Get the most out of your Centmin Mod LEMP stack
Become a Member

Wordpress SSL non www to www

Discussion in 'Blogs & CMS usage' started by Matt Williams, Apr 28, 2015.

Tags:
  1. Matt Williams

    Matt Williams WordPress Fanatic

    537
    104
    43
    Nov 22, 2014
    Virginia, USA
    Ratings:
    +157
    Local Time:
    11:07 AM
    latest
    10
    Hello,
    Having a small issue using SSL with www. I generated the CSR using the www extension, However, when accessing the site, it sends me to the
    Code:
    /usr/local/nginx/html
    instead of
    Code:
    /home/nginx/domains/donmain.com/public
    When I use the non www extension - SSL works just fine and sends me to
    Code:
    /home/nginx/domains/domain.com/public
    where the sites files are.

    Is there something I am missing? Do I need to put the sites files in
    Code:
    /usr/local/nginx/html
    for this to work?


    I'm using beta02
     
  2. eva2000

    eva2000 Administrator Staff Member

    53,558
    12,135
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,678
    Local Time:
    1:07 AM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    what does your /usr/local/nginx/conf/conf.d/virtual.conf and /usr/local/nginx/conf/conf.d/domain.com.conf contents look like ?
     
  3. Matt Williams

    Matt Williams WordPress Fanatic

    537
    104
    43
    Nov 22, 2014
    Virginia, USA
    Ratings:
    +157
    Local Time:
    11:07 AM
    latest
    10
    /usr/local/nginx/conf/conf.d/virtual.conf

    Code:
    server {
    #         listen   80;
                listen   80 default_server backlog=256;
                server_name s1.domain.com;
                root   html;
    
            access_log              /var/log/nginx/localhost.access.log     main bu$
            error_log               /var/log/nginx/localhost.error.log      error;
    
    # ngx_pagespeed & ngx_pagespeed handler
    #include /usr/local/nginx/conf/pagespeed.conf;
    #include /usr/local/nginx/conf/pagespeedhandler.conf;
    #include /usr/local/nginx/conf/pagespeedstatslog.conf;
    
    # limit_conn limit_per_ip 16;
    # ssi  on;
    
                location / {
    
    # block common exploits, sql injections etc
    #include /usr/local/nginx/conf/block.conf;
    
    #               Enables directory listings when index file not found
    #               autoindex  on;
    
    #               Shows file listing times as local time
    #               autoindex_localtime on;
    
    #               Enable for vBulletin usage WITHOUT vbSEO installed
    #               try_files               $uri $uri/ /index.php;
    
                }
    
            # example nginx-http-concat
            # /csstest/??one.css,two.css
            #location /csstest {
            #concat on;
            #concat_max_files 20;
            #}
    
    include /usr/local/nginx/conf/phpmyadmin.conf;
    include /usr/local/nginx/conf/staticfiles.conf;
    include /usr/local/nginx/conf/php.conf;
    #include /usr/local/nginx/conf/phpstatus.conf;
    include /usr/local/nginx/conf/drop.conf;
    #include /usr/local/nginx/conf/errorpage.conf;
    
           }
    
    /usr/local/nginx/conf/conf.d/domain.com.conf

    Code:
    # Centmin Mod Getting Started Guide
    # must read http://centminmod.com/getstarted.html
    
    # redirect from non-www to www
    # uncomment, save file and restart Nginx to enable
    # if unsure use return 302 before using return 301
    #server {
    #            listen   80;
    #            server_name domain.com;
    #            return 301 https://www.domain.com$request_uri;
    #       }
    
    server {
      server_name domain.com www.domain.com;
      return 302 https://www.$server_name$request_uri;
    
    }
    
    # https SSL SPDY vhost
    server {
            listen 443 ssl spdy;
                server_name domain.com;
    
            ssl_dhparam /usr/local/nginx/conf/ssl/ssl/dhparam.pem;
            ssl_certificate      /usr/local/nginx/conf/ssl/ssl/ssl-unified.c$
            ssl_certificate_key  /usr/local/nginx/conf/ssl/ssl/ssl.key;
            ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
            ssl_session_cache      shared:SSL:10m;
            ssl_session_timeout  10m;
            ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:E$
            ssl_prefer_server_ciphers   on;
            add_header Alternate-Protocol  443:npn-spdy/3;
            add_header Strict-Transport-Security "max-age=31536000; includeSubdomai$
            #add_header  X-Content-Type-Options "nosniff";
            #add_header X-Frame-Options DENY;
            # nginx 1.5.9+ or higher
            # http://nginx.org/en/docs/http/ngx_http_spdy_module.html#spdy_headers_$
            # http://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_buffer_size
            # spdy_headers_comp 0;
            # ssl_buffer_size 4k;
    
            # enable ocsp stapling
            #resolver 8.8.8.8;
            #ssl_stapling on;
            #ssl_stapling_verify on;
            #ssl_trusted_certificate /usr/local/nginx/conf/ssl/domaincom/ssl-truste$
    
    # ngx_pagespeed & ngx_pagespeed handler
    #include /usr/local/nginx/conf/pagespeed.conf;
    #include /usr/local/nginx/conf/pagespeedhandler.conf;
    #include /usr/local/nginx/conf/pagespeedstatslog.conf;
    
