I'm trying to redirect all www to non-www domain address. I have installed my LetsEncrypt SSL for non-www domain. non-www domains are working fine. I have configured www to non-www redirection on my Nginx running on Ubuntu server. I have encountered a strange problem. On Windows Firefox and Mac Safari browser, http://www.examplesite.com Code (markup): will redirect to https www.examplesite.com Code (markup): and it says it's a suspicious domain and I need to add exception to proceed. It looks like these two browsers are looking for SSL certificate for www.examplesite.com Code (markup): instead of examplesite.com Code (markup): When I click on add exception and access https://www.examplesite.com Code (markup): , I get 400 bad request page from Nginx. This problem doesn't happen on Chrome, Opera, Edge browsers. Only the two browsers get the redirection bug. What should I do to fix the bug on Safari and Windows Firefox? The domain is from Godaddy. It looks like Android Firefox and Chrome browsers don't experience this bug either. Here are my Nginx configs: /etc/nginx/conf.d/redirect.conf server { server_name www.examplesite.com; rewrite ^/(.*)$ https://examplesite.com/$1 permanent; } Code (markup): /etc/nginx/sites-available/examplesite server { server_name xxx.xx.xxx.xxx examplesite.com www.examplesite.com; location = /favicon.ico { access_log off; log_not_found off; } location /static/ { root /home/ubuntu/examplesite; } location / { include proxy_params; proxy_pass http://unix:/run/gunicorn.sock; } listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/examplesite.com/fullchain.pem; # man> ssl_certificate_key /etc/letsencrypt/live/examplesite.com/privkey.pem; # m> include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } server { if ($host = examplesite.com) { return 301 https://$host$request_uri; } # managed by Certbot if ($host = www.examplesite.com) { return 301 https://examplesite.com$request_uri; } listen 80; server_name xxx.xx.xxx.xxx examplesite.com www.examplesite.com; return 404; # managed by Certbot } Code (markup):
1- Create a server block for examplesite.com with a 301 redirect to the non-www version. You should configure Nginx to handle requests to examplesite.com and direct them to examplesite.com. 2- Prevent users from accessing examplesite.com in the first place. This can be achieved by explicitly handling HTTPS requests for the www domain and issuing a redirection to the non-www domain. 3- Update your /etc/nginx/sites-available/examplesite configuration file as follows: Redirect all www requests to non-www server { listen 80; server_name www.examplesite.com; return 301 http://examplesite.com$request_uri; } server { listen 443 ssl; server_name www.examplesite.com; ssl_certificate /etc/letsencrypt/live/examplesite.com/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/examplesite.com/privkey.pem; return 301 https://examplesite.com$request_uri; } server { listen 80; server_name examplesite.com; return 301 https://$host$request_uri; } server { listen 443 ssl; server_name examplesite.com; ssl_certificate /etc/letsencrypt/live/examplesite.com/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/examplesite.com/privkey.pem; location = /favicon.ico { access_log off; log_not_found off; } location /static/ { root /home/ubuntu/examplesite; } location / { include proxy_params; proxy_pass http://unix:/run/gunicorn.sock; } } Code (markup):