52 error: www not redirecting in Edge/Chrome/Mobile: `ERR_EMPTY_RESPONSE`

Question

Update: culprit identified:

On the 4th to last line, ssl should be removed. Not sure why. If anybody can explain why, please add your answer. Thank you!

Target system info:

I'm on Debian 10, Buster, using nginx 1.42, certbot latest-stable, and php 7.3.
There are two domain names served on the same ip address and ports; so, example.com and example1.com (example.com.conf is seen below).
Everything is raw, out-of-the-box: nginx.conf is unaltered, php's config files are unaltered. Other than LEMP and Certbot, nothing has been installed.

Unwanted behavior:

Chrome: redirects http://example.com to https://example.com (good); and http://www.example.com and https://www.example.com return "ERR_EMPTY_RESPONSE".
Pale Moon (like Firefox): redirects http://www, https://www, and http:// correctly to https://example.com; all done correctly (USUALLY).
Edge: correctly redirects https://www.example.com; everything else returns Hmmm...can’t reach this page.
Curl (most important):

WolfPack'08@NV89501:/# curl www.example.com
curl: (52) Empty reply from server
WolfPack'08@NV89501:/# curl http://example.com
curl: (52) Empty reply from server
WolfPack'08@NV89501:/# curl http://www.example.com
curl: (52) Empty reply from server
WolfPack'08@NV89501:/# curl https://www.example.com
WolfPack'08@NV89501:/# curl https://example.com
<!DOCTYPE html>

Best attempt, site-specific config: see comment (###):

server {
        set $base /var/www/example.com;
        root $base/public;
        access_log /var/log/nginx/example.com/access.log;
        error_log /var/log/nginx/example.com/error.log;

        index index.php;
        server_name www.example.com example.com;

        location / {
                try_files $uri $uri/ /index.php?$args;
        }
    location ~ \.php$ {
        include snippets/fastcgi-php.conf;
        fastcgi_pass unix:/run/php/php7.3-fpm.sock;
    }

    listen [::]:443 ssl http2; 
    listen 443 ssl http2; 
    server_name www.example.com example.com;

    ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
    include /etc/letsencrypt/options-ssl-nginx.conf;
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
}

### SECTION INTENDED TO HANDLE WWW-to-NON_WWW REDIRECTS: ###
server {
    if ($host = www.example.com) {
        return 301 https://$host$request_uri;
    }
    if ($host = example.com) {
        return 301 https://$host$request_uri;
    }
        listen [::]:80;
        listen 80 ssl;  ### REMOVE SSL HERE TO FIX. ###
        server_name example.com www.example.com;
    return 301 https://example.com$request_uri;
}

Other stuff I've tried:

Putting the 301 in other places (such as at the top, under index index.php;).
Using 302's rather than 301's.
Removing listen 80 ssl;.
Using return 301 https://$host$request_uri; rather than example.com.
Deleting all of the other symlinks from sites-enabled.

Of course, I restart nginx each time, and I'm getting no errors.

Al-waleed Shihadeh · Answer 1 · 2020-03-08T08:22:17.607

try the below configurations, it basically redirects HTTP traffic to HTTPS for the defined domains and handles https only for www.example.com example.com;

server {
  listen 80 default_server;
  server_name _;
  return 301 https://example.com$request_uri;
}

server {
  listen 80;
  server_name www.example.com
  return 301 https://$host$request_uri;
}

server {
  listen 80;
  server_name example.com
  return 301 https://$host$request_uri;
}



server {
  listen 443 ssl http2 default_server;
  server_name www.example.com example.com;

  set $base /var/www/example.com;
  root $base/public;

  access_log /var/log/nginx/example.com/access.log;
  error_log /var/log/nginx/example.com/error.log;
  index index.php;

  server_name www.example.com example.com;

  location / {
    try_files $uri $uri/ /index.php?$args;
  }

  location ~ \.php$ {
    include snippets/fastcgi-php.conf;
    fastcgi_pass unix:/run/php/php7.3-fpm.sock;
  }


  ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
  ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
  include /etc/letsencrypt/options-ssl-nginx.conf;
  ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
}

you must reload Nginx configs after adding the above configs and test in a private window in chrome and firefox (better to test with this curl command curl --head http://zzz)

This config did not work, and there is no explanation. That being said, I appreciate the effort. — Wolfpack'08, Mar 08 '20 at 08:07
I can't at you. Honestly, I had to give up on it after I figured out how to fix it I'll be back at it before the end of the month and let you know what the issues are and get your answer lined up for acceptance. — Wolfpack'08, Mar 11 '20 at 11:48