Redirecting any HTTP request to HTTPS with NGINX, is as easy as listening to port 80 and redirecting (301 Moved Permanently) to the equivalent HTTPS URL.
The TLS certificate used for HTTPS on vallentin.dev, was acquired from Let's Encrypt which is a free SSL/TLS certificate authority.
server {
listen 80;
server_name vallentin.dev *.vallentin.dev;
return 301 https://vallentin.dev$request_uri;
}
server {
listen 443 ssl;
server_name vallentin.dev *.vallentin.dev;
ssl_certificate /etc/letsencrypt/live/vallentin.dev/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/vallentin.dev/privkey.pem;
add_header Strict-Transport-Security "max-age=31536000";
# Rest of the server configuration
}
Change the domains and filenames as needed.
Redirect www to non-www
Redirecting www to non-www and vice versa, can be done using a similar approach. Instead of being port specific, have a server block that catches www and non-www server_names and then redirect to the desired www or non-www equivalent URL.
The following snippet redirects any HTTP to HTTPS and www to non-www.
server {
listen 80;
server_name vallentin.dev www.vallentin.dev;
return 301 https://vallentin.dev$request_uri;
}
server {
listen 443 ssl;
server_name www.vallentin.dev;
ssl_certificate /etc/letsencrypt/live/vallentin.dev/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/vallentin.dev/privkey.pem;
add_header Strict-Transport-Security "max-age=31536000";
return 301 https://vallentin.dev$request_uri;
}
server {
listen 443 ssl;
server_name vallentin.dev;
ssl_certificate /etc/letsencrypt/live/vallentin.dev/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/vallentin.dev/privkey.pem;
add_header Strict-Transport-Security "max-age=31536000";
# Rest of the server configuration
}
Change the domains and filenames as needed.
Search Engine Optimization
Google's ranking algorithm takes into account whether a website uses HTTPS. As such in terms of page ranking, it is possible to benefit by using or even better forcing HTTPS.