Enable NGinx Webserver for HSTS and www redirect

August 8, 2018
Research
0 Comments
paris

You need to be listing on port 80 then redirect to https:// 443 , then after you can redirect non to www ( or the other way around ) for SEO

Default nginx.conf location is in /etc/nginx/

server {
#Listen on http first and redirect to https://
listen 80 default_server;
listen [::]:80 default_server;
server_name www.domain.com domain.com;
return 301 https://domain.com$request_uri;
}

server {
#Listen on HTTPS:// then redirect non www to www
listen 443 ssl;
server_name www.domain.com;
ssl_certificate /etc/pki/nginx/star2018.pem;
ssl_certificate_key /etc/pki/nginx/wildcard.key;
root /usr/share/nginx/html;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload";
# Set client body size to 10M.
client_max_body_size 10M;
if ($host = 'domain.com') {return 301 https://www.domain.com$request_uri;}
# Load configuration files for the default server block.
include /etc/nginx/default.d/*.conf;

location / {
        index index.php;
        try_files $uri /index.php$is_args$args;

}

error_page 404 /404.html;
    location = /40x.html {
}

error_page 500 502 503 504 /50x.html;
    location = /50x.html {
}
location ~ \.php$ {

        fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;

         fastcgi_index index.php;
         fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
         include fastcgi_params;


 }

After saving this you need to restart nginx

sudo service nginx restart

Then use : https://hstspreload.org to test

(No Ratings Yet)