Resolved Combine www- and http-redirects on nginx

[lola]

Hi there,

actually I use PHP7 with FPM@nginx for my website which uses ssl (https). For this, I use the following code in the nginx section:

if ($scheme = http) {
return 301 https://$server_name$request_uri;
}

In the hosting configuration of my abo I set the preferred domain as "www", so I get four redirects (says google pagespeed insights): it's

> http://domain.de to http://www.domain
> http://domain.de to https://domain.de
> http://domain.de to https://www.domain.de
> http://www.domain.de to https://www.domain.de

But this is bad and gives low score on pagespeed insights. So I have to change it. For I'm not so the expert of nginx-Code... can anybody please help me? How should I change the code for the following effect:

> http://domain.de to https://www.domain.de
> http://www.domain.de to https://www.domain.de
> https://domain.de to https://www.domain.de

So, all request should be transfered to an https-output.


greets,
lola

 

[Bitpalast]

Your additional redirects might not be caused by Nginx but by the host preference settings. Have you set Plesk to prefer the www.-domain over the domain (without www)? See the host settings of the subscription in question for that.

 

[lola]

Hi Peter,

Your additional redirects might not be caused by Nginx but by the host preference settings. Have you set Plesk to prefer the www.-domain over the domain (without www)? See the host settings of the subscription in question for that.

like I said - I did it - in the hosting settings. So my idea was to clean the hosting settings (to "no prefered domain") and put this redirect into the nginx command. Exactly this is my problem. How can I combine both - the non-www to www redirect and the non-htttps to https redirect in ONE nginx command? Can you give me a code example for this?

 

[Bitpalast]

I don't have a "ready to go" solution for this, but this is what you need to do if you want to do it in Nginx:

You need to split your command into several parts as described in http://rosslawley.co.uk/archive/old/2010/01/04/nginx-how-to-multiple-if-statements/ . First determine whether the scheme is http or https (set a variable with the result). Then, in a second if-statement, determine whether your $server_name starts with www. or not. Update the variable you have set in step 1. And then, in step 3, you can redirect to the appropriate target url, depending on the content of the variable you have set in steps (1) and (2). You may need more if-blocks for the case distinction of http/https && non-www/www, because in the evaluation (3) you can only check exactly one case, e.g. "if the request is https://www.", in a further evaluation step "if the request is http://www", in a further evaluation step "if the request is https://" and so on.

 

[lola]

Hm... okay. I think I understood the system you mean. So I tried the following:

if ($server_name = mydomain.de) { set $domain www.mydomain.de; }
if ($server_name = www.mydomain.de) { set $domain www.mydomain.de; }
if ($scheme = http) { return 301 https://$domain$request_uri; }

Pro: It works - in the browser.
Contra: It works not for Google (Pagespeed Insights) :-(

I don't know why Google doesn't interpret the rules above. I guess that Google will not index my domain correctly. What do you think?

 

[Bitpalast]

This looks good to me. Have you restarted Nginx after the changes?

Have you tried the pingdom speedtest? It will show redirects in the result. You can use that to identify the number of redirects a request is causing - simply to make sure that it is *really* redirecting several times.

Could your redirects maybe caused by Apache? If you are using Nginx and Apache, a request to an index.php page might not be processed by Nginx but passed directly to Apache, so that another configuration might cause additional redirects.

 

[lola]

Hm... thanks for the pingdom tip. It's...
pingdom shows me already two redirects. It seems, that the first request is "http://mydomain.de" and then - after the redirect rule - the new one "https://www.mydomain.de". I hoped, that the nginx rules would take it in ONE request. But pingdom says, my server made a second request after the original one. So my solution is not soo good, I guess.

This is pingdom:

Remove the following redirect chain if possible:

• http://mydomain.de/
• https://www.mydomain.de/

The question is, how can I make "one" request - inclusive - redirect!?
NGINX can not handle nested if-segments. If I code several if-segments - one after the next - I guess NGINX will work on it in a row, right? Maybe this is the point why I get two requests...

