Join Log in
Score:1
BenJ avatar Server

Nginx won't serve for anything but www.myserver.org

gr flag
BenJ

According to the nginx documentation, the server block below should work for both https://joycegroup.org and https://www.joycegroup.org

server {

listen 443 ssl;

ssl_certificate /etc/ssl/certs/joycegroup_org_chain.crt;

ssl_certificate_key /etc/ssl/private/joycegroup_org.key;

root /var/www/joycegroup_org/;

server_name joycegroup.org www.joycegroup.org;

location / {
index index.html index.htm index.html index.php;
}

}

It works for https://www.joycegroup.org, not https://joycegroup.org. What am I doing wrong?

Eventually I will also want to redirect http to https as well, but I'm trying to figure out this problem first.

I'm so sorry for the basic nature of this question. I've been hitting my head against a wall for hours.

66
2 + 2
FastEthernet avatar
cn flag
FastEthernet
Do you have a DNS record for joycegroup.org (without www) pointing to the server?
0
Reply
jabbson avatar
sb flag
jabbson
When you are saying it doesn't work, what do you mean? What happens when you try accessing it?
1
Reply
Score:3
A. Darwin avatar Server
my flag
A. Darwin

www.joycegroup.org by itself does not mean joycegroup.org (without www) is a valid DNS record.

Note that you can’t setup a CNAME record for the root of a domain (Why can't a CNAME record be used at the apex (aka root) of a domain?), so you need an A record.

You can show it is a DNS resolution issue in various ways, such as curl https://joycegroup.org. If it shows curl: (6) Could not resolve host: joycegroup.com; Name or service not known, its' a DNS issue.

You can further confirm it's a DNS issue related to the difference between the two records by running nslookup or host or dig in both cases and comparing the output.

Some examples:

  • host (Linux):
$ host <record with www>

<record with www> has address 192.168.1.10


$ host <record without www>

<no output is shown>
  • nslookup (Linux):
$ nslookup <record without www>
Server:         <dns server ip>
Address:        <dns server ip>#53

*** Can't find <record without www>: No answer


$ nslookup <record with www>

Server:         <dns server ip>
Address:        <dns server ip>#53

Name:   <record with www>
Address: 192.168.1.10
  • nslookup (Windows):
C:\Users\myuser> nslookup <record without www>

Server:  <dns server>
Address:  <dns server ip>

Name:    <record without www>

Note that no IP address is shown. It returns something because every zone has its own record, although it is not an A record (associated to an IP address) but a SOA record.

On the other hand, if you query an A record that actually exists, you get the classic reply:

C:\Users\myuser>nslookup <record with www>

Server:  <dns server>
Address:  <dns server ip>

Name:    <record with www>
Address:  192.168.1.10
+ 3
Lex Li avatar
vn flag
Lex Li
While this is already a great answer, you might attach some evidence, such as `curl: (6) Could not resolve host: joycegroup.org` for the command `curl https://joycegroup.org`. Then every reader knows clearly how you analyzed.
0
Reply
A. Darwin avatar
my flag
A. Darwin
@LexLi you're right. I added some troubleshooting steps.
0
Reply
BenJ avatar
gr flag
BenJ
Thank you so much. I misunderstood the use of the wildcard A record. I thought it would also catch the root domain. Thanks again, your answer is excellent.
0
Reply
Score:0
C-nan avatar Server
sa flag
C-nan

As answered by A. Darwin, you do not have a DNS record set for joycegroup.org:

c-nan@mba-c-nan ~ % dig www.joycegroup.org A +short  
50.116.60.151
c-nan@mba-c-nan ~ % dig joycegroup.org A +short    
c-nan@mba-c-nan ~ %

You should add the following DNS A Record

joycegroup.org  IN  A   50.116.60.151

at your DNS provider:

c-nan@mba-c-nan ~ % dig joycegroup.org NS +short
dns1.registrar-servers.com.
dns2.registrar-servers.com.
c-nan@mba-c-nan ~ %

If you want to redirect ALL http traffic to https you can configure the following:

server {
    listen 80 default_server;
    server_name _;
    return 301 https://$host$request_uri;
}

To be specific for a domain you could use:

server {
    listen 80;
    server_name www.joycegroup.com joycegroup.com;
    return 301 https://joycegroup.com$request_uri;
}
+ 1
BenJ avatar
gr flag
BenJ
Thank you very much. I really appreciate the help.
0
Reply
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.