Website goes unresponsive after directing to https in nginx server

Question

I have a web application in django framework and I have setup an nginx server to serve the site. I have also setup SSL into the site. The site works fine with both http and https.

Now I want to direct all http requests to https so my users always use the secure version.

Here is my nginx config:

server {
    listen 80;
    listen 443 ssl;
    server_name site.com www.site.com;
    ssl_certificate /path/to/SSL;
    ssl_certificate_key /path/to/SSL/key;
    location = /favicon.ico { access_log off; log_not_found off; }
    location /site_media/static/ {
        alias /home/user/folder/static/dist/;
    }
    location / {
        include         uwsgi_params;
        uwsgi_pass      unix:/tmp/site.sock;
    }
}

Now when I insert a 301 redirect to https and restart the server, the site goes unresponsive.

return         301 https://$server_name$request_uri;

into my

server { ... }

Any idea how to fix this issue, any suggestions would be highly appreciated.

Answer 1

Placing an unprotected return statement into the server block will attempt to redirect both the http and https sites, resulting in a loop. You could place the return statement inside an if block and detect when the protocol is not https, or the more common solution is split the configuration across two server blocks, for example:

server {
    listen 80;
    server_name site.com www.site.com;
    return 301 https://$host$request_uri;
}
server {
    listen 443 ssl;
    server_name site.com www.site.com;
    ssl_certificate /path/to/SSL;
    ssl_certificate_key /path/to/SSL/key;
    location = /favicon.ico { access_log off; log_not_found off; }
    location /site_media/static/ {
        alias /home/user/folder/static/dist/;
    }
    location / {
        include         uwsgi_params;
        uwsgi_pass      unix:/tmp/site.sock;
    }
}