Forcing SSL on Nginx

Page Header
So I was looking through the domain names that I own, and found I had purchased an SSL cert and never claimed it.

So now this site is SSL-Enabled with a trusted cert, rather than the self-signed cert I was using before.

It took me a couple of goes to get forced-SSL working though, as most of the Nginx tutorials weren’t working for me. I got stuck in a couple of redirect loops or nginx would refuse to start. In all honesty I really have little clue as to what I’m doing with nginx, as it’s not something I really look at very often.

In any case, this is the configuration that got it working for me in the end (thanks to this digital ocean answer). I simply just had to add the if ($scheme = http) part at the end of my server config file:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
# editing /etc/nginx/conf.d/timothy-quinn.conf
server {
listen 80;
listen 443 ssl;
server_name timothy-quinn.com www.timothy-quinn.com;
ssl_certificate /path/to/ssl/certificate.crt;
ssl_certificate_key /path/to/ssl/key.key;
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $http_host;
proxy_pass http://address:port;
}
if ($scheme = http) {
return 301 https://$server_name$request_uri;
}
}

Update: Interestingly, I get 502 Gateway errors from Ghost when trying to Publish if I omit the “www” from my site address. I didn’t notice this before because I wasn’t get redirected to the site with the “www” before. Interesting side-effect.