How To: Nginx Redirect All HTTP Request To HTTPS Rewrite 301 Rules

last updated in Categories , ,

I have setup nginx as a secure reverse proxy server. How do I redirect all requests (traffic) to under nginx web server?

You can easily rewrite/redirect all http requests to https with Nginx web server. The syntax is as follows. You need to add the following in location or server directives:


if ($host ~* ^(example\.com|www\.example\.com)$ ){
  rewrite  ^/(.*)$$1  permanent;

OR better use the following rewrite:

rewrite  ^ https://$server_name$request_uri? permanent;

Or use new syntax (recommended):

return         301 https://$server_name$request_uri;

Redirect all HTTP requests to HTTPS with Nginx server

Edit your nginx.conf file, enter:
# vi nginx.conf
You need to define both http and https server as follows:

## our http server at port 80
server {
      listen      80 default;
      access_log off;
      error_log off;
      ## redirect http to https ##
      return      301 https://$server_name$request_uri;
## Our https server at port 443. You need to provide ssl config here###
server {
      access_log  logs/ main;
      error_log   logs/;
      index       index.html;
      root        /usr/local/nginx/html;
      ## start ssl config ##
      listen      443 http2 ssl;
     ## redirect www to nowww
      if ($host = '' ) {
         rewrite  ^/(.*)$$1  permanent;
    ### ssl config - customize as per your setup ###
     ssl_certificate      ssl/;
     ssl_certificate_key  ssl/;
     ssl_protocols        TLSv1 TLSv1.1 TLSv1.2;
     keepalive_timeout    70;
     ssl_session_cache    shared:SSL:10m;
     ssl_session_timeout  10m;
    ### Rest of my config. It is optional. Do it only if you have Apache on backend ## 
    ## PROXY backend 
      location / {
        add_header           Front-End-Https    on;
        add_header  Cache-Control "public, must-revalidate";
        add_header Strict-Transport-Security "max-age=2592000; includeSubdomains";
        proxy_pass  http://cybercitiproxy;
        proxy_next_upstream error timeout invalid_header http_500 http_502 http_503;
        proxy_set_header        Host            $host;
        proxy_set_header        X-Real-IP       $remote_addr;
        proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;

Save and close the file. Reload or restart the nginx server:
# nginx -s reload
Test it:
$ curl -I
$ curl -I

Sample outputs:

Fig.01 Rewrite 301 HTTP to HTTPS in Nginx server
Fig.01 Rewrite 301 HTTP to HTTPS in Nginx server

Posted by: Vivek Gite

The author is the creator of nixCraft and a seasoned sysadmin, DevOps engineer, and a trainer for the Linux operating system/Unix shell scripting. Get the latest tutorials on SysAdmin, Linux/Unix and open source topics via RSS/XML feed or weekly email newsletter.

9 comment

  1. need to change $server_name to $host as $server_name will default to the first and not the particular name the user typed in.

    may seem trivial but when getting into public vs internal dns entries and routing of traffic you may need to user the hostname that got you here.

  2. To redirect on the same port:
    Lets assume your IP address is and your app is running on port 3000 and you want nginx to listen on port 7000.

        server {
            listen 7000 ssl;
            ssl_certificate /path/to/ssl_certificate.cer;
            ssl_certificate_key /path/to/ssl_certificate_key.key;
            ssl_client_certificate /path/to/ssl_client_certificate.cer;
            # this line is important, for u to handle http and https on same port
            # see:
            error_page 497 301 =307$request_uri;
            # in order to preserve the http VERB that the request came with,
            # we use error response redirection
            # see:
            location / {
                proxy_pass_header Server;
                proxy_set_header Host $http_host;
                proxy_redirect off;
                proxy_set_header X-Real-IP $remote_addr;
                proxy_set_header X-Forwarded-Protocol $scheme;
  3. hii Thanks a lot for ur post..
    but am trieng to redirect https subadomain to another https subdomain
    but the post requests getting converted into get..
    how can redirect 301 for https to https using post to post
    any help would be greatly appreciated..

    Have a question? Post it on our forum!