<div dir="ltr"><div class="gmail_default" style="font-size:small;color:rgb(51,51,153)">You have a duplicate listen directive with same IP address and same port in both server blocks.<br></div><div class="gmail_default" style="font-size:small;color:rgb(51,51,153)">I doubt that is a valid configuration. Have you checked nginx -t and error logs on reload/start?<br><br></div><div class="gmail_default" style="font-size:small;color:rgb(51,51,153)">I suggest you have a server block listening for HTTP on port 80 and another block reponsible for HTTPS traffic listening on 443, and then redirecting the HTTP block to the HTTPS one.<br></div><div class="gmail_extra"><div><div class="gmail_signature"><font size="1"><span style="color:rgb(102,102,102)">---<br></span><b><span style="color:rgb(102,102,102)">B. R.</span></b><span style="color:rgb(102,102,102)"></span></font></div></div>
<br><div class="gmail_quote">On Fri, Mar 20, 2015 at 7:01 PM, David Benfell <span dir="ltr"><<a href="mailto:benfell@mail.parts-unknown.org" target="_blank">benfell@mail.parts-unknown.org</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Hi all,<br>
<br>
I am attempting to strip www. and force SSL. Here are the blocks I'm<br>
using:<br>
<br>
        server {<br>
                listen <a href="http://50.250.218.168:80" target="_blank">50.250.218.168:80</a>;<br>
                listen <a href="http://50.250.218.168:443" target="_blank">50.250.218.168:443</a> ssl;<br>
                listen [2001:470:67:2b5::10]:80;<br>
                listen [2001:470:67:2b5::10]:443 ssl;<br>
<br>
                server_name <a href="http://www.disunitedstates.org" target="_blank">www.disunitedstates.org</a>;<br>
                include ssl_common;<br>
<br>
                access_log<br>
/var/log/nginx/<a href="http://disunitedstates.org/access.log" target="_blank">disunitedstates.org/access.log</a>;<br>
                error_log<br>
/var/log/nginx/<a href="http://disunitedstates.org/error.log" target="_blank">disunitedstates.org/error.log</a>;<br>
<br>
                return 301 <a href="https://disunitedstates.org" target="_blank">https://disunitedstates.org</a>$request_uri;<br>
        }<br>
<br>
        server {<br>
                listen <a href="http://50.250.218.168:80" target="_blank">50.250.218.168:80</a>;<br>
                listen [2001:470:67:2b5::10]:80;<br>
<br>
                server_name <a href="http://disunitedstates.org" target="_blank">disunitedstates.org</a>;<br>
<br>
                access_log<br>
/var/log/nginx/<a href="http://disunitedstates.org/access.log" target="_blank">disunitedstates.org/access.log</a>;<br>
                error_log<br>
/var/log/nginx/<a href="http://disunitedstates.org/error.log" target="_blank">disunitedstates.org/error.log</a>;<br>
<br>
                return 301 <a href="https://disunitedstates.org" target="_blank">https://disunitedstates.org</a>$request_uri;<br>
        }<br>
<br>
I have a separate server block for actually serving the site.<br>
<br>
But when one tries to access <a href="http://disunitedstates.org" target="_blank">http://disunitedstates.org</a>, one gets a<br>
400 error, "The plain HTTP request was sent to HTTPS port." The<br>
information I'm finding out on the web about this is confusing and<br>
contradictory.<br>
<br>
How should this be done?<br>
<br>
Thanks!<br>
<span class="HOEnZb"><font color="#888888">--<br>
David Benfell <<a href="mailto:benfell@parts-unknown.org">benfell@parts-unknown.org</a>><br>
See <a href="https://parts-unknown.org/node/2" target="_blank">https://parts-unknown.org/node/2</a> if you don't understand the<br>
attachment.<br>
</font></span><br>_______________________________________________<br>
nginx mailing list<br>
<a href="mailto:nginx@nginx.org">nginx@nginx.org</a><br>
<a href="http://mailman.nginx.org/mailman/listinfo/nginx" target="_blank">http://mailman.nginx.org/mailman/listinfo/nginx</a><br></blockquote></div><br></div></div>