 

[Bitpalast]

It is perfectly correct to have two requests. The first request comes in and Nginx returns the 301 to the browser, then the browser requests the final URL. There is no way to avoid that, it's the normal course of action. As long as you are only seeing one redirect (the one going from the first to the second URL), everything is fine. No harm for Google ranking either. It's a 301, and Google likes https:// connections.

 

[lola]

BUT: Google Pagespeed Insights will not interpret this redirect to https! If I put in the URL "http://mydomain.de" in the Google Pagespeed Insights form field, Google doesn't interpret the needed redirect to "https://mydomain.de". That's the problem.

And: If it's okay, as you said, why I get a red warning on pingdom?

 

[Bitpalast]

You get the warning, because every redirect costs time, and the speed test informs you about everything that costs time. But that redirect roundtrip is very normal and applies to all websites. If you redirect visitors, you will cause extra roundtrips of data packages. It is not possible to avoid that. You are asking to receive an http:// request and want your webserver to respond with https://, but that is technically impossible. What your webserver does: It sends the browser the redirect information where the browser should look for the requested resource. Then the browser sends the second request to the new URL it got from the 301 redirect. That is perfectly o.k. There is nothing you can change about it, and there is no need to change that behavior.

So if you see that one redirect from your non-SSL to your SSL address, that is what you want to have. There is no better way to do it.

When Google knows the SSL version of your domain, it will prefer that version of the non-SSL version in search engines. So your Google Pagespeed Insights test for the http:// version is irrelevant, because Google won't care about the non-SSL version any longer when it has the same page as an SSL version.

 

[lola]

Okay... I think... I'll believe you. Thanks again.

 

[lola]

I'm back again.

I don't know why, but since a few days, my redirection doesn't work anymore. When I open the website in my browser, it shows: "redirect error" and "The called website redirects the request so that it can never be terminated."

I used the following code in the nginx extension area:

listen 80;
listen 443 ssl;
if ($server_name = mydomain.de) { set $domain www.mydomain.de; }
if ($server_name = www.mydomain.de) { set $domain www.mydomain.de; }
return 301 https://$domain$request_uri;

I really do not understand this... it worked, when I wrote my posting above...
I think I should add an option that checks wheter the request is a https-request or not. Maybe, my redirection code is trying to redirect the https-request to a https-request. If so, this would be crazy. Then I could understand the error message...

But the problem is, I can not nest multiple nginx commands... What can I do?

Any ideas, please?

 

[lola]

I found my solution. Hm.. it's so easy:

if ($server_name = mydomain.de) { set $domain https://www.mydomain.de; }
if ($scheme = http) { return 301 $domain$request_uri; }

That it is! So I redirect non-www to www-request AND deliver it as https!
The problem was, that I get everytime a redirect error - and this was for http to https redirect and non-www to www-redirect. I didn't know, that plesk automatically uses non-www and www-requests to fill the server_name variable. In that case, of course, I can not perform two queries.

 

[larryk]

Hello...

from google point of view ---
I'm pretty sure google wants EVERYTHING to be https.
its safer, better for end users.

similar to FB, they want everything to be https.

So to prevent using redirects, start out with everything https.
FYI. you can tell google via WMT, what your domain should be (as in set a preference)

 

[lola]

from google point of view ---
I'm pretty sure google wants EVERYTHING to be https.
its safer, better for end users.

similar to FB, they want everything to be https.

So to prevent using redirects, start out with everything https.
FYI. you can tell google via WMT, what your domain should be (as in set a preference)

Basically, you're right. I WANT to have all requests as https. But what about a user that type in "mydomain.de"? If I do not redirect him to "https://www.mydomain.de" he could not see my website, right? At this point, WMT will not help.

And: I want avoid, that a user links to "http://mydomain.de" (without www), so I have to redirect automatically every non-www request to www-request, right?

However... my solution, I wrote above, works fine. For google too.