How to Redirect HTTP to HTTPS and non-www to www on an Nginx Server
John on May 20, 2020
Redirecting traffic from HTTP to a secure version of your site (HTTPS) is important for a large number of reasons; primarily it is to stop third parties intercepting data between users and the server but it also carries other benefits such as making your site perform better in search engines.
Today we are going to take a look at how to redirect HTTP to HTTPS and non-www to www with Nginx. By the end of this tutorial, you will have secured all traffic on your site and set a single canonical version of your domain.
We will begin by connecting to the server using SSH in a terminal window. You do this by typing ssh followed by your username and the IP of the server:
ssh [email protected]
Enter your password when prompted and you will be logged into the server.
The second step is to open the site configuration file using nano. You will need to use sudo in order to edit the file as files under /etc are typically owned by root:
sudo nano /etc/nginx/sites-available/skillsugar.com
Next, we are going to redirect non-secure requests http (port 80) on www & non-www to https (port 443) www. We achieve this by creating a new server block which will listen on port 80 for requests from example.com and www.example.com. Then we will 301 redirect these requests to https while preserving the request_uri on the domain.
server {
listen 80;
server_name skillsugar.com www.skillsugar.com;
return 301 https://www.skillsugar.com$request_uri;
}
Then we will add another server block below which will listen for https requests that are non-www and redirect them to www while preserving the request_uri.
server {
listen 443 ssl;
server_name skillsugar.com;
return 301 https://www.skillsguar.com$request_uri;
}
The last server block will be your existing one. The here we need to make sure it is listening for ssl requests and the server_name is only looking for www requests to stop conflicting server name warnings from Nginx.
server {
listen 80;
listen [::]:80;
listen 443 ssl;
root /var/www/skillsugar.com/html/public/;
index index.php index.html index.htm index.nginx-debian.html;
server_name www.skillsugar.com;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/run/php/php7.2-fpm.sock;
}
}
Close and save the file by pressing control + x (ctrl + x on Windows) then pressing y and enter to confirm you want to save the changes.
Test the Nginx Configuration and Apply Changes
The next step is to test the Nginx configuration. We do this to look for any errors before publishing the changes live.
sudo nginx -t
If there are no issues you will get the following message confirming the syntax is ok and the test has been a success. If you get any errors review them and make any corrections by opening the configuration file again and re-running the Nginx test command. Warnings will not break anything but you may want to address them as good practice.
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
To publish the changes reload Nginx by typing the following command.
sudo systemctl reload nginx
To see the changes reload your website. You should see that it is now redirecting all traffic to HTTPS and www.
Here is what your complete Nginx configuration file should look like:
server {
listen 80;
server_name skillsugar.com www.skillsugar.com;
return 301 https://www.skillsugar.com$request_uri;
}
server {
listen 443 ssl;
server_name skillsugar.com;
return 301 https://www.skillsguar.com$request_uri;
}
server {
listen 80;
listen [::]:80;
listen 443 ssl;
root /var/www/skillsugar.com/html/public/;
index index.php index.html index.htm index.nginx-debian.html;
server_name www.skillsugar.com;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/run/php/php7.2-fpm.sock;
}
}
