Roots Discourse

HSTS Preload Submission - Error: HTTP redirects to www first

I get an error when I try to submit my site to as the site redirects directly from to instead of to and then finally to

Does anybody know how to change the setup so this issue is resolved?

Are you using Trellis? I guess you are already using Bedrock and Sage.

Yes I’m on Trellis, Bedrock and Sage. Latest versions except Sage which is version 9. From the wordpress-site.conf.j2 file It looks like this is indeed redirecting from directly to when I have set up my wordpress_sites.yml like this:

However, I am not sure how to change this configuration in order to make this redirect to https before redirecting to www. Also, this is probably a general issue when having hsts preload enabled and using a subdomain like www as the canonical domain.

Using your configuration above Trellis/ansible generates nginx configuration.
You can check the resulting nginx configuration on the actual server after the playbook has been applied.
There are nginx blocks for redirecting from non-www to www and also one for redirecting from non-https to https. You have to ensure that the block for redirecting from non-https to https takes precedence over the other blocks for that site. For making this permanent you will have to adjust your Trellis project and change the nginx template.

This seems to improve security - on the other hand it also seems to add a performance penalty as now two redirects are required in the worst case: One from non-https to https, then one from non-ww to www (for example).