I have the following custom default vhost which catches the HTTP traffic and redirects clients to the right web root for e.g. the ACME challenge. Everything else is redirected to HTTPS. I use here the `server_name _;`. Which is a catch-all and also this vhost is set as the `default_server` for HTTP (port 80) traffic.
```
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name _;
include hardening;
location /.well-known/acme-challenge/ {
root /var/www/acme-challenge/;
default_type "text/plain";
}
location / {
return 301 https://$host$request_uri;
}
}
```
Now I also have this other vhost. The goal of this vhost is to make sure that it's the catch-all for all HTTPS (port 443) traffic and it also (temporarily) redirects traffic from one subdomain to another.
```
server {
server_name forum.example.com;
return 302 https://example.com$request_uri;
}
server {
listen 443 ssl http2 default_server;
listen [::]:443 ssl http2 default_server;
server_name _;
...
}
```
This above vhost does not work as I intend it to work. The redirect does not happen as long as the catch-all for the HTTP vhost is active. So for my understanding, the port that's used to listen for the server name does not matter. If something has the catch-all, it catches all. If you introduce 2 catch-alls, things go south.
When I remove the first mentioned vhost, the redirect works fine. But I do want to retain the functionality of the first vhost. That is the redirect of HTTP traffic to the right web root for e.g. ACME challenges and centrally redirect all traffic to HTTPS. I don't want to repeat that in every other vhost. How can I implement this while also making sure the redirect works for the forum.example.com to example.com?
