Nginx ssl force www to redirect to non www domain -
i trying set nginx redirect www.example.com , https://www.example.com requests https://example.com. here config:
server { listen 443 ssl http2; listen [::]:443 ssl http2; server_name example.com; root /var/www/domain.com/system/nginx-root; ssl_certificate /home/user/.acme.sh/example.com/fullchain.cer; ssl_certificate_key /home/user/.acme.sh/example.com/domain.com.key; include /var/www/example.com/system/files/ssl-params.conf; location / { proxy_set_header x-forwarded-for $proxy_add_x_forwarded_for; proxy_set_header x-forwarded-proto $scheme; proxy_set_header x-real-ip $remote_addr; proxy_set_header host $http_host; proxy_pass http://127.0.0.1:2368; } location ~ /.well-known { allow all; } client_max_body_size 50m; } here contents of ssl-params.conf file:
ssl_protocols tlsv1 tlsv1.1 tlsv1.2; ssl_prefer_server_ciphers on; ssl_ciphers 'ecdhe-ecdsa-chacha20-poly1305:ecdhe-rsa-chacha20-poly1305:ecdhe-ecdsa-aes128$ ssl_ecdh_curve secp384r1; # requires nginx >= 1.1.0 ssl_session_cache shared:ssl:10m; ssl_session_tickets off; # requires nginx >= 1.5.9 ssl_stapling on; # requires nginx >= 1.3.7 ssl_stapling_verify on; # requires nginx => 1.3.7 resolver 8.8.8.8 8.8.4.4 valid=300s; resolver_timeout 5s; add_header strict-transport-security "max-age=63072000; includesubdomains; preload"; add_header x-frame-options sameorigin; add_header x-content-type-options nosniff; ssl_dhparam /var/www/example.com/system/files/dhparam.pem; i can access example.com , https://example.com when try www.example.com , https://www.example.com your connection not private error in chrome , site blocked.
can me this?
edit:
i added server block , did not help:
server { listen 80; listen 443 ssl; server_name www.example.com; ssl_certificate /home/user/.acme.sh/example.com/fullchain.cer; ssl_certificate_key /home/user/.acme.sh/example.com/example.com.key; include /var/www/example.com/system/files/ssl-params.conf; return 301 https://example.com$request_uri; }
Comments
Post a Comment