Acessing my site using www is not working using AWS Route 53 and NGINX

Question

My site is up and running and can be found on the Internet by typing [domain].com address in the browser.

When I try to access it using www.[domain].com, it return an error (not found).

I'm using Route 53 as a DNS Server with the following configuration:

(Addresses, IP's and tokens are not real)

At my server I have the following configuration (NGINX):

server {
      listen 80 default_server;
    
      root /var/www/domain;
      index index.html index.htm;      
    
      location /api {
            proxy_redirect          http://localhost:3001/  /api;
            proxy_pass_header       Server;
            proxy_set_header        X-Real-IP $remote_addr;
            proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header        X-Scheme $scheme;
            proxy_set_header        Host $http_host;
            proxy_set_header        X-NginX-Proxy true;
            proxy_connect_timeout   5;
            proxy_read_timeout      240;
            proxy_intercept_errors  on;
    
            proxy_pass              http://localhost:3001;
        }
    
        location /graphql {
            proxy_redirect          http://localhost:3001/  /graphql;
            proxy_pass_header       Server;
            proxy_set_header        X-Real-IP $remote_addr;
            proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header        X-Scheme $scheme;
            proxy_set_header        Host $http_host;
            proxy_set_header        X-NginX-Proxy true;
            proxy_connect_timeout   5;
            proxy_read_timeout      240;
            proxy_intercept_errors  on;
    
            proxy_pass              http://localhost:3001;
       }
    
      # Root route
      location = / {
        try_files $uri /app/index.html;
      }
    
      # Any other route default to landing
      location / {
        try_files $uri $uri/ /app/index.html;
      }
    }

I need to make my site working for both [domain].com and www.[domain].com, as well as showing the correct name www.[domain].com/page in the browser does not matter how it was accessed.

Help appreciated.

Answer 1

For me both your bare domain as well as the www domain resolve to the same and apparently correct IP-address: 3.221.4.90

That IP-address is different from what you show in your screenshot.

Both web sites redirect from plain HTTP to HTTPS.

But a HTTPS connection to www results in an error message:

curl -vv https://www.quadfloor.com/

* About to connect() to www.quadfloor.com port 443 (#0)
*   Trying 3.221.4.90...
* Connected to www.quadfloor.com (3.221.4.90) port 443 (#0)
* Initializing NSS with certpath: sql:/etc/pki/nssdb
*   CAfile: /etc/pki/tls/certs/ca-bundle.crt
  CApath: none
* Server certificate:
*   subject: CN=quadfloor.com                                 
*   start date: Feb 01 16:54:41 2022 GMT
*   expire date: May 02 16:54:40 2022 GMT
*   common name: quadfloor.com
*   issuer: CN=R3,O=Let's Encrypt,C=US
* NSS error -12276 (SSL_ERROR_BAD_CERT_DOMAIN)
* Unable to communicate securely with peer: requested domain name does not match the server's certificate.
* Closing connection 0
curl: (51) Unable to communicate securely with peer: requested domain name does not match the server's certificate.

Your TLS certificate appears to be only valid for quadfloor.com and not for www.quadfloor.com.

Suggestion: use the certbot --expand option to add www.quadfloor.com to your current certificate.

Additionally, you may need to take a look at your WordPress settings, when I use the curl -k option to ignore certificate errors, I also see a bunch of href="http://3.221.4.90/wp-content/plugins/elementor/... which contains your IP-address rather than website domain name and also mixing https with http content is a bad idea. And I also see links to href="https://3.221.4.90/ and you probably don't have a TLS certificate for a bare IP-address either.