By hrva07
I’m using Gunicorn and Nginx on Ubuntu. I also installed Let’s Encrypt certificates for my example.com and www.example.com with option 2-Redirect to redirect all HTTP to HTTPS.
Now I have the issue that the redirection from www.example.com to example.com is not working properly - it seems to me this happens after I installed Let’s Encrypt certificates (but I’m not exactly sure).
When entering to browser, http://www.example.com/ is redirecting to https://www.example.com/
https://www.example.com/ stays https://www.example.com/
Here is the Nginx configuration:
server {
server_name example.com www.example.com;
location / {
include proxy_params;
proxy_pass http://unix:/run/exampleproject.sock;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = www.example.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
if ($host = example.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
server_name example.com www.example.com;
listen 80;
return 404; # managed by Certbot
}
I’m really not Nginx expert so could you please suggest what to do - how to redirect all www.example.com to example.com and at the same time keep the functionality that HTTP is redirected to HTTPS ?
IMO, probably this part managed by Certbot is doing wrong - it’s just rewriting the whole $host part when redirecting instead of leaving out www:
if ($host = www.example.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
Because this part is related to Gunicorn and I don’t see what could I do here but also I’m very far away of being Gunicorn expert to judge that :-)
location / {
include proxy_params;
proxy_pass http://unix:/run/exampleproject.sock;
}
Thank you !
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
Hello,
Can you please tr to replace the following server block
if ($host = www.example.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
with
server {
listen 443 ssl;
server_name www.example.com;
rewrite ^/(.*) https://example.com/$1 permanent;
}
and let me know how it goes?
Please remember to restart Nginx after you make the file changes.
Regards, KFSys
Your understanding is correct. The issue is in the Nginx configuration where the redirection from www.example.com to example.com is not explicitly handled. The current configuration only ensures that all HTTP traffic is redirected to HTTPS, but it does not handle the stripping of the www subdomain.
You need to modify the Nginx configuration to include a rule for redirecting www.example.com to example.com. Here’s how you can adjust your configuration:
1. Update the HTTPS Server Block
Modify the server block that handles SSL (port 443) to redirect www.example.com to example.com. Your SSL server block should look like this:
server {
server_name www.example.com;
return 301 https://example.com$request_uri;
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
server_name example.com;
location / {
include proxy_params;
proxy_pass http://unix:/run/exampleproject.sock;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
2. Update the HTTP Server Block
Modify the server block that handles HTTP (port 80) to redirect all traffic to HTTPS and handle the www to non-www redirection:
server {
if ($host = www.example.com) {
return 301 https://example.com$request_uri;
}
server_name example.com www.example.com;
listen 80;
return 301 https://example.com$request_uri; # Redirect all HTTP to HTTPS on non-www
}
3. Check Configuration and Restart Nginx
After making these changes, check your Nginx configuration for syntax errors:
sudo nginx -t
If there are no errors, restart Nginx to apply the changes:
sudo systemctl restart nginx
Explanation:
- The first SSL server block catches requests to
www.example.comover HTTPS and redirects them toexample.com. - The second SSL server block handles requests to
example.comover HTTPS. - The HTTP server block redirects all HTTP traffic to HTTPS and handles the
wwwtonon-wwwredirection for HTTP traffic.
With these changes, your Nginx configuration should correctly handle the redirection from www.example.com to example.com while also redirecting all HTTP traffic to HTTPS.
Become a contributor for community
Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.
DigitalOcean Documentation
Full documentation for every DigitalOcean product.
Resources for startups and SMBs
The Wave has everything you need to know about building a business, from raising funding to marketing your product.
The developer cloud
Scale up as you grow — whether you're running one virtual machine or ten thousand.
Get started for free
Sign up and get $200 in credit for your first 60 days with DigitalOcean.*
*This promotional offer applies to new accounts only.