Certbot: nginx config modification uses 301 and not 308

Mumonkan · February 27, 2021, 2:51am

i think it is a potential bug that cerbot will modify nginx configuration files with a 301 for the redirect from http to https, as in this example:

if ($host = foo.example.org) {
        return 301 https://$host$request_uri;
} # managed by Certbot

i feel as though a 308 would be better suited for this, as a 301 will lose the body of a POST when it redirects. this was causing a problem on our server as this (automatically placed) 301 block superceded the 308 we had in place to handle POST bodies.

schoen · February 27, 2021, 3:11am

Hi @Mumonkan,

It might be better to post this on

if you can, although we can also ask the Certbot developers to comment on this here if you would prefer.

_az · February 27, 2021, 3:17am

There's some prior history on this matter:

system · March 29, 2021, 3:17am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Certbot 0.21.1 Release Client dev	1	1953	February 25, 2018
Certbot does not follow 308 redirects Help	8	2012	July 14, 2019
Duplicate [unused] 301 redirect block in initial NGINX config Client dev	4	1205	November 19, 2017
Nginx certbot and redirect http Help	3	683	September 25, 2019
Security issue with redirects added by Certbot's Nginx plugin Client dev	1	5297	February 25, 2018

Certbot: nginx config modification uses 301 and not 308

Related topics