compropertee.com;
return 404; # managed by Certbot
}
all non-www and www requests should be working in google speed test.
I am super new to linux environment, and trying to configure a vps server to only allow https requests. I have read nginx documentation and tried various rewrite and return statements, changing server blocks etc. But what I have achieved so far, site serves on http and https both with following config.
What I want to achieve is to configure this subdomain admin.example.com to serve only https requests.
I am editing the config at this location: /etc/nginx/sites-available/default
server {
listen 80;
server_name admin.example.com;
#return 301 https://admin.example.com$request_uri;
location / {
proxy_pass http://localhost:5000;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection keep-alive;
proxy_set_header Host $http_host;
proxy_cache_bypass $http_upgrade;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/admin.byrides.com/fullchain.pem; # man aged by Certbot
ssl_certificate_key /etc/letsencrypt/live/admin.byrides.com/privkey.pem; # m anaged by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
You will need to setup two server directives, one for port 80 which will redirect the traffic to port 443.
server {
listen 80;
server_name admin.example.com;
return 301 https://$host$request_uri;
}
server {
listen 443 ssl;
ssl on;
ssl_certificate /etc/letsencrypt/live/admin.byrides.com/fullchain.pem; # man aged by Certbot
ssl_certificate_key /etc/letsencrypt/live/admin.byrides.com/privkey.pem; # m anaged by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
location / {
proxy_pass http://localhost:5000;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection keep-alive;
proxy_set_header Host $http_host;
proxy_cache_bypass $http_upgrade;
}
}