Nginx server block not redirecting http to https

Help
1

Hello! I am running two sites from a single DigitalOcean droplet using Nginx. One site is working fine. The other is not redirecting http to https. I used Certbot on both and chose the option to redirect http to https for both but the server code looks different. I have tried a few changes based on the code in the working server but nothing has solved the issue.

The working site is screamingfemalestourarchive.com/ and the one that is not redirecting is gardenpartyfest.com/. The server blocks are below.

# gardenpartyfest.com
server {
   listen 8080;
   listen [::]:8080;

   server_name gardenpartyfest.com www.gardenpartyfest.com

   root /var/www/fest/html;
   index index.html;

   location / {
       try_files $uri $uri/ =404;
   }

   listen [::]:443 ssl; # managed by Certbot
   listen 443 ssl; # managed by Certbot
   ssl_certificate /etc/letsencrypt/...; # managed by Certbot
   ssl_certificate_key /etc/letsencrypt/...; # managed by Certbot
   include /etc/letsencrypt/...; # managed by Certbot
   ssl_dhparam /etc/letsencrypt/...; # managed by Certbot
}

# screamingfemalestourarchive.com
server {
   root /var/www/html;

   index index.html index.htm index.nginx-debian.html;
 
   server_name screamingfemalestourarchive.com www.screamingfemalestourarchive.com;

   location / {
       proxy_pass http://localhost:3001;
       proxy_http_version 1.1;
       proxy_set_header Upgrade $http_upgrade;
       proxy_set_header Connection 'upgrade';
       proxy_set_header Host $host;
       proxy_cache_bypass $http_upgrade;
     }

   listen [::]:443 ssl ...; # managed by Certbot
   listen 443 ssl; # managed by Certbot
   ssl_certificate /etc/letsencrypt/...; # managed by Certbot
   ssl_certificate_key /etc/letsencrypt/...; # managed by Certbot
   include /etc/letsencrypt/...; # managed by Certbot
   ssl_dhparam /etc/letsencrypt/...; # managed by Certbot
}

server {
   if ($host = www.screamingfemalestourarchive.com) {
       return 301 https://$host$request_uri;
   } # managed by Certbot

   if ($host = screamingfemalestourarchive.com) {
      return 301 https://$host$request_uri;
   } # managed by Certbot

   listen 80 default_server;
   listen [::]:80 default_server;

   server_name screamingfemalestourarchive.com www.screamingfemalestourarchive.com;
   return 404; # managed by Cerbot
}
2

Hello @JarrettD5309, welcome to the Let's Encrypt community. :slightly_smiling_face:

Using this online tool https://www.redirect-checker.org/ I am seeing the same type of redirection for both domains. Can you supply more details to the issue you observe?

image
image705×939 53.1 KB

image
image690×988 52.7 KB

image
image663×914 46.1 KB

image
image629×892 44.3 KB

image
image657×945 49.3 KB

image
image656×934 49 KB

image
image638×892 44.2 KB

image
image648×890 44.3 KB

1 Like
3

Hey @Bruce5051 ! I just made a change that is fixing the issue but I honestly am unsure why! The fix that worked was to add the following in the server file that includes the information for screamingfemalestourarchive.com.

if ($host = www.screamingfemalestourarchive.com) {
       return 301 https://$host$request_uri;
   } # managed by Certbot

   if ($host = screamingfemalestourarchive.com) {
      return 301 https://$host$request_uri;
   } # managed by Certbot

if ($host = www.gardenpartyfest.com) {
       return 301 https://$host$request_uri;
   } # managed by Certbot

   if ($host = gardenpartyfest.com) {
      return 301 https://$host$request_uri;
   } # managed by Certbot

Any idea why the screamingfemalestourarchive.com file was jumping in the way and serving the 404 page? Is there a way to include the code to redirect in the gardenpartyfest.com file instead to keep the logic separated?

4

Your server block for gardenpartyfest had a listen for port 8080 (and 443)

Your server block for screamingfemalestour was port 80 (standard HTTP) only

So, all HTTP requests went to your port 80 server block. Since you had just one HTTP block it became the default for all requests.

You would be better off changing gardenpartyfest to have a server block just for port 80 and use the existing one as your port 443 server. But, that's up to you.

4 Likes
5

@MikeMcQ Can you explain what you mean by "...and use the existing one as your port 443 server"? I'm not sure what the port 443 server is doing exactly. Thanks for your help!

1 Like
6

Port 443 is for HTTPS so handles those requests. Port 80 is for HTTP requests.

I was referring to the above server block. Note it has a listen clause for 8080 and two listen's for 443 (one for IPv4 and one for IPv6). 8080 is a non-standard port which can be used but you don't seem to be here. The server_name and listen port is how nginx selects which server block processes which request. A request whose name matches the server_name and arrives on that port gets done by that server block. There are more complicated options but this is most basic (see nginx.org docs).

I was suggesting remove the listen for port 8080 which leaves it only listening on port 443 so it becomes your HTTPS server block for that domain.

Then, setup an HTTP (port 80) server block for gardenpartyfest. There are various ways but the clearest is to make a new server block modeled on your one for screaming. This would then handle redirects for this domain from http to https.

Each domain then has two server blocks one for HTTP and one for HTTPS.

5 Likes
7

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.