    # limit_conn limit_per_ip 16;
    # ssi on;
    
    access_log /home/nginx/domains/domain.com/log/access.log combined buffer=256k $
    error_log /home/nginx/domains/domain.com/log/error.log;
    
    root /home/nginx/domains/domain.com/public;
    
    include /usr/local/nginx/conf/wpsupercache_domain.com.conf;
    
    location / {
    # Enables directory listings when index file not found
    #autoindex on;
    
    try_files /wp-content/cache/supercache/$http_host/$cache_uri/index.html $uri $u$
    
    }
    
    location ~* /(wp-login\.php) {
        limit_req zone=xwplogin burst=1 nodelay;
        auth_basic "Private";
        auth_basic_user_file /home/nginx/domains/domain.com/htpasswd_wplogin;
        include /usr/local/nginx/conf/php.conf;
    }
    
    location ~* /(xmlrpc\.php) {
        limit_req zone=xwplogin burst=2 nodelay;
        include /usr/local/nginx/conf/php.conf;
    }
    
    include /usr/local/nginx/conf/wpsecure_domain.com.conf;
    include /usr/local/nginx/conf/php.conf;
    include /usr/local/nginx/conf/staticfiles.conf;
    include /usr/local/nginx/conf/drop.conf;
    #include /usr/local/nginx/conf/errorpage.conf;
    }
    
    
     
    Last edited: Apr 28, 2015
  4. eva2000

    eva2000 Administrator Staff Member

    53,558
    12,135
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,678
    Local Time:
    1:07 AM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    it's because your SSL server context server_name only makes room for non-www version of domain and not the www you set as primary 302 redirect

    change
    Code:
    server {
            listen 443 ssl spdy;
                server_name domain.com;
    to
    Code:
    server {
            listen 443 ssl spdy;
                server_name www.domain.com;
     
  5. Matt Williams

    Matt Williams WordPress Fanatic

    537
    104
    43
    Nov 22, 2014
    Virginia, USA
    Ratings:
    +157
    Local Time:
    11:07 AM
    latest
    10
    ugh - that simple huh lol! Jees... I didn't even think to change that

    Thanks George!
     
  6. eva2000

    eva2000 Administrator Staff Member

    53,558
    12,135
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,678
    Local Time:
    1:07 AM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    easy to miss.. probably why my domains are all non-www these days - much easier :D
     
  7. Matt Williams

    Matt Williams WordPress Fanatic

    537
    104
    43
    Nov 22, 2014
    Virginia, USA
    Ratings:
    +157
    Local Time:
    11:07 AM
    latest
    10
    Hey George,
    What would I use for https non www to redirect to https www?

    Example:
    non www -
    Code:
    https://domain.com
    - Gives SSL warning
    With www SSL -
    Code:
    https://www.domain.com
    - shows everything fine

    so How do I redirect non SSL www to www SSL ?
     
  8. eva2000

    eva2000 Administrator Staff Member

    53,558
    12,135
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,678
    Local Time:
    1:07 AM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    Problem with domain resolve | Page 2 | Centmin Mod Community

    just reverse that i think

    Code:
    server {
      listen 443 ssl spdy;
    
    SNIPPED REST
    
      root /home/nginx/domains/sslspdy.com/public;
    
         ## redirect nowww to www
          if ($host = 'sslspdy.com' ) {
             return 302 https://www.$server_name$request_uri;
          }
    
      location / {
     
  9. eva2000

    eva2000 Administrator Staff Member

    53,558
    12,135
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,678
    Local Time:
    1:07 AM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    or have a 3rd server context

    Code:
    server {
            listen 443 ssl spdy;
      server_name domain.com;
      return 302 https://www.$server_name$request_uri;
    
    }
     
  10. Matt Williams

    Matt Williams WordPress Fanatic

    537
    104
    43
    Nov 22, 2014
    Virginia, USA
    Ratings:
    +157
    Local Time:
    11:07 AM
    latest
    10
    None of those options worked unfortunately :=(
    Works great like:
    Code:
    https://www.domain.com
    typing that in the URL bar

    Typing
    Code:
    https://domain.com
    shows the SSL warning even after applying the changes you suggested and it doesn't redirect to
    Code:
    https://www.domain.com
     
  11. eva2000

    eva2000 Administrator Staff Member

    53,558
    12,135
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,678
    Local Time:
    1:07 AM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    ssl warning is ssl cert related i think, make sure ssl cert covers both www and non-www domains.

    reissue ssl cert with csr with common name non-www as ssl certs then usually work for non-www + www
     
  12. Matt Williams

    Matt Williams WordPress Fanatic

    537
    104
    43
    Nov 22, 2014
    Virginia, USA
    Ratings:
    +157
    Local Time:
    11:07 AM
    latest
    10
    I did that and it still doesn't work lol! When I re-issued it for non www, I installed it and works fine without www but shows warning with www - even if I setup the redirect. It's almost like you have to have 2 SSL's for this - 1 for www and one for non www - I can't find anything in Google either :=(
     
  13. Matt Williams

    Matt Williams WordPress Fanatic

    537
    104
    43
    Nov 22, 2014
    Virginia, USA
    Ratings:
    +157
    Local Time:
    11:07 AM
    latest
    10
    I purchased the SSL from namecheap - always worked with/without non www but this is the first time working with it in nGinx w/ SPDY and I can't get it to work right...
     
  14. eva2000

    eva2000 Administrator Staff Member

    53,558
    12,135
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,678
    Local Time:
    1:07 AM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    what does revised nginx vhost look like now ?
     
  15. Matt Williams

    Matt Williams WordPress Fanatic

    537
    104
    43
    Nov 22, 2014
    Virginia, USA
    Ratings:
    +157
    Local Time:
    11:07 AM
    latest
    10
    Well, The issue was that I didn't have
    Code:
    # https SSL SPDY vhost
    server {
            listen 443 ssl spdy;
                server_name www.domain.com domain.com;
    
    I only had:
    Code:
    server_name www.domain.com
    So when I added:

    Code:
    server_name www.domain.com domain.com
    Both the non www and the www servers names, it worked fine. Again, something so small that I over looked.

    I feel like an idiot lol!