Nginx redirect HTTP to HTTPS

Hypertext Transfer Protocol Secure(HTTPS) is an extension of the Hypertext Transfer Protocol(HTTP). It is used for secure communication over a computer network, and is widely used on the Internet. Using HTTPS, the communication protocol is encrypted using Transport Layer Security(TLS) or, formerly, its predecessor, Secure Sockets Layer(SSL). This article provides a simple step by step guide to secure your Nginx Web Server using HTTPS and redirect all HTTP request to HTTPS.


  • Nginx redirect HTTP to HTTPS
  • How to redirect HTTP request to HTTPS using Nginx?
  • Easy steps to configure Nginx Web Server to redirect HTTP traffic to HTTPS?
  • How to Secure Nginx Web server?
  • How to configure Nginx to redirect all HTTP request to HTTPS?
  • How to configure Nginx to redirect HTTP request of specific domain to HTTPS site of that domain?


  • Linux
  • Centos
  • RHEL
  • Ubuntu
  • Debian
  • Suse
  • Arch Linux
  • Windows


Specific domain or site redirection

In this article we will use the following as a sample domain name to fulfill the requirement to redirect ALL HTTP traffic or requests coming for to HTTPS site of

  • Edit nginx.conf file or your specific virtual host configuration file.
  • Change or replace your configuration with the following sample configuration.
  • If you are directly copying the following sample configuration to your web server, make sure to replace the domain name with your domain name.

#HTTP Configuration
server {
   # Nginx listens on TCP port 80
    listen 80;

    # Virtual host or domain declaration

    ## Site redirection
    return 301 https://$host$request_uri;

  • In the above configuration, Nginx listens TCP port 80 for the domain name and
  • As per above configuration, if Nginx receives HTTP request on TCP port 80 for and domain, it will redirect the request to HTTPS version of the same site.

Sample HTTPS configuration.
  • In order to get HTTP to HTTPS redirection working for the same site, we must have HTTPS configuration present for the same site.

  • Following are the sample HTTPS configuration of HTTPS site.

#HTTPS Configuration
server {
   # Nginx listens on TCP port 443 for HTTPS
    listen 443 ssl;

   # Site log configuration
    access_log /var/log/nginx/;
    error_log /var/log/nginx/;

     # Virtual host configuration

     # SSL Configuration
    ssl_certificate     /etc/nginx/ssl/tekfik.pem;
    ssl_certificate_key /etc/nginx/ssl/key.pem;

# Document Root
   root  /var/webroot/;
   index index.html index.php;

  • The above HTTPS configuration is a self-explanatory HTTPS configuration.

  • If you are looking for a self-signed SSL certificate for your internal or external website, refer to the following article.

All-Site redirection

  • Here nginx server listens on TCP port 80 for all websites irrespective of any domain or subdomain.
  • This configuration is suitable if you host multiple websites on a single Nginx web server.
  • Nginx simply receives request on port 80 for all websites and redirects the request to the HTTPS version of the requested website or domain.
server {
    # default_server means, default http server on port 80. 
    listen 80 default_server;

    # under score(_) after server_name means Nginx listens for all domain. 
    server_name _;

    # Nginx redirects HTTP to HTTPS
    return 301 https://$host$request_uri;

  • In order to get the above configuration working, you must have a HTTPS site configuration exists for your HTTPS site. Refer to the above HTTPS site configuration example given for

  • After configuration, perform a nginx syntax validation and then reload or restart nginx service in order to get your configuration working.

Syntax validation
# nginx -t

Restart service
# service nginx restart 


# systemctl restart nginx

You May Also Like


About the Author: TekFik

TekFik is a technical blogging site helps techies and engineers to solve their day to day issues and also allows everyone to share knowledge and feedback. Please feel free to contact us at if there is anything.

Leave a Reply

Your email address will not be published. Required fields are marked *