1

I have been struggling with my Nginx server's .conf file. I am getting a redirection loop error while trying to redirect these urls :

http://example.com
http://www.example.com
https://www.example.com
http://11.111.11.11
https://11.111.11.11

to : https://example.com

So what I am trying to do is to redirect every non-ssl url, www prefixed url and my server's ip address to my domain name. Here is my code :

# redirect ip to domain name
server {
    listen               80;
    listen               443 ssl;
    server_name          11.111.11.11; #server_ip
    ssl_certificate      /etc/letsencrypt/live/mydomain.com/fullchain.pem;
    ssl_certificate_key  /etc/letsencrypt/live/mydomain.com/privkey.pem;

    return 301 $scheme://mydomain.com$request_uri;
}

# HTTP — redirect all traffic to HTTPS
server {
    listen               80;
    listen               443 ssl;
    server_name          www.mydomain.com;
    ssl_certificate      /etc/letsencrypt/live/mydomain.com/fullchain.pem;
    ssl_certificate_key  /etc/letsencrypt/live/mydomain.com/privkey.pem;

    return 301 $scheme://mydomain.com$request_uri;
}

# HTTPS — proxy all requests to the Node app
server {
    # Enable HTTP/2
    listen 443 ssl http2;
    listen [::]:443 ssl http2;
    server_name mydomain.com;

    # Use the Let’s Encrypt certificates
    ssl_certificate /etc/letsencrypt/live/mydomain.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/mydomain.com/privkey.pem;

    # Include the SSL configuration from cipherli.st
    include snippets/ssl-params.conf;

    location / {
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-NginX-Proxy true;
        proxy_pass http://localhost:5000/;
        proxy_ssl_session_reuse off;
        proxy_set_header Host $http_host;
        proxy_cache_bypass $http_upgrade;
        proxy_redirect off;
    }
}
matissev
  • 21
  • 3
  • You could use a default server, [like this, for example](https://stackoverflow.com/questions/43081780/dns-records-redirect-www-to-non-www/43089681#43089681), to redirect everything to your one true domain. – Richard Smith Oct 30 '17 at 18:17

1 Answers1

0

Ok, I searched the web a little these last few days and it seems that the solution below works :

# HTTP — redirect all traffic to HTTPS
server {
    listen 80;
    listen [::]:80 default_server ipv6only=on;
    server_name www.example.com 00.000.00.00; # www and your ip address
    ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
    return 301 https://example.com$request_uri;
}

# HTTPS — proxy all requests to the Node app
server {
    # Enable HTTP/2
    listen 443 ssl http2;
    listen [::]:443 ssl http2;
    server_name example.com;

    # Use the Let’s Encrypt certificates
    ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;

    # Include the SSL configuration from cipherli.st
    include snippets/ssl-params.conf;

    location / {
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-NginX-Proxy true;
        proxy_pass http://localhost:5000/;
        proxy_ssl_session_reuse off;
        proxy_set_header Host $http_host;
        proxy_cache_bypass $http_upgrade;
        proxy_redirect off;
    }
}

To document this a bit more, I was trying to proxy the nginx server to a nodejs server on port 5000. Also, I used this tutorial to setup the server and the conf file : https://code.lengstorf.com/deploy-nodejs-ssl-digitalocean/#enable-nginx

Hope this will help someone.

matissev
  • 21
  • 3