HowTo: Nginx Redirect All HTTP Request To HTTPS Rewrite Rules

by on December 1, 2012 · 5 comments· LAST UPDATED December 1, 2012

in , ,

I have setup nginx as a secure reverse proxy server. How do I redirect all http://example.com/ requests (traffic) to https://example.com/ under nginx web server?

Tutorial details
DifficultyIntermediate (rss)
Root privilegesYes
RequirementsNginx
Unix/Linux
Estimated completion timeN/A

The syntax is as follows. You need to add the following in location or server directives:


if ($host ~* ^(example\.com|www\.example\.com)$ ){
  rewrite ^/(.*)$ https://example.com/$1 permanent;
}

OR better use the following rewrite:

rewrite ^ https://$server_name$request_uri? permanent;

Edit nginx.conf, enter:
# vi nginx.conf
You need to define both http and https server as follows:

 
## our http server at port 80
server {
      listen      1.2.3.4:80 default;
      server_name example.com www.example.com;
      ## redirect http to https ##
      rewrite        ^ https://$server_name$request_uri? permanent;
}
 
## Our https server at port 443. You need to provide ssl config here###
server {
      access_log  logs/example.com/ssl_access.log main;
      error_log   logs/example.com/ssl_error.log;
      index       index.html;
      root        /usr/local/nginx/html;
      ## start ssl config ##
      listen      1.2.3.4:443 ssl;
      server_name example.com www.example.com;
 
     ## redirect www to nowww
      if ($host = 'www.example.com' ) {
         rewrite  ^/(.*)$  https://example.com/$1  permanent;
      }
 
    ### ssl config - customize as per your setup ###
     ssl_certificate      ssl/example.com/example.com_combined.crt;
     ssl_certificate_key  ssl/example.com/example.com.key_without_password;
     ssl_protocols        SSLv3 TLSv1 TLSv1.1 TLSv1.2;
     ssl_ciphers RC4:HIGH:!aNULL:!MD5;
     ssl_prefer_server_ciphers on;
     keepalive_timeout    70;
     ssl_session_cache    shared:SSL:10m;
     ssl_session_timeout  10m;
 
    ## PROXY backend
      location / {
        add_header           Front-End-Https    on;
        add_header  Cache-Control "public, must-revalidate";
        add_header Strict-Transport-Security "max-age=2592000; includeSubdomains";
        proxy_pass  http://exampleproxy;
        proxy_next_upstream error timeout invalid_header http_500 http_502 http_503;
        proxy_set_header        Host            $host;
        proxy_set_header        X-Real-IP       $remote_addr;
        proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
      }
}
 

Save and close the file. Reload or restart the nginx:
# nginx -s reload
Test it:
$ curl -I http://example.com
$ curl -I http://example.com/foo/bar/file.html

Sample outputs:

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 01 Dec 2012 23:49:52 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: https://example.com/
TwitterFacebookGoogle+PDF versionFound an error/typo on this page? Help us!

{ 5 comments… read them below or add one }

1 Jared December 2, 2012 at 1:14 am

An even better way to redirect would be with this:

return 301 http://exampledomain.com$request_uri;

Reply

2 David Gómez (@emsLinux) December 2, 2012 at 8:00 pm

Excelent tip!

Please write more stuff about NGINX, I love it.

Reply

3 Sukoon February 12, 2013 at 3:53 pm

This is the best redirect tutorial for nginx on the web. Great work!!

Reply

4 karnd01 August 19, 2014 at 7:16 pm

need to change $server_name to $host as $server_name will default to the first and not the particular name the user typed in.

may seem trivial but when getting into public vs internal dns entries and routing of traffic you may need to user the hostname that got you here.

Reply

5 Jon September 30, 2014 at 11:02 pm

Doesn’t work on Ubuntu 14.04.

Reply

Leave a Comment

Tagged as: , , , , , , , , ,

Previous Faq:

Next Faq: