I'm hosting a website behind a Cloudflare proxy, which means that all requests to my server are over port 80, even though Cloudflare handles HTTP (port 80) and HTTPS (port 443) traffic.
To distinguish between the two, Cloudflare includes an X-Forwarded-Proto
header which is set to "http" or "https" based on the user's connection.
I would like to redirect every request with an X-Forwarded-Proto: http
header to the SSL version of my site. How can I achieve this with an nginx configuration?
The simplest way to do this is with an if
directive. If there is a better way, please let me know, as people say the if
directive is inefficient. Nginx converts dashes to underscores in headers, so X-Forwarded-Proto
becomes $http_x_forwarded_proto
.
server {
listen 80;
server_name example.com; # Replace this with your own hostname
if ($http_x_forwarded_proto = "http") {
return 301 https://example.com$request_uri;
}
# Rest of configuration goes here...
}