DigitalOcean

Report this

What is the reason for this report?
Question

Nginx SSL Redirect Domain to Subdomain

Posted on September 27, 2022
Nginx
Jeff Hicks

By Jeff Hicks

Good day,

I am relatively new to this side of development and I am trying to setup domain redirection from, bar.com to foo.bar.com. I bought the domain from GoDaddy and pointed it back to Digital Ocean with NS records.

My DNS records for the site are as follows:

A    *.bar.com
A  foo.bar.com
NS     bar.com ns1.digitalocean.com
NS     bar.com ns2.digitalocean.com
NS     bar.com ns3.digitalocean.com

In /etc/nginx/sites-available/bar:

# Redirect HTTP to HTTPS.
server {
    listen 80;
    listen [::]:80;

    if ($host ~* ^.*bar.com$) {
        return 301 https://foo.bar.com$request_uri;
    }

    server_name "~^.*bar.com$";

    return 404;
}

# Redirect SSL domain to subdomain.
server {
    server_name "^bar.com$";
    return 301 https://foo.bar.com$request_uri;

    listen [::]:443 ssl; # managed by Me
    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/icare.invismi.com/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/icare.invismi.com/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}


# Handle HTTPS.
server {
    root /var/www/foo_bar/html;
    index index.html index.htm index.nginx-debian.html;

    client_max_body_size 20M;

    server_name "~^.*bar.com$";

    error_page 404 /index.html;

    location / {
    }

    listen [::]:443 ssl ipv6only=on; # managed by Certbot
    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/foo.bar.com/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/foo.bar.com/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}

I expect the following to happen:

http://bar.com -> https://foo.bar.com
http://www.bar.com -> https://foo.bar.com

http://foo.bar.com -> https://foo.bar.com
http://www.foo.bar.com -> https://foo.bar.com

https://bar.com -> https://foo.bar.com
https://www.bar.com -> https://foo.bar.com
https://www.foo.bar.com -> https://foo.bar.com

But only these work:

https://foo.bar.com
http://www.bar.com -> https://foo.bar.com

This one displays the default Nginx page.

http://foo.bar.com

What do I need to change to make these redirects work? I’m not sure what to even look up and I’m not sure if my DNS A-records are the problem, or the sites-available config, or the Certbot SSL config.

Any help would be appreciated.



This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
0
Bobby Iliev
Bobby Iliev
September 27, 2022

Accepted Answer

Hi there,

I believe that the following should work:

# Redirect HTTP to HTTPS.
server {
    listen 80;
    listen [::]:80;

    if ($host = bar.com) {
        return 301 https://foo.bar.com$request_uri;
    } # managed by Certbot
    if ($host = www.bar.com){
        return 301 https://foo.bar.com$request_uri;
     }

    server_name bar.com www.bar.com;

    return 404;
}

# Redirect SSL domain to subdomain.
server {
    server_name www.bar.com bar.com;

    return 301 https://foo.bar.com$request_uri;

    listen [::]:443 ssl; # managed by Me
    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/foo.bar.com/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/foo.bar.com/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}


# Handle HTTPS.
server {
    root /var/www/foo_bar/html;
    index index.html index.htm index.nginx-debian.html;

    client_max_body_size 20M;

    server_name "~^.*bar.com$";

    error_page 404 /index.html;

    location / {
    }

    listen [::]:443 ssl ipv6only=on; # managed by Certbot
    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/foo.bar.com/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/foo.bar.com/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}

I’ve just tested it out and it seems to be working OK.

Make sure to take a backup of your current config, and also before restarting Nginx, make sure to run an Nginx config test with nginx -t and only if you get Syntax OK then restart Nginx.

Let me know how it goes!

Best,

Bobby

Become a contributor for community

Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.

Sign Up

DigitalOcean Documentation

Full documentation for every DigitalOcean product.

Learn more

Resources for startups and SMBs

The Wave has everything you need to know about building a business, from raising funding to marketing your product.

Learn more

Get our newsletter

Stay up to date by signing up for DigitalOcean’s Infrastructure as a Newsletter.

New accounts only. By submitting your email you agree to our Privacy Policy

The developer cloud

Scale up as you grow — whether you're running one virtual machine or ten thousand.

Get started for free

Sign up and get $200 in credit for your first 60 days with DigitalOcean.*

*This promotional offer applies to new accounts only.

© 2025 DigitalOcean, LLC.Sitemap.