I have been trying to get this to work for a good amount of days but so far did not succeed. I still get people telling me that they see a "not safe" message when they get to my website by entering "site.nl" i.e. without http(s) and -or www.

What I want is to always enforce https and www. Can anyone help me out and tell me what I am doing wrong?

I hear from people on Safari that it is not working. Not sure if Safari has anything to do with it, when I test this in my FireFox, Chrome, IE, Edge and Opera it does work correctly.

server {
server_name mysite.nl;

listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/www.mysite.nl/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/www.mysite.nl/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

return 301 $scheme://www.mysite.nl$request_uri;
}




server {
root /var/www/mysite.nl/;
index index.html index.htm index.php;

server_name www.mysite.nl;

location / {
proxy_pass http://localhost:3000/;
}

add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;
add_header X-Frame-Options DENY;
add_header X-Content-Type-Options nosniff;
add_header Referrer-Policy "origin";

listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/www.mysite.nl/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/www.mysite.nl/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}

server {
if ($host = www.mysite.nl) {
return 301 https://$host$request_uri;
} # managed by Certbot

if ($host = mysite.nl) {
return 301 https://$host$request_uri;
} # managed by Certbot

server_name mysite.nl www.mysite.nl;
listen 80;
return 301 https://$host$request_uri; # managed by Certbot
}



So basically what I am asking is: How can I redirect anyone who is non-https and -or non-www to https://www.mysite.nl/{anything_that_should_be_here}



Edited 1 time(s). Last edit at 02/08/2021 01:19PM by ometecuthli.