I have no problem when accessing the domain without www.

This is my config file:

server {

listen 443 ssl;
server_name .terralmarket.es;
proxy_set_header Host $http_host;
ssl_certificate /etc/letsencrypt/live/terralmarket.es/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/terralmarket.es/privkey.pem;

ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_dhparam /etc/ssl/certs/dhparam.pem;
ssl_session_timeout 1d;
ssl_session_cache shared:SSL:50m;
add_header Strict-Transport-Security max-age=15768000;

location /static {
    autoindex on;
    alias /home/terralmarket/static;

location /media {
    autoindex on;
    alias /home/terralmarket/media;

location / {
        proxy_pass http://localhost:8003/;


server {
    listen 80;
    server_name .terralmarket.es;
    return 301 https://$server_name$request_uri;

Any clue what am I doing wrong ? I have also tried with server_name separated by domain.

  • I don't see any problems with your site. What exactly is the problem you are having? – Michael Hampton Feb 09 '17 at 21:11
  • The www subdomain isn't working (400 error), I suspect because you haven't told Nginx what to do. The dot might mean "all domains", and in this case the problem would be what's behind the proxy_pass. I'd remove the . after "server_name", create a location block for the "www" subdomain, and forward it to the root domain (or vice versa). You don't want to serve the same content on the www subdomain as it affects SEO, and there's no benefit to it. – Tim Feb 09 '17 at 21:48
  • Don't know if it is as @Tim told, but I've resolved by creating a new server block with: `server { listen 443 ssl; server_name www.terralmarket.es; return 301 https://terralmarket.es$request_uri; }` I think it is a really ugly patch. Is it the best way to resolve it ? – danieltellez Feb 10 '17 at 12:54
  • That's not ugly, that's exactly how it's meant to work under Nginx. Good that you solved it yourself :) – Tim Feb 10 '17 at 18:50
  • Please post that comment as an answer and mark it as resolved. – 030 Feb 22 '17 at 08:48
  • @danieltellez Sorry I thought that your comment of 10th feb was the answer – 030 Feb 22 '17 at 09:46

1 Answers1


As you've discovered you need different location blocks for Nginx for forwarding to your root domain. You've identified one, here's the other. Between them they forward everything to the http://example.com domain, but you can tweak them any way you like

# Main server
server {
  listen 443 ssl http2;
  server_name example.com;
  # etc, locations, etc

# Forward non-www requests to www
server {
  listen       80;
  server_name  example.com www.example.com;
  access_log  /var/log/nginx/access.log main buffer=128k flush=1m if=$log_ua;
  return       301 https://www.example.com$request_uri;

# Forward https://www.example.com to https://example.com
server {
  listen 443 ssl http2;
  server_name www.example.com;

  ssl_certificate /var/lib/acme/certs/***CERT_DIRECTORY/fullchain;
  ssl_certificate_key /var/lib/acme/certs/***CERT_DIRECTORY/privkey;

  # Set up preferred protocols and ciphers. TLS1.2 is required for HTTP/2
  ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
  ssl_prefer_server_ciphers on;

  access_log  /var/log/nginx/access.log main buffer=128k flush=1m if=$log_ua;

  return 301 https://www.example.com$request_uri;
