Force HTTPS Requests: Difference between revisions
No edit summary |
No edit summary |
||
| (One intermediate revision by the same user not shown) | |||
| Line 17: | Line 17: | ||
Some sources claim that this can be put into a separate configuration file, e.g. `/etc/nginx/conf.d/000_https_redirect_custom.conf`, but I did not have luck doing this. http and https requests were still both successfully, but http requests were not redirected. | Some sources claim that this can be put into a separate configuration file, e.g. `/etc/nginx/conf.d/000_https_redirect_custom.conf`, but I did not have luck doing this. http and https requests were still both successfully, but http requests were not redirected. | ||
[[Category:Web Development]] | Also I was not able to create configuration directives that were capable of inserting this configuration on the server. With each application deploy nginx configuration files are set back to their defaults, wiping out SSL/TLS certificate and HTTPS redirects. These must be manually reinstated through a ssh connection to the server and manually editing `/etc/nginx/nginx.conf`. (There is a bash script that will make the edits in the ec2-user home directory. | ||
[[Category:Elastic Beanstalk]] [[Category:Web Development]] | |||
Latest revision as of 04:15, 13 June 2020
Overview[edit]
How to force all requests to a web server to be secure, i.e. https.
nginx[edit]
Edit the following to the nginx server configuration file, e.g. /etc/nginx/nginx.conf:
server {
listen 80 default_server;
server_name _;
return 301 https://$host$request_uri;
}
Some sources claim that this can be put into a separate configuration file, e.g. /etc/nginx/conf.d/000_https_redirect_custom.conf, but I did not have luck doing this. http and https requests were still both successfully, but http requests were not redirected.
Also I was not able to create configuration directives that were capable of inserting this configuration on the server. With each application deploy nginx configuration files are set back to their defaults, wiping out SSL/TLS certificate and HTTPS redirects. These must be manually reinstated through a ssh connection to the server and manually editing /etc/nginx/nginx.conf. (There is a bash script that will make the edits in the ec2-user home directory.