HowTo: Nginx Redirect All HTTP Request To HTTPS Rewrite Rules

by on December 1, 2012 · 3 comments· LAST UPDATED December 1, 2012

in , ,

I have setup nginx as a secure reverse proxy server. How do I redirect all http://example.com/ requests (traffic) to https://example.com/ under nginx web server?

Tutorial details
DifficultyIntermediate (rss)
Root privilegesYes
RequirementsNginx
Unix/Linux
Estimated completion timeN/A

The syntax is as follows. You need to add the following in location or server directives:


if ($host ~* ^(example\.com|www\.example\.com)$ ){
  rewrite ^/(.*)$ https://example.com/$1 permanent;
}

OR better use the following rewrite:

rewrite ^ https://$server_name$request_uri? permanent;

Edit nginx.conf, enter:
# vi nginx.conf
You need to define both http and https server as follows:

 
## our http server at port 80
server {
      listen      1.2.3.4:80 default;
      server_name example.com www.example.com;
      ## redirect http to https ##
      rewrite        ^ https://$server_name$request_uri? permanent;
}
 
## Our https server at port 443. You need to provide ssl config here###
server {
      access_log  logs/example.com/ssl_access.log main;
      error_log   logs/example.com/ssl_error.log;
      index       index.html;
      root        /usr/local/nginx/html;
      ## start ssl config ##
      listen      1.2.3.4:443 ssl;
      server_name example.com www.example.com;
 
     ## redirect www to nowww
      if ($host = 'www.example.com' ) {
         rewrite  ^/(.*)$  https://example.com/$1  permanent;
      }
 
    ### ssl config - customize as per your setup ###
     ssl_certificate      ssl/example.com/example.com_combined.crt;
     ssl_certificate_key  ssl/example.com/example.com.key_without_password;
     ssl_protocols        SSLv3 TLSv1 TLSv1.1 TLSv1.2;
     ssl_ciphers RC4:HIGH:!aNULL:!MD5;
     ssl_prefer_server_ciphers on;
     keepalive_timeout    70;
     ssl_session_cache    shared:SSL:10m;
     ssl_session_timeout  10m;
 
    ## PROXY backend
      location / {
        add_header           Front-End-Https    on;
        add_header  Cache-Control "public, must-revalidate";
        add_header Strict-Transport-Security "max-age=2592000; includeSubdomains";
        proxy_pass  http://exampleproxy;
        proxy_next_upstream error timeout invalid_header http_500 http_502 http_503;
        proxy_set_header        Host            $host;
        proxy_set_header        X-Real-IP       $remote_addr;
        proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
      }
}
 

Save and close the file. Reload or restart the nginx:
# nginx -s reload
Test it:
$ curl -I http://example.com
$ curl -I http://example.com/foo/bar/file.html

Sample outputs:

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 01 Dec 2012 23:49:52 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: https://example.com/
TwitterFacebookGoogle+PDF versionFound an error/typo on this page? Help us!

{ 3 comments… read them below or add one }

1 Jared December 2, 2012 at 1:14 am

An even better way to redirect would be with this:

return 301 http://exampledomain.com$request_uri;

Reply

2 David Gómez (@emsLinux) December 2, 2012 at 8:00 pm

Excelent tip!

Please write more stuff about NGINX, I love it.

Reply

3 Sukoon February 12, 2013 at 3:53 pm

This is the best redirect tutorial for nginx on the web. Great work!!

Reply

Leave a Comment

Tagged as: , , , , , , , , ,

Previous Faq:

Next Faq: