1 Topic by jobu

  • jobu
  • Member
  • Offline
  • Registered: 2011-08-01
  • Posts: 122

Topic: Redirect servers IP to hostname.domain.tld in nginx

==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release): 1.4.2
- Deployed with iRedMail Easy or the downloadable installer? installer
- Linux/BSD distribution name and version: Debian Buster
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): LDAP
- Web server (Apache or Nginx): Nginx
- Manage mail accounts with iRedAdmin-Pro? Pro
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====

Hi there,

typing in my servers IP-address in the browser shows my a security-warning, since the IP is not part of my SSL-certificate. If i accept the warning nginx redirects without problems to roundcube etc ...
I'm trying to redirect the servers IP to the FQDN, but i'm stuck and kind of nginx-newbie. I tried to add this statement at various position in the server{}-block of /etc/nginx/sites-enabled/00-default.conf and 00-default-ssl.conf:

if ($host = 111.222.333.444) {
    return 301 https://mail.example.com$request_uri;
}

It works on another server without problems, but it doesn't here and there is no entry for that in the logs.

Any ideas?

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 31,088

Re: Redirect servers IP to hostname.domain.tld in nginx

- It should work in 00-default.conf since it doesn't involves https at that stage.
- in 00-default-ssl.conf, web browser hits https first, so you must accept the ssl cert.

3 Reply by jobu

  • jobu
  • Member
  • Offline
  • Registered: 2011-08-01
  • Posts: 122

Re: Redirect servers IP to hostname.domain.tld in nginx

Thanks Zhang. Redirect works now for http://ip-address to https://FQDN, in my case the "primary" hostname. My /etc/nginx/sites-enabled/00-default.conf:

#
# Note: This file must be loaded before other virtual host config files,
#
# HTTP
server {
    # Listen on ipv4
    listen 80;
    listen [::]:80;

    if ($host = 111.222.333.444) {
       return 301 https://mail.example.com$request_uri;
    }

    server_name _;

    # Redirect all insecure http:// requests to https://
    return 301 https://$host$request_uri;
}

This is okay for me at this point, even if it wouldn't resolve my other domains running on that server.

Kind of annoyingly - it doesn't work like this for the https-site.
I would love to solve this and see this in the iRedMail-installers configuration, since a security-warning as default can't be best practice.

4 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 31,088

Re: Redirect servers IP to hostname.domain.tld in nginx

There's no solution for https. Because browser hits https and verify cert first, this is not controlled by Nginx.