Hi i was config my nginx block to redirect all www to non-www, this is my config:

server {
    listen       80;
    server_name  mysite.com www.mysite.com;
    return       301 https://mysite.com$request_uri;
}

server {
    listen       443 ssl http2;
    server_name  mysite.com;
    root   /usr/share/nginx/html;

    ssl on;
    ssl_certificate /ssl/ssl-bundle.crt;
    ssl_certificate_key /ssl/mysite.key;
    ssl_session_cache shared:SSL:20m;
    ssl_session_timeout 10m;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_prefer_server_ciphers on;
    ssl_ciphers ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:!DSS;
    ssl_buffer_size 8k;
    ssl_session_tickets off;

    ssl_stapling on;
    ssl_stapling_verify on;
    ssl_trusted_certificate /ssl/ssl-trusted.crt;
    resolver 8.8.8.8 8.8.4.4 valid=300s;
    resolver_timeout 10s;

    #add_header X-Content-Type-Options "nosniff";

    location / {
        index index.php index.html index.htm;
    try_files $uri $uri/ /index.php?$uri&$args;
    }

    location /internal_data/ {
        internal;
        allow 127.0.0.1;
        deny all;
        }

        location /library/ {
        internal;
        allow 127.0.0.1;
        deny all;
        }

    location ~ \.php$ {
    try_files $uri =404;
    fastcgi_pass 127.0.0.1:9000;
    fastcgi_index index.php;
    fastcgi_param SCRIPT_FILENAME  $document_root$fastcgi_script_name;
    include fastcgi_params;
    }

    location ~* \.(?:ico|css|gif|jpe?g|js|png|svg|svgz|swf)(\?.+)?$ {
        access_log              off;
        log_not_found           off;
        expires                 1y;
    }

location ~ \.(jpe?g|png|gif)$ {
     valid_referers none blocked mysite.com *.mysite.com;
     if ($invalid_referer) {
        return   403;
        }
    }
}

working fine just for non-www to https but not work from www to non-www,
this is result from curl -I http://www.mysite.com :

curl: (6) Couldn't resolve host 'www.mysite.com'

is there any iam miss?
thank you.

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
1 answer

Check your DNS settings.
You must have CNAME or A entry “www”.

www A   _your_droplet_ip_

or

www CNAME   domain.com
  • thank you, that its!
    but i can access both https://www.mysite.com and https://mysite.com with HTTPS.
    how to make https://www.mysite.com redirect to https://mysite.com
    thank you.

    • nevermind, solved now with add a block to redirect https with www to non-www
      thank you :)

      • Hello Maszd,
        Can you share the block with us? How did you do that exactly?
        Thanks :)

        • Hi, this is my config:

          server {
              listen       80;
              server_name  domain.com www.domain.com;
              return       301 https://domain.com$request_uri;
          }
          
          server {
              listen       443 ssl http2;
              server_name  www.domain.com;
              return       301 https://domain.com$request_uri;
          
              ssl on;
              ssl_certificate /etc/nginx/ssl/ssl-bundle.crt;
              ssl_certificate_key /etc/nginx/ssl/domain.key;
              ssl_session_cache shared:SSL:20m;
              ssl_session_timeout 60m;
              ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
              ssl_prefer_server_ciphers on;
              ssl_ciphers ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS;
              ssl_buffer_size 8k;
              ssl_session_tickets off;
          
              ssl_stapling on;
              ssl_stapling_verify on;
              ssl_trusted_certificate /etc/nginx/ssl/ssl-trusted.crt;
              resolver 8.8.8.8 8.8.4.4 valid=300s;
              resolver_timeout 10s;
          
              #add_header X-Content-Type-Options "nosniff";
          }
          
          server {
              listen       443 ssl http2;
              server_name  domain.com;
              root   /usr/share/nginx/html;
          
              ssl on;
              ssl_certificate /etc/nginx/ssl/ssl-bundle.crt;
              ssl_certificate_key /etc/nginx/ssl/domain.key;
              ssl_session_cache shared:SSL:20m;
              ssl_session_timeout 60m;
              ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
              ssl_prefer_server_ciphers on;
              ssl_ciphers ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS;
              ssl_buffer_size 8k;
              ssl_session_tickets off;
          
              ssl_stapling on;
              ssl_stapling_verify on;
              ssl_trusted_certificate /etc/nginx/ssl/ssl-trusted.crt;
              resolver 8.8.8.8 8.8.4.4 valid=300s;
              resolver_timeout 10s;
          
              #add_header X-Content-Type-Options "nosniff";
          
          #        if ($remote_addr != "104.128.84.34") {
          #                return 503;
          #           }
          #           error_page 503 @maintenance;
          #           location @maintenance {
          #                rewrite ^(.*)$ /503.html break;
          #           }
          
              location / {
                  index index.php index.html index.htm;
              try_files $uri $uri/ /index.php?$uri&$args;
              }
          
              location /internal_data/ {
                  internal;
                  allow 127.0.0.1;
                  deny all;
                  }
          
                  location /library/ {
                  internal;
                  allow 127.0.0.1;
                  deny all;
                  }
          
              error_page 401 /401.html;
              location = /401.html {
                  root /usr/share/nginx/error;
                  internal;
              }
          
              error_page 403 /403.html;
              location = /403.html {
                  root /usr/share/nginx/error;
                  internal;
              }
          
              error_page 404 /404.html;
              location = /404.html {
                  root /usr/share/nginx/error;
                  internal;
              }
          
              error_page 500 501 502 503 504 /50x.html;
              location = /50x.html {
                  root /usr/share/nginx/error;
                  internal;
              }
          
              location ~ \.php$ {
              try_files $uri =404;
              fastcgi_pass 127.0.0.1:9000;
              fastcgi_index index.php;
              fastcgi_param SCRIPT_FILENAME  $document_root$fastcgi_script_name;
              include fastcgi_params;
              }
          
              location ~* \.(?:ico|css|gif|jpe?g|js|png|svg|svgz|swf)(\?.+)?$ {
                  access_log              off;
                  log_not_found           off;
                  expires                 1y;
              }
          
              location = /admin.php {
              auth_basic "Restricted";
              auth_basic_user_file conf.d/.htpasswd;
              try_files $uri =404;
              fastcgi_pass 127.0.0.1:9000;
              fastcgi_index index.php;
              fastcgi_param SCRIPT_FILENAME  $document_root$fastcgi_script_name;
              include fastcgi_params;
              }
          
          location ~ \.(jpe?g|png|gif)$ {
               valid_referers none blocked domain.com *.domain.com;
               if ($invalid_referer) {
                  return   403;
                  }
              }
          }
          
Submit an Answer