From e330abd587c6419d3bd51d7c7e24834959a1ff1c Mon Sep 17 00:00:00 2001 From: ikarus Date: Sun, 1 Feb 2015 01:32:07 +0100 Subject: [PATCH] do better redirection from http to https Redirect using the 'return' directive and the built-in variable '$request_uri' to avoid any capturing, matching or evaluation of regular expressions. It's best practice. See: http://wiki.nginx.org/Pitfalls#Taxing_Rewrites --- conf/nginx.conf | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/conf/nginx.conf b/conf/nginx.conf index 6f00ac07..0ca25269 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -7,7 +7,10 @@ server { server_name $HOSTNAME; root /tmp/invalid-path-nothing-here; - rewrite ^/(.*)$ https://$HOSTNAME/$1 permanent; + # Redirect using the 'return' directive and the built-in + # variable '$request_uri' to avoid any capturing, matching + # or evaluation of regular expressions. + return 301 https://$HOSTNAME$request_uri; } # The secure HTTPS server.