Dittobox
By:
Dittobox

Excluding subdomains with nginx and 301 redirect to https?

September 19, 2015 1.5k views
LEMP Nginx Security DNS Ubuntu

I recently moved a website from Dreamhost to an Ubuntu LEMP droplet. Much, much faster. This also allowed us to enable HTTPS using our preexisting wildcard certficate. I've setup a redirect to move all incoming traffic on http://[www.]domain.tld:80 to https://[www.]domain.tld:443 like so:

server {
       listen         80;
       server_name    domain.tld www.domain.tld;
       return         301 https://domain.tld$request_uri;
}

This works really well. Too well! I still have a few subdomains hosted at Dreamhost, which are HTTP only. Now any browser that first visits domain.tld always prefixes https:// instead of http://. I understand this working on the explicit www.domain.tld and domain.tld, but why is this 301 redirect being applied by browsers to all subdomains? Is there anyway to do this differently so that unspecified subdomains are not included in the 301?

1 comment
  • How are your subdomains configured in your DNS? If they are CNAMES then there will be a conflict since you moved your main domain.tld to another server (and another IP of course).
    If they ARE CNAMES then you need to change them to A records with the IP address of your previous server so they will resolve to that IP instead of your DO droplet.

1 Answer

This question was answered by @sleepdreaming:

How are your subdomains configured in your DNS? If they are CNAMES then there will be a conflict since you moved your main domain.tld to another server (and another IP of course).
If they ARE CNAMES then you need to change them to A records with the IP address of your previous server so they will resolve to that IP instead of your DO droplet.

View the original comment

  • I have the same problem, but my subdomain is already A record wit the current server IP.

Have another answer? Share your knowledge.