If your website is hosted with NGINX and it has SSL enabled, it’s best practice to disable HTTP completely and force all incoming traffic over to the HTTPS version of the website. This avoids having duplicate content and ensures that all of the site’s users are only browsing the secure version of your website. You should also see an SEO boost, as search engines prefer non-redundant and secured web pages.
In this guide, we’ll assume you’re already using NGINX on a Linux system and want to redirect all HTTP traffic to HTTPS. Even if a user happens to follow an http:// link, the site should send them to the correct and secured page, which happens instantly and without the user’s intervention.
There are two ways to setup this redirection in NGINX. One method allows you to configure the redirection for individual sites. The other method can redirect HTTP to HTTPS for all NGINX sites on your server, which is handy if you have multiple sites setup and want to avoid having to apply the exact same redirection to each one. We’ll cover the step by step instructions for both methods below. Let’s get started.
Using Apache instead of NGINX? We’ve written a separate guide for how to use Apache to redirect all HTTP traffic to HTTPS.
In this tutorial you will learn:
- How to redirect HTTP to HTTPS for individual NGINX websites
- How to redirect HTTP to HTTPS for all NGINX websites
| Category | Requirements, Conventions or Software Version Used |
|---|---|
| System | Any Linux distro |
| Software | NGINX |
| Other | Privileged access to your Linux system as root or via the sudo command. |
| Conventions |
# – requires given linux commands to be executed with root privileges either directly as a root user or by use of sudo command$ – requires given linux commands to be executed as a regular non-privileged user |
Redirect HTTP to HTTPS for individual sites
We’ll need to make changes to NGINX server configuration file in order to redirect traffic. Open it with your preferred text editor.
$ sudo nano /etc/nginx/sites-available/your_conf_file
There should be at least two blocks in this file – one that controls the configuration for HTTP (port 80) connections and one that controls HTTPS (port 443). Under the HTTP portion, insert the following 301 redirect code. Of course, replace the example domain with the domain of your site.
server {
listen 80;
server_name example.com www.example.com;
return 301 https://example.com$request_uri;
}
As you can see, the code listens on port 80 for incoming connections to example.com and www.example.com. It then redirects those connections to the same URL but with https://.
Below the HTTP block, you’ll need an HTTPS block if you haven’t already made one.
server {
listen 80;
server_name example.com www.example.com;
return 301 https://example.com$request_uri;
}
server {
listen 443 ssl;
server_name example.com;
ssl_certificate example.com.crt;
ssl_certificate_key example.com.key;
# other configuration
}
But what about connections to https://www.example.com (notice the www.)? To redirect those connections as well, we’ll need another block with a 301 redirect. In full, the config file would look like this (although yours may have additional configuration):
server {
# redirect all HTTP to HTTPS
listen 80;
server_name example.com www.example.com;
return 301 https://example.com$request_uri;
}
server {
# redirect HTTPS www.
listen 443 ssl;
server_name www.example.com;
return 301 https://example.com$request_uri;
}
server {
listen 443 ssl;
server_name example.com;
ssl_certificate example.com.crt;
ssl_certificate_key example.com.key;
# other configuration
}
Make sure you use a systemctl command to restart or reload NGINX in order for these new changes to take effect.
$ sudo systemctl reload nginx
Your site should now always redirect to a URL with the format of https://example.com, regardless of the link being prefaced by http:// and/or www..
Redirect HTTP to HTTPS for all sites
To redirect the traffic for all your NGINX-hosted websites, enter the following code in your configuration file:
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name _;
return 301 https://$host$request_uri;
}
This is pretty much the same as the code above, except it uses variable $host so it can be applied to any URL that NGINX is hosting. This method may be a bit more convenient, but you’ll lose some of the granular control you have when each site has its own server blocks. Use your own discretion and pick whichever method you like.
Conclusion
In the vast majority of cases, there’s no reason to continue using HTTP when your site can offer HTTPS. It’s more secure, gives the user peace of mind, and the site will get a little SEO boost. In this article, we saw how easy it was to redirect all traffic to HTTPS and get rid of HTTP entirely. Either of these methods are viable for forcing HTTP traffic over to HTTPS on your website(s).
