Want more timely Centmin Mod News Updates?
Become a Member

HTTPS redirect non www to www

Discussion in 'Nginx, PHP-FPM & MariaDB MySQL' started by pesof, Nov 7, 2017.

Tags:
  1. pesof

    pesof New Member

    9
    4
    3
    Oct 3, 2017
    Ratings:
    +4
    Local Time:
    2:49 AM
    1.13.5
    • CentOS Version: CentOS 7 64bit
    • Centmin Mod Version Installed: 123.09beta01
    Hi, I have installed a WordPress website using menu 22 option and activated let's encrypt and everything is working perfectly.
    I used Cloudflare for DNS.
    The problem is I checked some posts to always force the www with https, but all was old kinda.
    I am checking this
    and the resault is
    Code:
    #x# HTTPS-DEFAULT
     server {
     
       server_name mysite.com www.mysite.com;
       return 301 https://www.$server_name$request_uri;
       include /usr/local/nginx/conf/staticfiles.conf;
     }
    
    server {
      listen 443 ssl http2;
      server_name mysite.com www.mysite.com;
    
      include /usr/local/nginx/conf/ssl/mysite.com/mysite.com.crt.key.conf;
      include /usr/local/nginx/conf/ssl_include.conf;
    
      http2_max_field_size 16k;
      http2_max_header_size 32k;
      # mozilla recommended
      ssl_ciphers ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS;
      ssl_prefer_server_ciphers   on;
      #add_header Alternate-Protocol  443:npn-spdy/3;
    
      # before enabling HSTS line below read centminmod.com/nginx_domain_dns_setup.html#hsts
      #add_header Strict-Transport-Security "max-age=31536000; includeSubdomains;";
      #add_header X-Frame-Options SAMEORIGIN;
      #add_header X-Xss-Protection "1; mode=block" always;
      #add_header X-Content-Type-Options "nosniff" always;
      #spdy_headers_comp 5;
      ssl_buffer_size 1369;
      ssl_session_tickets on;
     
      # enable ocsp stapling
      resolver 8.8.8.8 8.8.4.4 valid=10m;
      resolver_timeout 10s;
      ssl_stapling on;
      ssl_stapling_verify on;
    
    # ngx_pagespeed & ngx_pagespeed handler
    #include /usr/local/nginx/conf/pagespeed.conf;
    #include /usr/local/nginx/conf/pagespeedhandler.conf;
    #include /usr/local/nginx/conf/pagespeedstatslog.conf;
    
      #add_header X-Frame-Options SAMEORIGIN;
      #add_header X-Xss-Protection "1; mode=block" always;
      #add_header X-Content-Type-Options "nosniff" always;
    
      # limit_conn limit_per_ip 16;
      # ssi  on;
    
      access_log /home/nginx/domains/mysite.com/log/access.log combined buffer=256k flush=5m;
      error_log /home/nginx/domains/mysite.com/log/error.log;
    
      include /usr/local/nginx/conf/autoprotect/mysite.com/autoprotect-mysite.com.conf;
      root /home/nginx/domains/mysite.com/public;
      # uncomment cloudflare.conf include if using cloudflare for
      # server and/or vhost site
      #include /usr/local/nginx/conf/cloudflare.conf;
      include /usr/local/nginx/conf/503include-main.conf;
    
      include /usr/local/nginx/conf/wpincludes/mysite.com/wpcacheenabler_mysite.com.conf;
      #include /usr/local/nginx/conf/wpincludes/mysite.com/wpsupercache_mysite.com.conf;
      # https://community.centminmod.com/posts/18828/
      #include /usr/local/nginx/conf/wpincludes/mysite.com/rediscache_mysite.com.conf;
    
      location / {
      include /usr/local/nginx/conf/503include-only.conf;
     
    
      # Enables directory listings when index file not found
      #autoindex  on;
    
      # for wordpress super cache plugin
      #try_files /wp-content/cache/supercache/$http_host/$cache_uri/index.html $uri $uri/ /index.php?q=$uri&$args;
    
