After we successfully installed Let’s Encrypt SSL for Nginx, you will need to configure it to redirect from HTTP to HTTPS. Here’s how.
One of the common tasks for running the Nginx Web Server is transferring the data stream from the HTTP protocol over the HTTPS (more secure version) of the website.
Unlike HTTP, all requests and responses are sent in unencrypted plain text. HTTPS uses TLS/SSL to encrypt the transmission between the client and the server.
This article will help you know how to configure HTTP to HTTPS redirect using Nginx.
To configure redirects, you must modify the Nginx configuration file, which is usually located in /etc/nginx/nginx.conf or /etc/nginx/sites-available, /usr/local/nginx/conf and /usr/local/ etc/nginx.
Once you have finished editing the configuration file, you must save your edits and exit. Then you reload the Nginx service by command below:
systemctl reload nginx
Redirect a website
You have multiple websites and only want some to redirect to HTTPS. Open the Nginx configuration file and insert the following code:
server {
listen 80 default_server;
server_name domain.com www.domain.com;
return 301 https://$host$request_uri;
}
Meaning of each line:
- listen 80 – block server will receive incoming data at Port 80
- server_name domain.com www.domain.com – the domain name of the server (you change this information to match your domain name)
- return 301 https://$host$request_uri – redirect traffic to the HTTPS version of the site
Redirect all websites on the server
If all the websites hosted on the server use HTTPS and you don’t want to create separate server blocks for each site, you can create a master server block to redirect all HTTP requests to HTTPS.
Create the main server block in the Nginx configuration file:
server {
listen 80 default_server;
server_name _;
return 301 https://$host$request_uri;
}
Parameter server_name _; will take any website’s hostname.
Only receive SSL Certificates connections
Add the following code to make the server accept only SSL connections on Port 443:
server {
listen 443 ssl default_server;
server_name my_website.com;
}
Note:
- You can add a new server block for another website.
Redirect Domain
This happens when you want to change the domain name extension (like .net or .org, info) to all .com domains or you want to redirect from the old domain to the new domain.
server {
listen 80;
listen 443 ssl;
server_name www.old_domain.com;
return 301 $scheme://www.new_domain.com$request_uri;
}
Redirect from www to non-www
When you want the website link to not appear www, enter the following code:
server {
server_name www.domain.com;
return 301 $scheme://domain.com$request_uri;
}
It works as well as a website redirects.
When the configuration is complete, all traffic from HTTP will automatically switch to HTTPS. Checking the site will return an HTTP status code “301 redirect”. You use the curl tool to check, type the command:
curl -I http://domain.com/
If you see “HTTP/1.1 301 Moved Permanently” and “Location: https://domain.com” then you are successful.
Good luck to you!