Happy 2023 to all on this list.
Using nginx (1.18.0 on Ubuntu 20.04.5) as proxy to back-end, I have
three sites (a|b|c.example.com) in a fast, reliable production
environment. I have DNS records set up for www.a|b|c.example.com. I
have CertBot set up for only a|b|c.example.com.
To avoid "doubling" the number of sites-available and security scripts,
and to avoid the unnecessary "www." I would like to add something like:
server {
server_name www.a.example.com;
return 301 $scheme://a.example.com$request_uri;
}
but I have tried this in several places, www.a.example.com works, but
does not remove the www prefix, and fails any browser's security checks
(nginx -t is "ok").
Where, in the following config, is the most elegant place to put such a
"return" line? Maybe I'm missing something fundamental?
server {
listen 443 ssl;
[ ... # 4 lines managed by Certbot ... ]
server_name a.example.com; # Note: or b.example.com, or
c.example.com
[ ... logging ... ]
proxy_buffering off;
if ($request_method !~ ^(GET|HEAD|POST)$) {
return 444;
}
location / {
proxy_pass http://192.168.x.y:port;
proxy_set_header Host $host;
proxy_http_version 1.1;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
server {
if ($host = a.example.com) { # Note: or b.example.com, or
c.example.com
return 301 https://$host$request_uri;
}
listen 80;
server_name a.example.com; # Note: or b.example.com, or
c.example.com
rewrite ^ https://$host$request_uri? permanent;
}
Many thanks -- Paul
\\\||//
(@ @)
ooO_(_)_Ooo__________________________________
|______|_____|_____|_____|_____|_____|_____|_____|
|___|____|_____|_____|_____|_____|_____|_____|____|
|_____|_____| mailto:paul@stormy.ca _|____|____|
_______________________________________________
nginx mailing list
nginx@nginx.org
https://mailman.nginx.org/mailman/listinfo/nginx