By petehouston
Hi all,
I’ve already had a droplet which previously has been setup with:
- Nginx server
- A domain (example.com)
- Re-route www.example.com to example.com as always.
- Installed and config Let’s Encrypt for both example.com and www.example.com
- All HTTP will be redirected to HTTPS.
So at current state, all will be redirected to https://example.com and it is working fine.
Now, I want to add a subdomain into this droplet. I visit Networking section, add a new A record
sub.example.com. 1800 IN A 123.45.67.89
The ping works fine, it can send the packets.
When I type the address sub.example.com to web browser, I mean plain http://sub.example.com, it just automagically redirects to https://sub.example.com while I haven’t set up anything for SSL.
I also tried to add a virtual host entry for sub.example.com to nginx server, it just keeps redirects to the same route https://sub.example.com.
I added access_log, error_log to nginx server config. No entry added if I visit the sub-domain.
Anyone have idea on this case? I search over Internet but haven’t found any case similar to mine.
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
I’m having the same issue.
1. Initial Server Setup with Ubuntu 16.04
1. How to Use SSH Keys with DigitalOcean Droplets
2. Community Post: Updating Ubuntu (14.04) -- Security Updates
2. How to Install Nginx on Ubuntu 16.04
3. How to Set Up Nginx Server Blocks on Ubuntu 16.04
4. How to Install Node.JS on Ubuntu 16.04
Installed in the following order above, all DigitalOcean articles. I’m stuck on #3 because my test subdomain keeps rerouting to https as well. I’ve combed through everything I can think of, from DNS settings to nginx.conf and sites-available/enabled and default_server.
How does your HTTP (80) server block for example.com looks like? Make sure server_name is set only to example.com www.example.com. If there is _ or wildcard entry *.example.com make sure to change it to example.com www.example.com.
This is example how it should look like:
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name example.com www.example.com;
return 301 https://$server_name$request_uri;
}
Setup one block that will serve some static content for sub.example.com.
You can take a look at Server blocks tutorial if it comes to help.
You can share config here so we can look at it.
Heya,
Just an update on an older topic in case anyone finds it
The behavior you’re observing, where http://sub.example.com automatically redirects to https://sub.example.com, even though you haven’t explicitly set up SSL for the subdomain, could be due to a few reasons. Let’s explore these and the steps you can take to troubleshoot and resolve the issue:
1. Check Existing Nginx Configuration
First, carefully review your Nginx configuration files for any global or server-level redirect rules that might be causing this behavior:
- Look for any
return 301 https://$server_name$request_uri;or similar redirect statements in your Nginx config files. - The configuration files are typically located in
/etc/nginx/sites-available/and linked to/etc/nginx/sites-enabled/.
2. HSTS (HTTP Strict Transport Security)
If you have previously visited https://example.com and your server includes an HSTS header, your browser remembers to automatically use HTTPS for all subdomains:
- Check your Nginx configuration for a line like
add_header Strict-Transport-Security "max-age=...";. - If HSTS is set with the
includeSubDomainsdirective, it will apply to all subdomains, includingsub.example.com. - Clearing your browser’s cache or using a different browser/device that hasn’t accessed
example.comyet can help determine if this is the cause.
3. SSL Certificate Configuration
Sometimes, the SSL configuration can cause automatic redirection if it’s set up to include subdomains:
- Check the SSL certificate used for
example.comto see if it’s a wildcard certificate or includessub.example.comas an alternate name.
4. DNS Caching
DNS caching might lead your requests to an old configuration:
- Ensure your DNS records are properly set up for
sub.example.com. - Clear your local DNS cache or wait for the DNS changes to propagate.
5. Client-Side Caching
Browsers often cache 301 redirects aggressively:
- Try accessing
http://sub.example.comusing a different browser or incognito mode to see if the issue persists. - Clear your browser cache.
6. Nginx Virtual Host Configuration for Subdomain
Ensure your Nginx server block for the subdomain is correctly set up:
- Create a separate server block for
sub.example.com. - Do not include SSL configuration or redirection rules in this block if you wish to serve it over HTTP.
Example configuration for sub.example.com:
server {
listen 80;
server_name sub.example.com;
root /path/to/subdomain/root;
index index.html;
# Other necessary configurations
}
7. Nginx and System Logs
- Check the Nginx access and error logs (
/var/log/nginx/access.logand/var/log/nginx/error.log) for any entries related tosub.example.com. - System logs (
/var/log/syslog) may also provide insights.
8. Nginx Reload
After making changes to your Nginx configuration files, reload Nginx to apply them:
sudo nginx -t
sudo systemctl reload nginx
Become a contributor for community
Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.
DigitalOcean Documentation
Full documentation for every DigitalOcean product.
Resources for startups and SMBs
The Wave has everything you need to know about building a business, from raising funding to marketing your product.
The developer cloud
Scale up as you grow — whether you're running one virtual machine or ten thousand.
Get started for free
Sign up and get $200 in credit for your first 60 days with DigitalOcean.*
*This promotional offer applies to new accounts only.