(Nginx) Non-HTTP/Non-WWW to HTTPS/WWW Leads to PHP (Without Extension) File Being Downloaded

Question 1

I have found the solution to my own question! Hopefully this can be of use to some people out there. Basically, the modifications in the NGINX configuration file forward http://domain.com to http://www.domain.com and then forward http://www.domain.com to https://www.domain.com, all without using .php extensions.

That is, I can access a PHP file called "phpinfo," at https://www.domain.com/phpinfo.php by just visiting domain.com/phpinfo (or the full URL, https://www.domain.com/phpinfo <-- without the php extension). This may seem rather trivial to some users, but it is useful to a beginner like myself.

I had to make a small addition to the code from my question, whose updated form can be found below. Underneath server { ... } for HTTPS, I had to duplicate the location / { ... }, location ~ .php$ { ... }, and location @extensionless-php { ... } from the normal HTTP server { ... }.

As follows is the updated code for easy viewing! I hope this has proven useful.

##
# You should look at the following URL's in order to grasp a solid understanding
# of Nginx configuration files in order to fully unleash the power of Nginx.
# http://wiki.nginx.org/Pitfalls
# http://wiki.nginx.org/QuickStart
# http://wiki.nginx.org/Configuration
#
# Generally, you will want to move this file somewhere, and start with a clean
# file but keep this around for reference. Or just disable in sites-enabled.
#
# Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples.
##

server {
    listen 80;
    server_name domain.com;
    rewrite ^(.*) https://www.domain.com$1 permanent;
}

server {
    listen 80 default_server;
    listen [::]:80 default_server ipv6only=on;

    server_name www.domain.com;
    rewrite ^(.*) https://www.domain.com$1 permanent;

    root /usr/share/nginx/html;
    index index.php index.html index.htm;

    location / {
            try_files $uri $uri/ @extensionless-php;

            # Uncomment to enable naxsi on this location
            # include /etc/nginx/naxsi.rules
    }

    # Only for nginx-naxsi used with nginx-naxsi-ui : process denied requests
    #location /RequestDenied {
    #       proxy_pass http://127.0.0.1:8080;

    error_page 404 /404.html;

    # redirect server error pages to the static page /50x.html
    error_page 500 502 503 504 /50x.html;
    location = /50x.html {
            root /usr/share/nginx/html;
    }

    # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
    location ~ \.php$ {
            try_files $uri =404;
            fastcgi_split_path_info ^(.+\.php)(/.+)$;
            fastcgi_pass unix:/var/run/php5-fpm.sock;
            fastcgi_index index.php;
            include fastcgi_params;
            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
    }

    location @extensionless-php {
            rewrite ^(.*)$ $1.php last;
    }

    # deny access to .htaccess files, if Apache's document root
    # concurs with nginx's one
    #
    #location ~ /\.ht {
    #       deny all;
    #}
}


# another virtual host using mix of IP-, name-, and port-based configuration
#server {
#       listen 8000;
#       listen somename:8080;
#       server_name somename alias another.alias;
#       root html;
#       index index.html index.htm;
#
#       location / {
#               try_files $uri $uri/ =404;
#       }
#}


# HTTPS server

server {
    listen 443;
    server_name www.domain.com;

    root html;
    index index.html index.htm index.php;

    ssl on;
    ssl_certificate /etc/nginx/ssl/server.crt;
    ssl_certificate_key /etc/nginx/ssl/server.key;

    ssl_session_timeout 5m;

    ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers "HIGH:!aNULL:!MD5 or HIGH:!aNULL:!MD5:!3DES";
    ssl_prefer_server_ciphers on;

    location / {
            # NOTE: THIS REQUIRED AN EDIT.
            try_files $uri $uri/ @extensionless-php;
    }

    # NOTE: THE FOLLOWING CODE IS A MERE DUPLICATE FROM THE HTTP SERVER ABOVE!

    # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
    location ~ \.php$ {
            try_files $uri =404;
            fastcgi_split_path_info ^(.+\.php)(/.+)$;
            fastcgi_pass unix:/var/run/php5-fpm.sock;
            fastcgi_index index.php;
            include fastcgi_params;
            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
    }

    location @extensionless-php {
            rewrite ^(.*)$ $1.php last;
    }

}

Question 2

ok well here's a little simplification to your config, ultimately you want to go to the https+www domain, the double redirection is a waste. so redirect to that directly

server {
  # handles both www and non www to http
  listen 80;
  server_name www.example.com example.com;
  return 301 https://www.example.com$request_uri$is_args$query_string;
}
server {
  # handles non www to https
  listen 443 ssl;
  # add ssl settings to avoid certificate error
  server_name example.com;
  return 301 https://www.example.com$request_uri$is_args$query_string;
}
server {
  listen 443 ssl;
  server_name www.example.com;
  # ssl settings
  location / {
    try_files $uri $uri/ @extensionless;
  }
  location @extensionless {
    rewrite ^ $1.php last;
  }
  location ~ \.php$ {
        try_files $uri =404;
        include fastcgi_params;
        fastcgi_pass unix:/var/run/php5-fpm.sock;
  }
}

I believe this small php block is sufficient, if it doesn't work you can add back the remaining rules from your current config.