      # for wp cache enabler plugin
      try_files $cache_enabler_uri $uri $uri/ $custom_subdir/index.php?$args;
    
      # Wordpress Permalinks
      #try_files $uri $uri/ /index.php?q=$uri&$args;
    
      # Nginx level redis Wordpress
      # https://community.centminmod.com/posts/18828/
      #try_files $uri $uri/ /index.php?$args;
    
      }
    
    location ~* /(wp-login\.php) {
        limit_req zone=xwplogin burst=1 nodelay;
        #limit_conn xwpconlimit 30;
        auth_basic "Private";
        #auth_basic_user_file /home/nginx/domains/mysite.com/htpasswd_wplogin;  
        include /usr/local/nginx/conf/php-wpsc.conf;
       
        # https://community.centminmod.com/posts/18828/
        #include /usr/local/nginx/conf/php-rediscache.conf;
    }
    
    location ~* /(xmlrpc\.php) {
        limit_req zone=xwprpc burst=45 nodelay;
        #limit_conn xwpconlimit 30;
        include /usr/local/nginx/conf/php-wpsc.conf;
       
        # https://community.centminmod.com/posts/18828/
        #include /usr/local/nginx/conf/php-rediscache.conf;
    }
    
      include /usr/local/nginx/conf/wpincludes/mysite.com/wpsecure_mysite.com.conf;
      include /usr/local/nginx/conf/php-wpsc.conf;
     
      # https://community.centminmod.com/posts/18828/
      #include /usr/local/nginx/conf/php-rediscache.conf;
      include /usr/local/nginx/conf/pre-staticfiles-local-mysite.com.conf;
      include /usr/local/nginx/conf/pre-staticfiles-global.conf;
      include /usr/local/nginx/conf/staticfiles.conf;
      include /usr/local/nginx/conf/drop.conf;
      #include /usr/local/nginx/conf/errorpage.conf;
      include /usr/local/nginx/conf/vts_server.conf;
    }
    

    and added A record of www pointing to the server IP

    but still accessing https://mysite.com doesn't redirects me to https://www.mysite.com
     
  2. eva2000

    eva2000 Administrator Staff Member

    30,606
    6,862
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +10,297
    Local Time:
    9:49 AM
    Nginx 1.13.x
    MariaDB 5.5
    change top part to this
    Code (Text):
    #x# HTTPS-DEFAULT
     server {
    
       server_name mysite.com www.mysite.com;
       return 302 https://www.mysite.com$request_uri;
       include /usr/local/nginx/conf/staticfiles.conf;
     }
    
    server {
      listen 443 ssl http2;
      server_name www.mysite.com;
    

    Posted at centminmod.com/nginx_domain_dns_setup.html#httpsredirect

    key to testing is using 302 temp redirect first in a private incognito browser session otherwise the problems you can experience may end up being due to browser caching or 301 permanent redirects unless you clear browser cache and reboot local computer(s) and even then some web browsers don't let go of 301 permanent redirect browser cache that willingly :)

    You can test in SSH via curl to check headers for location field (where the redirect goes) using the following commands:
    Code (Text):
    curl -I http://domain.com
    

    Code (Text):
    curl -I http://www.domain.com
    
     
  3. pesof

    pesof New Member

    9
    4
    3
    Oct 3, 2017
    Ratings:
    +4
    Local Time:
    2:49 AM
    1.13.5
    Oh I changed the 301 to 302 and tested in a private mode it workeD! :D
    Should I revert it to 301 now since it worked ? ?
     
    • Like Like x 1
  4. eva2000

    eva2000 Administrator Staff Member

    30,606
    6,862
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +10,297
    Local Time:
    9:49 AM
    Nginx 1.13.x
    MariaDB 5.5
    up to you, safe bet is sticking with 302 until you're sure