Introduction

Nginx (pronounced “Engine-X”) is a Linux-based web server and proxy application. Nginx is a powerful tool for redirecting and managing web traffic. It can be easily configured to redirect unencrypted HTTP web traffic to an encrypted HTTPS server.

This guide will show you how to redirect HTTP to HTTPS using Nginx.

tutorial on forcing redirects from http to https in nginx

Prerequisites

  • A Linux server running Nginx
  • A user account with sudo privileges
  • Remote login to a web server (optional, required only if you are not working directly on your web server)
  • Access to a terminal/command line (Ctrl-Alt-T or Ctrl-Alt-F2)

HTTP to HTTPS Redirect

To enforce an HTTP to HTTPS redirect, you need to edit the Nginx configuration file.

In most cases, you can locate the file in the /etc/nginx/sites-available directory. If not found, search for it here: /etc/nginx/nginx.conf, /usr/local/nginx/conf, or /usr/local/etc/nginx.

Once you have located the Nginx configuration file, open it in a text editor with the command:

sudo nano /etc/nginx/sites-available/server.conf

Replace the location with the actual location and name of your configuration file.


Note: If you are connecting remotely, make sure you’re logged in through SSL first.  Also, if you are using a graphical interface, you can browse to the file location instead of using terminal commands.


Once the configuration file is open for editing, insert one of the code blocks below. Once you are finished editing, save the file and exit. Then, restart the Nginx service with the following command:

sudo service nginx restart

Nginx Redirect all HTTP traffic to HTTPS

Open the Nginx configuration file for editing, then insert the following code:

server {

    listen 80 default_server;


    server_name _;


    return 301 https://$host$request_uri;

}

Here is a breakdown of the commands:

  • Listen 80: This instructs the system to catch all HTTP traffic on Port 80
  • Server_name _;: This will match any hostname
  • Return 301: This tells the browser (and search engines) that this is a permanent redirect
  • https://$host$request_uri: This is a short code to specify the HTTPS version of whatever the user has typed

After editing, all traffic for the HTTP default server redirects to HTTPS.


Note:  This should be the only server block listening on Port 80.  (A server block is a unit of configuration code in Nginx.  It's marked by a name and curly brackets.)


Redirect a Specific Site

You may have multiple servers, but only some of them may require HTTPS. Specify server name in the server block to redirect the selected traffic:

server {

    listen 80 default_server;


    server_name my_app.com;


    return 301 https://my_app.com$request_uri;

}

Replace the name my_app.com with the name of the server you intend to redirect. You may also want to add additional sites by adding another server block. Simply copy the code, and switch out the name of the server.

Accept Only SSL Connections

Add this code to be sure that the server will only accept SSL connections on Port 443:

server {

    listen 443 ssl default_server;

    server_name my_app.com;

}


server {

    listen 443 ssl;

    server_name my_website.com;

}

This code block will set two websites, my_app.com and my_website.com, to accept only SSL connections. You can add additional sites by using additional server blocks.

Nginx Page Redirects

You can use the rewrite code to quickly manage a 301 (permanent) or 302 (temporary) redirect:

Location /index.html {

       rewrite ^/oldURL$ https://www.your_domain.com/newURL redirect;

}

Most of the time, the location will be index.html, but you can specify any path/pattern.

Make note that the rewrite command should only be used with 301 or 302 redirects.

How to Redirect a Domain With Nginx

This is useful if you have changed from a vanity extension (like .biz or .net) to a standard .com address. It can also be used to redirect from an old domain name to a new domain name.

server {

    listen 80;

    listen 443 ssl;

    server_name www.old_company.com;

    return 301 $scheme://www.new_company.com$request_uri;

}

For most instances, the return command is preferred to the rewrite command.

Redirect from www website to non-www website

This process is similar to a standard page redirect:

server {

    server_name www.new_company.com;

    return 301 $scheme://new_company.com$request_uri;

}

Reasons to Redirect Traffic

There are several reasons to redirect HTTP traffic to HTTPS. You may need to:

  • Force a more secure, encrypted connection.
  • Keep a page with good SEO ranking, but send its traffic to a new page.
  • Notify and temporarily send traffic to an “under maintenance” page.
  • Permanently send traffic from one website to another, i.e. after a corporate merger.

Conclusion

Now you know how to redirect HTTP to HTTPS in Nginx. By editing the configuration file, you can send traffic from a specific destination to a different site and enforce the use of SSL certificates. This helps you safely manage changes to your website without disrupting the user experience.