Change website

From Jan 16 2015,


All post content will be move to we's offical website with many content...

Can access website here: http://justox.com

Thanks for your visit!

Friday 27 December 2013

Nginx Redirect All HTTP Request To HTTPS Rewrite Rules

have setup nginx as a secure reverse proxy server. How do I redirect all http://example.com/ requests (traffic) to https://example.com/ under nginx web server?



The syntax is as follows. You need to add the following in location or server directives:



if ($host ~* ^(example\.com|www\.example\.com)$ ){
  rewrite ^/(.*)$ https://example.com/$1 permanent;
}
OR better use the following rewrite:
rewrite ^ https://$server_name$request_uri? permanent;
Edit nginx.conf, enter:
# vi nginx.conf
You need to define both http and https server as follows:
 
## our http server at port 80
server {
      listen      1.2.3.4:80 default;
      server_name example.com www.example.com;
      ## redirect http to https ##
      rewrite        ^ https://$server_name$request_uri? permanent;
}
 
## Our https server at port 443. You need to provide ssl config here###
server {
      access_log  logs/example.com/ssl_access.log main;
      error_log   logs/example.com/ssl_error.log;
      index       index.html;
      root        /usr/local/nginx/html;
      ## start ssl config ##
      listen      1.2.3.4:443 ssl;
      server_name example.com www.example.com;
 
     ## redirect www to nowww
      if ($host = 'www.example.com' ) {
         rewrite  ^/(.*)$  https://example.com/$1  permanent;
      }
 
    ### ssl config - customize as per your setup ###
     ssl_certificate      ssl/example.com/example.com_combined.crt;
     ssl_certificate_key  ssl/example.com/example.com.key_without_password;
     ssl_protocols        SSLv3 TLSv1 TLSv1.1 TLSv1.2;
     ssl_ciphers RC4:HIGH:!aNULL:!MD5;
     ssl_prefer_server_ciphers on;
     keepalive_timeout    70;
     ssl_session_cache    shared:SSL:10m;
     ssl_session_timeout  10m;
 
    ## PROXY backend
      location / {
        add_header           Front-End-Https    on;
        add_header  Cache-Control "public, must-revalidate";
        add_header Strict-Transport-Security "max-age=2592000; includeSubdomains";
        proxy_pass  http://exampleproxy;
        proxy_next_upstream error timeout invalid_header http_500 http_502 http_503;
        proxy_set_header        Host            $host;
        proxy_set_header        X-Real-IP       $remote_addr;
        proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
      }
}
 
Save and close the file. Reload or restart the nginx:
# nginx -s reload
Test it:
$ curl -I http://example.com
$ curl -I http://example.com/foo/bar/file.html
Sample outputs:
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 01 Dec 2012 23:49:52 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: https://example.com/
Posted by at
Labels: ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)