Jasmine Lognnes Jasmine Lognnes - 6 months ago 9
Linux Question

Redirect all but one sub domain to https?

This post is very close to what I am looking for. But what I am looking for is

letsencrypt.example.com should always be http
*.example.com should always be https


Using the solution from this post I can rewrite all http to https by

server {
listen 80;
server_name test.example.com;
rewrite ^ https://$http_host$request_uri? permanent;
}


and then onwards do

server {
listen 443 ssl;
...


Question

But how can I make sure that
letsencrypt.example.com
remains at http port 80?

Answer

You should use an explicit server for letsencrypt.example.com and then use a catch-all server for the redirection.

Your port 80 server blocks would look Like this:

server {
    listen 80;
    server_name letsencrypt.example.com;
    ...
}
server {
    listen 80 default_server;
    return 301 https://$http_host$request_uri;
}

See this documentation for details.