Configuring Nginx for HTTPS Redirect

    • If you already have nginx deployed, skip to the “Add a website for URL redirect” step.
  • ¬†Assumptions
    • You have an Ubuntu 22.04 Linux server created
      • 4GB of RAM
      • 30GB of Drive Storage
  • Prerequisites
    • You have a DNS “A” record redirecting all subdomains to your machine.
      • For instance, if your domain is “”, you need to create an A record of “*” to redirect everything to
  • Download openssh (OPTIONAL)
    • This allows the user to ssh into the machine to allow for easier copying and pasting of commands
      • sudo -i
        • This puts the current terminal as a super user (can run commands as an admin).
      • apt-get update
        • Updates the current list of Linux packages.
      • apt-get upgrade
        • Upgrades all of the packages/updates the actual software
      • apt-get install openssh-server
        • This installs openssh so you can ssh to the Linux machine
    • Connect to the Linux machine via SSH (use putty or the cmd)
  • Install nginx
    • apt install nginx
      • This installs the nginx software and engine
    • systemctl status nginx
      • this will check the status of nginx, ensuring the it is running
  • Add a website for URL redirect
    • cd /etc/nginx/sites-available
    • nano
      • You will want this to actually be the URL you are redirecting. For instance, “test” is the subdomain and “” is the domain we own.
    • Add the following configuration to the file
      • server {
        server_name;location / {
        proxy_pass; # Point to test web server
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

        • This redirects “” to “”
    • Link sites-available to sites-enabled
      • ln -s /etc/nginx/sites-available/ /etc/nginx/sites-enabled
        • This creates a link from sites-available to sites-enabled to allow nginx to start redirecting/have access to the configuration
    • Test the configuration
      • nginx -t
        • This should have an output such as “the configuration is OK”
    • Restart the nginx service
      • systemctl reload nginx
    • You should now ab able to go to “” to go to the website located at “”
  • Add Certbot and secure the site
    • At this point, you are only redirecting traffic, not adding an SSL certificate. This will add encryption to secure the site.
    • Install certbot and the nginx plugin
      • apt install certbot python3-certbot-nginx
    • Secure your website
      • certbot –nginx -d
    • Go through the installation process. This includes adding a notification email for certificate expiration AND choosing the option for REDIRECTING traffic to HTTPS. This is the second option if you are prompted for it.
    • Restart nginx
      • systemctl reload nginx
  • Connect to your website! It should be secured unless the web app requires further proxy configuration (refer to the webpages documentation for this possibility).

Leave a Reply

Your email address will not be published. Required fields are marked *