To make sure that your visitors always will be using an secured connection to your website, you have to redirect visitors that are making the first connection via HTTP. Here we make use of the permanent HTTP redirect code (HTTP status 301).

The following steps describe the configuration of Nginx to have the website loaded completely over HTTPS. Please read our background information on Securing your complete website with SSL

Configuring HTTPS per website

To comply with the specs you should first redirect visitors entering via HTTP to HTTPS. We need to configure this per worker (website), the configuration file for your site probably sits in /etc/nginx/sites-available/.

 

server {
       listen         80;
       server_name    www.servercertificates.com;
       return         301 https://$server_name$request_uri;
}

Note that the server_name needs to be changed to your own domainname and the HTTPS version of your site is available, before creating the redirect.

+ Recent posts