How to redirect HTTP traffic to HTTPS in Nginx and Apache.

How to redirect HTTP traffic to HTTPS in Nginx and Apache

 You should always use HTTPS instead of HTTP to protect your website, even if it doesn’t handle sensitive communications. The main reasons to use HTTPS are:

• Security – this is the main and most important reason to use HTTPS,  all communications between the visitor’s browser and the website are encrypted.
• SEO – Google uses HTTPS as a ranking signal, which means that if your website is using HTTPS it may get a certain boost in Google rankings.
• Browser warnings –  if you are not using HTTPS, Google Chrome and other browsers will flag your site as “Not Secure”.
• Trustworthiness – people usually trust a website much more if they have an SSL certificate.

To use HTTPS, you’ll need an SSL Certificate.

1. Redirect HTTP to HTTPS using Apache mod_rewrite

To automatically redirect all your visitors to the HTTPS version of your site, add the following code in your site .htaccess file

RewriteEngine On
# redirect http to https
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

If you want to redirect all your visitors to the HTTPS NON-WWW version of your, site use the following code:

RewriteEngine On
# redirect all www to https non-www
RewriteCond %{HTTP_HOST} ^www\.(.*)$ [NC]
RewriteRule ^(.*)$ https://%1/$1 [L,R=301]
# redirect http non-www to https non-www
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

and to redirect all your visitors to the HTTPS WWW version of your site, use the following code:

RewriteEngine On
# redirect all non-www to https www
RewriteCond %{HTTP_HOST} !^www\.(.*)$ [NC]
RewriteRule ^(.*)$ https://www.%1/$1 [L,R=301]
# redirect http www to https www
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

2. Redirect HTTP to HTTPS with Nginx

We need to create three server blocks, one for HTTP, one for HTTPS NON-WWW and one for HTTPS WWW versions of the site. The first server block will redirect all visitors entering the site via HTTP to HTTPS and the two other blocks will redirect visitors entering the site via WWW to NON-WWW or vice-versa.
To redirect all HTTP and HTTPS NON-WWW traffic to HTTPS WWW, use the following code:

server {
  listen [::]:80;
  listen 80;

  server_name yourdomain.com www.yourdomain.com;

  # redirect http to https www
  return 301 https://www.yourdomain.com$request_uri;
}

server {
  listen [::]:443 ssl http2;
  listen 443 ssl http2;

  server_name yourdomain.com;

  # SSL code

  # redirect https non-www to https www
  return 301 https://www.yourdomain.com$request_uri;
}

server {

  listen [::]:443 ssl http2;
  listen 443 ssl http2;

  server_name www.yourdomain.com;

  # SSL code
  # other code
}

and to redirect all HTTP and HTTPS WWW traffic to HTTPS NON-WWW, use the following code:

server {
  listen [::]:80;
  listen 80

  server_name yourdomain.com www.yourdomain.com;

  # redirect http to https non-www
  return 301 https://yourdomain.com$request_uri;
}

server {
  listen [::]:443 ssl http2;
  listen 443 ssl http2;

  server_name www.yourdomain.com;

  # SSL code

  # redirect https non-www to https www
  return 301 https://yourdomain.com$request_uri;
}

server {

listen [::]:443 ssl http2;
listen 443 ssl http2;

  server_name yourdomain.com;

  # SSL code
  # Other code
}

Don’t forget to replace ‘yourdomain.com’ with your actual domain name.