Forcing SSL with nginx and Apache

Not really difficult but I guess it would be useful for some people.

First one is for nginx: create a file called `force-ssl.conf` and put in nginx’s config directory (check by `nginx -V`). And its content is:

if ($scheme = http) {
rewrite ^ https://$host$request_uri? permanent;
}

Include this file (by `include force-ssl.conf;`) in any `location … { }` block you want to force SSL on.

As for Apache, we can do it by using the usual `.htaccess` (and put in corresponding directories):

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI}

The nginx rule is written by me, Apache rule is written by [someone on internet](http://joseph.randomnetworks.com/2004/07/22/redirect-to-ssl-using-apaches-htaccess/) with minor fix on skipping regex capture (`(.*)` replaced by `^`).

Leave a Reply

Your email address will not be published. Required fields are marked *