Redirect www to not-www

Francis Daly francis at
Tue Jan 10 18:43:43 UTC 2023

On Tue, Jan 10, 2023 at 12:03:06PM -0500, Paul wrote:

Hi there,

> Using nginx (1.18.0 on Ubuntu 20.04.5) as proxy to back-end, I have three
> sites (a|b| in a fast, reliable production environment. I have
> DNS records set up for www.a|b|  I have CertBot set up for
> only a|b|
> To avoid "doubling" the number of sites-available and security scripts, and
> to avoid the unnecessary "www." I would like to add something like:
> server {
>   server_name;
>   return 301 $scheme://$request_uri;
> }

> Maybe I'm missing something fundamental?

Yes, you are missing something fundamental :-(

There are 4 families of requests that the client can make:


It looks like you want each of the first three to be redirected to
the fourth?

It is straightforward to redirect the first two to the fourth --
something like

	server {
		return 301$request_uri;

should cover both.

(Optionally with "listen 80;", it replaces your similar no-ssl server{}

But for the third family, the client will first try to validate the
certificate that it is given when it connects to,
before it will make the http(s) request that you can reply to with
a redirect. And since you do not (appear to) have a certificate for, that validation will fail and there is nothing you
can do about it. (Other that get a certificate.)


Francis Daly        francis at

More information about the nginx mailing list