NGINX does not redirect to HTTPS, how to fix it?

V

v0384492017-03-20 21:27:07

linux

v038449, 2017-03-20 21:27:07

The bottom line is that the first time you visit the eightrays.com site, you get to the http version, until you manually enter https ... and then it redirects to https even if you specify the

nginx config in the http line

user USSSERR;
worker_processes 3;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;

events {
        worker_connections 3072;
        multi_accept on;
}

http {


        #####################################
        add_header Strict-Transport-Security "max-age=31536000; includeSubdomains";

        ##
        # Basic Settings
        ##

        sendfile on;

tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 15;
types_hash_max_size 2048;
server_tokens off;
client_max_body_size 128m;

# server_names_hash_bucket_size 64;
# server_name_in_redirect off;

include /etc/nginx/mime.types;
default_type application/octet-stream;

##
# SSL Settings
##

ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;


        ##
        # Logging Settings
        ##

        access_log /var/log/nginx/access.log;
        error_log /var/log/nginx/error.log;

        ##
        # Gzip Settings
        ##

        gzip on;
        gzip_disable "msie6";

        # gzip_vary on;
        gzip_proxied any;
        gzip_comp_level 2;
        # gzip_buffers 16 8k;
        # gzip_http_version 1.1;
        gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;



        ##
        # Virtual Host Configs
        ##

        include /etc/nginx/conf.d/*.conf;
        include /etc/nginx/sites-enabled/*;


        server {
                listen 80 default_server;
                listen [::]:80 default_server;
                server_name _;
                return 444;
        }

}

site config

server {

        listen 80;
        listen [::]:80;
        server_name mysittte.com www.mysittte.com;

        listen 443 ssl http2;
        listen [::]:443 ssl http2;

        ssl_certificate /etc/letsencrypt/live/mysittte.com/fullchain.pem;
        ssl_certificate_key /etc/letsencrypt/live/mysittte.com/privkey.pem;


    access_log /home/USSSER/mysittte.com/logs/access.log;
    error_log /home/USSSER/mysittte.com/logs/error.log;

    root /home/USSSER/mysittte.com/public/;
    index index.php;

    location / {
        try_files $uri $uri/ /index.php?$args;
    }

    location ~ \.php$ {
        try_files $uri =404;
        fastcgi_split_path_info ^(.+\.php)(/.+)$;
        fastcgi_pass unix:/run/php/php7.1-fpm.sock;
        fastcgi_index index.php;
        include fastcgi_params;
    }
}

server {
    listen 80;
    listen [::]:80;
    server_name mysittte.com;

    return 301 https://$server_name$request_uri;
}

Reply

Answer the question

In order to leave comments, you need to log in

2 answer(s)

W

wostex, 2017-03-20
@v038449

and the last server block (where :80) add the www domain too,
and in the server https block remove the lines listen: 80

D

Dmitry Kulik, 2017-03-20
@lnkvisitor

you can also write in the main config

if ($scheme = http) {
    return 301 https://$host$request_uri;
}