When setting up https on an existing server, you need to provide a redirect for all those visitors arriving via http backlinks. Here is how to do this.
Redirects are prone to errors. To avoid setting a redirect for your main server block, divide it into two server blocks: one handling http, the other handling https traffic. Make sure you define server_name correctly or nothing will happen. Put your redirect only in the http server block.
server {
listen 80;
server_name www.servername.tld servername.tld;
return 301 https://www.servername.tld$request_uri;
}
server {
listen 443 ssl http2;
server_name www.servername.tld servername.tld;
root /var/www/www.servername.tld; index index.html index.htm;
# here goes your https certificate setup and related directives
ssl_certificate /etc/letsencrypt/live/servername.tld/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/servername.tld/privkey.pem;
include /etc/letsencrypt/options-ssl-nginx.conf; #see other posts on cloudinsidr.com for details
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; #see other posts on cloudinsidr.com for details
# define your location blocks
location /* {
root /var/www/www.servername.tld;
index index.html index.htm;
try_files $uri $uri/ ; }
# whatever else you need goes in here
}
Leave a Reply