0

My site is up and running and can be found on the Internet by typing [domain].com address in the browser.

When I try to access it using www.[domain].com, it return an error (not found).

I'm using Route 53 as a DNS Server with the following configuration:

enter image description here

(Addresses, IP's and tokens are not real)

At my server I have the following configuration (NGINX):

server {
      listen 80 default_server;
    
      root /var/www/domain;
      index index.html index.htm;      
    
      location /api {
            proxy_redirect          http://localhost:3001/  /api;
            proxy_pass_header       Server;
            proxy_set_header        X-Real-IP $remote_addr;
            proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header        X-Scheme $scheme;
            proxy_set_header        Host $http_host;
            proxy_set_header        X-NginX-Proxy true;
            proxy_connect_timeout   5;
            proxy_read_timeout      240;
            proxy_intercept_errors  on;
    
            proxy_pass              http://localhost:3001;
        }
    
        location /graphql {
            proxy_redirect          http://localhost:3001/  /graphql;
            proxy_pass_header       Server;
            proxy_set_header        X-Real-IP $remote_addr;
            proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header        X-Scheme $scheme;
            proxy_set_header        Host $http_host;
            proxy_set_header        X-NginX-Proxy true;
            proxy_connect_timeout   5;
            proxy_read_timeout      240;
            proxy_intercept_errors  on;
    
            proxy_pass              http://localhost:3001;
       }
    
      # Root route
      location = / {
        try_files $uri /app/index.html;
      }
    
      # Any other route default to landing
      location / {
        try_files $uri $uri/ /app/index.html;
      }
    }

I need to make my site working for both [domain].com and www.[domain].com, as well as showing the correct name www.[domain].com/page in the browser does not matter how it was accessed.

Help appreciated.

Mendes
  • 121
  • 7
  • Please give the actual domain so we can take a look. – ceejayoz Feb 11 '22 at 14:36
  • In many cases mentioning the actual domain name is essential for the community to be able to help diagnose DNS issues. This may be one too. Please refer to [this Q&A](http://meta.serverfault.com/q/963/37681) for our recommendations with regards to when, how and what (not) to obfuscate in your questions. - If you recently made changes in DNS records, note that old records, as well as errors, can be cached by your local resolvers. You may simply need to wait for them to expire. - Also see my web server testing approach here: https://serverfault.com/q/1092950/546643 – Bob Feb 11 '22 at 15:02
  • 1
    Sorry. Domain is quadfloor.com – Mendes Feb 11 '22 at 15:06

1 Answers1

1

For me both your bare domain as well as the www domain resolve to the same and apparently correct IP-address: 3.221.4.90

That IP-address is different from what you show in your screenshot.

Both web sites redirect from plain HTTP to HTTPS.

But a HTTPS connection to www results in an error message:

curl -vv https://www.quadfloor.com/

* About to connect() to www.quadfloor.com port 443 (#0)
*   Trying 3.221.4.90...
* Connected to www.quadfloor.com (3.221.4.90) port 443 (#0)
* Initializing NSS with certpath: sql:/etc/pki/nssdb
*   CAfile: /etc/pki/tls/certs/ca-bundle.crt
  CApath: none
* Server certificate:
*   subject: CN=quadfloor.com                                 
*   start date: Feb 01 16:54:41 2022 GMT
*   expire date: May 02 16:54:40 2022 GMT
*   common name: quadfloor.com
*   issuer: CN=R3,O=Let's Encrypt,C=US
* NSS error -12276 (SSL_ERROR_BAD_CERT_DOMAIN)
* Unable to communicate securely with peer: requested domain name does not match the server's certificate.
* Closing connection 0
curl: (51) Unable to communicate securely with peer: requested domain name does not match the server's certificate.

Your TLS certificate appears to be only valid for quadfloor.com and not for www.quadfloor.com.

Suggestion: use the certbot --expand option to add www.quadfloor.com to your current certificate.

Additionally, you may need to take a look at your WordPress settings, when I use the curl -k option to ignore certificate errors, I also see a bunch of href="http://3.221.4.90/wp-content/plugins/elementor/... which contains your IP-address rather than website domain name and also mixing https with http content is a bad idea. And I also see links to href="https://3.221.4.90/ and you probably don't have a TLS certificate for a bare IP-address either.

Bob
  • 5,335
  • 5
  • 24
  • Thanks Bob for your help and feedback! What can be causing WordPress to return IP instead of the domain name? – Mendes Feb 18 '22 at 13:32