Last updated on July 16th, 2024 at 06:30 am
Today most websites around the world use HTTPS protocol. It is safe and secure and encrypts all data exchanged between client browser and server. One you can configured your website to be served over HTTPS then you need to redirect HTTP to HTTPs or enforce HTTPS on your website. In this article, we will look at how to redirect HTTP to HTTPS in NGINX.
Why Redirect HTTP to HTTPS
When site administrators enable HTTPS on their website, they redirect all HTTP pages to be served via HTTPS. If you do not do this, then your web pages will be available via both HTTP and HTTPS. The very reason we use HTTPS to protect our website and prevent attackers from snooping into our data served over HTTP. If we do not redirect HTTP to HTTPS then it defeats the purpose of enabling SSL/TLS on our site. Secondly, if our web pages are available over both HTTP as well HTTPS then search engines may see it as duplicate content and push down our website in search results, or even penalize it completely. So it is essential to not only setup HTTPS for our website but also redirect HTTP to HTTPS afterwards.
How To Redirect HTTP to HTTPS in NGINX
Here are the steps to redirect HTTP to HTTPS in NGINX.
1. Backup NGINX Configuration File
We will need to modify NGINX configuration file or virtual host file, whichever works for you. Before you do that, it is necessary to take a backup of this file so that it is easy to recover in case something goes wrong.
$ sudo cp /etc/nginx/nginx.conf /etc/nginx/backup-nginx.conf
2. Open NGINX configuration file
Open terminal and run the following command to open NGINX server configuration file.
$ sudo vi /etc/nginx/nginx.conf
If you have configured separate virtual hosts for your website (e.g www.example.com), such as /etc/nginx/sites-enabled/website.conf then open its configuration with the following command
$ sudo vi /etc/nginx/sites-enabled/website.conf
Alternatively, you can also open the default virtual host configuration file.
$ sudo vi /etc/nginx/sites-enabled/default
3. Redirect HTTP to HTTPS
There are multiple ways to redirect HTTP to HTTPS. Before you redirect your site, it is important to understand the difference between URL rewrite vs redirect. Once you know it, you can choose to proceed as shown below.
Redirect all URL to HTTPS
Here is the server configuration if you want to redirect all URL to HTTPS.
server { listen 80 default_server; server_name _; return 301 https://$host$request_uri; }
In the above code, we specify the following
Listen 80
: Listen to all HTTP traffic on Port 80Server_name _;
: Match any hostnameReturn 301
: Indicates that this is a permanent redirecthttps://$host$request_uri
: Redirect to the HTTPS version of requested URL
The above configuration works for all websites hosted on your server mainly because ‘server_name _’ listens to all hostnames in request.
Redirect Specific Website or Domain
If you want to redirect a specific website or domain, modify server name directive as shown below. Replace example.com with your domain name.
server { listen 80 default_server; server_name example.com; return 301 https://example.com$request_uri; }
The above config works for only example.com since we have mentioned ‘server_name example.com’.
Redirect Specific URL
If you want to redirect only a specific URL (e.g. index.html), add a rewrite statement in its location block, as shown below. Replace example.com with your domain name.
Location /index.html { rewrite ^/index.html$ https://example.com/index.html redirect; }
4. Restart NGINX Server
Run the following command to check syntax of your updated config file.
$ sudo nginx -t
If there are no errors, run the following command to restart NGINX server.
$ sudo service nginx reload #debian/ubuntu $ systemctl restart nginx #redhat/centos
5. Verify
Open web browser and request the HTTP version of any web page on your website. It should automatically redirect you to the HTTPS version. You can verify it by clicking on the address bar to see the full URL of final page after redirection.
Conclusion
Hopefully, this article will help you redirect HTTP to HTTPS in NGINX. As mentioned earlier, it is essential to setup SSL/TLS on your website so that all web pages can be served via HTTPS. Once you do this, you need to also redirect all HTTP pages to their HTTPS version. Otherwise, your web pages will be available via both HTTP as well as HTTPS and it will defeat the purpose of encrypting your web pages using HTTPS connection.
Ubiq makes it easy to visualize data, and monitor them in real-time dashboards. Try Ubiq for free.
Also read :
How to Configure Basic Authentication in NGINX
How to Install Let’s Encrypt in NGINX
Rewrite vs Redirect in NGINX
How to Create Custom 404 Page in NGINX
How to Limit Download Speed in NGINX
Sreeram Sreenivasan is the Founder of Ubiq. He has helped many Fortune 500 companies in the areas of BI & software development.