3

I'm not sure if the subject is resuming correctly my question but I'll try to explain it.

I have the configuration below in my server, this server has 2 vhosts: example.com and meudomain.com

The first vhost needs to listen on 8080 (https) and as you can see I'm using a redirect from http > https 8080. The second one is listening on 80.

My problem is that if a user type https in the address bar instead of http it calls the second vhost.

How can redirect the https://example.com to https://example.com:8080 instead of http://meudomain.com when a user type https in the address bar?

server {
    listen 80;
    server_name example.com;
    location '/.well-known/acme-challenge/' {
        autoindex on;
        root /var/www/certbot;
    }

    location / {
        if ($scheme = http) {
            return 301 https://example.com:8080;
        }
   }
}

server {
    listen 8080 default ssl;
    server_name example.com;
    ssl_certificate /etc/letsencrypt/live/example.com;/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; # managed by Certbot

    # logs
    error_log /var/log/nginx/example.com_error.log error;
    access_log /var/log/nginx/example.com_access.log;

    location / {
        index  index.html index.htm;
        autoindex on;
        proxy_pass http://internalserver:8080;
        auth_basic      "Restricted area";
        auth_basic_user_file /srv/example.com/.htpasswd;
        client_body_temp_path /tmp 1 2;
        client_body_buffer_size 256k;
        client_body_in_file_only off;
    }
}
c4rl
  • 33
  • 1
  • 1
  • 3

2 Answers2

3

Just add this server block to redirect all https://example.com to https://example.com:8080

server {
        listen 443 ssl;
        ssl_certificate /etc/letsencrypt/live/example.com;/fullchain.pem; # managed by Certbot
        ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; # managed by Certbot
        return 301 https://example.com:8080$request_uri;
}
Daniel Gordi
  • 264
  • 1
  • 6
1

Remember that when the user simply types https://example.com into the address bar, the default SSL port is assumed by the browser (port 443). You're not actually handling that port in your config, you'll have to redirect from a server listening on that port. How you can do that here: How to run nginx SSL on non-standard port