Using HTTPS is highly recommended and I cannot stop when explaining the benefits of using it! Also something which is more important is to make sure when HTTPS is setup it is ensured that all traffic via HTTP is blocked in a way that it is redirected to HTTPS. This can be easily achieved by giving NGINX the following set of instructions in the virtual server configurations.
Begin by setting up the virtual server for your application so that a domain name points to it. A simple virtual server configuration using SSL is as follows
server { listen 443 ssl; server_name example.com; ssl_certificate /path/to/your/example.com.crt; ssl_certificate_key /path/to/your/example.com.key; root /path/to/your/content; index index.html; include /etc/nginx/mime.types; }
Now setup the redirect from HTTP to HTTPS using:
server { listen 80; server_name example.com; return 301 https://example.com$request_uri; }
this redirects http://example.com to https://example.com along with the URI in the request using the return directive and status code 301. For example,
http://example.com/user/1 would be redirected to https://example.com/user/1.
This article was first published on the Knoldus blog.
No comments:
Post a Comment