Acessing my site using www is not working using AWS Route 53 and NGINX

Question

My site is up and running and can be found on the Internet by typing [domain].com address in the browser.

When I try to access it using www.[domain].com, it return an error (not found).

I'm using Route 53 as a DNS Server with the following configuration:

(Addresses, IP's and tokens are not real)

At my server I have the following configuration (NGINX):

server {
      listen 80 default_server;
  root /var/www/domain;
  index index.html index.htm;      

  location /api {
        proxy_redirect          http://localhost:3001/  /api;
        proxy_pass_header       Server;
        proxy_set_header        X-Real-IP $remote_addr;
        proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header        X-Scheme $scheme;
        proxy_set_header        Host $http_host;
        proxy_set_header        X-NginX-Proxy true;
        proxy_connect_timeout   5;
        proxy_read_timeout      240;
        proxy_intercept_errors  on;

        proxy_pass              http://localhost:3001;
    }

    location /graphql {
        proxy_redirect          http://localhost:3001/  /graphql;
        proxy_pass_header       Server;
        proxy_set_header        X-Real-IP $remote_addr;
        proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header        X-Scheme $scheme;
        proxy_set_header        Host $http_host;
        proxy_set_header        X-NginX-Proxy true;
        proxy_connect_timeout   5;
        proxy_read_timeout      240;
        proxy_intercept_errors  on;

        proxy_pass              http://localhost:3001;
   }

  # Root route
  location = / {
    try_files $uri /app/index.html;
  }

  # Any other route default to landing
  location / {
    try_files $uri $uri/ /app/index.html;
  }
}

I need to make my site working for both [domain].com and www.[domain].com, as well as showing the correct name www.[domain].com/page in the browser does not matter how it was accessed.

Help appreciated.

Answer 1

For me both your bare domain as well as the www domain resolve to the same and apparently correct IP-address: 3.221.4.90

That IP-address is different from what you show in your screenshot.

Both web sites redirect from plain HTTP to HTTPS.

But a HTTPS connection to www results in an error message:

curl -vv https://www.quadfloor.com/

About to connect() to www.quadfloor.com port 443 (#0)
Trying 3.221.4.90...
Connected to www.quadfloor.com (3.221.4.90) port 443 (#0)
Initializing NSS with certpath: sql:/etc/pki/nssdb
CAfile: /etc/pki/tls/certs/ca-bundle.crt
CApath: none
Server certificate:
subject: CN=quadfloor.com
start date: Feb 01 16:54:41 2022 GMT
expire date: May 02 16:54:40 2022 GMT
common name: quadfloor.com
issuer: CN=R3,O=Let's Encrypt,C=US
NSS error -12276 (SSL_ERROR_BAD_CERT_DOMAIN)
Unable to communicate securely with peer: requested domain name does not match the server's certificate.
Closing connection 0

curl: (51) Unable to communicate securely with peer: requested domain name does not match the server's certificate.

Your TLS certificate appears to be only valid for quadfloor.com and not for www.quadfloor.com.

Suggestion: use the certbot --expand option to add www.quadfloor.com to your current certificate.

Additionally, you may need to take a look at your WordPress settings, when I use the curl -k option to ignore certificate errors, I also see a bunch of href="http://3.221.4.90/wp-content/plugins/elementor/... which contains your IP-address rather than website domain name and also mixing https with http content is a bad idea. And I also see links to href="https://3.221.4.90/ and you probably don't have a TLS certificate for a bare IP-address either.