Configure https for nginx


HTTPS is an advanced data transfer protocol that supports encryption. Install free ssl certificate from Lets Encrypt. Ubuntu server operating system


Get a certificate

sudo letsencrypt certonly -a webroot --webroot-path=/var/www/ -d -d


sudo letsencrypt renew

nginx config

server {
    listen 80 ;
    return 301 https://$server_name$request_uri;
server {
  # SSL configuration
  listen 443 ssl http2;
  listen [::]:443 ssl http2;
  ssl_certificate /etc/letsencrypt/live/;
  ssl_certificate_key /etc/letsencrypt/live/;
  ssl_trusted_certificate /etc/letsencrypt/live/;
  add_header Content-Security-Policy "img-src https: data:; upgrade-insecure-requests";
  # We keep access log:
  access_log  /var/log/nginx/site.com_access.log;
  # We share static and dynamic, static stored in cache for 10 days:
      location ~* \.(jpg|jpeg|gif|png|ico|css|bmp|swf|js|doc|docx|pdf|xls|xlsx|rar|zip|tbz|7z|exe)$ {
      root /var/www/;
      expires 10d;
  # htaccess and htpasswd do not give:
      location ~ /\.ht {
          deny  all;
  # We want to see statistics when accessing the /stat folder
  location = /stat {
      stub_status on;
      access_log  off;
  location / {
      proxy_redirect     off;
      log_not_found      off;
      proxy_set_header   X-Real-IP $remote_addr;
      proxy_set_header   Host $http_host;
      proxy_set_header   X-Forwarded-For $proxy_add_x_forwarded_for;
      proxy_set_header   HTTPS on;

Do not forget to restart nginx

sudo /etc/init.d/nginx restart
blog comments powered by Disqus