CloudStick is a server control panel for developers and agencies that lets you manage cloud servers on AWS, DigitalOcean, Vultr, Linode, and Hetzner without using the command line. Plans start at $9/month — the Basic plan covers 1 server with unlimited websites; Pro at $19/month and Business at $49/month cover unlimited servers.

Will features I pay for ever get moved to a higher plan?

No. CloudStick is committed to keeping all features you currently pay for within your existing plan. New features may be added to higher tiers, but existing plan features will never be removed or require a forced upgrade.

What happens to my servers if I cancel CloudStick?

Your servers remain fully operational after cancellation. CloudStick does not host your servers — it manages them. If you cancel, you lose access to the CloudStick dashboard, but your servers continue running on your cloud provider.

Is there a free trial for CloudStick?

Yes. CloudStick offers a 7-day free trial on all paid plans with no credit card required. You can explore every feature and upgrade, downgrade, or cancel at any time during or after the trial.

WEB SERVER

June 23, 2026

How to Redirect HTTP to HTTPS in Nginx

6 min read

CloudStick Team

WordPress Engineer

Share this article

HTTP to HTTPS in Nginx

Why the HTTP to HTTPS Redirect Matters

Installing an SSL certificate is only half the job. Without an explicit redirect, visitors who type your domain without https:// or follow an old http:// link land on the unencrypted version of your site. Browsers mark HTTP pages as "Not Secure", which hurts trust and conversion. Google also ranks HTTPS pages higher as a confirmed ranking signal.

The redirect must be a 301 (permanent) response, not a 302 (temporary). A 301 tells search engines to transfer all SEO equity from the HTTP URL to the HTTPS URL. A 302 does not — search engines may continue indexing the HTTP version and split page authority between the two URLs.

Simple HTTP to HTTPS Redirect

The cleanest approach uses a dedicated server block for port 80 that does nothing except redirect all traffic to the HTTPS equivalent. The $host variable preserves the requested hostname (works for both www and non-www), and $request_uri preserves the full path including query strings.

# Dedicated redirect block for HTTP
server {
    listen 80;
    listen [::]:80;
    server_name example.com www.example.com;
    return 301 https://$host$request_uri;
}

TIP

Use return 301 instead of rewrite ^ https://... permanent. The return directive is processed immediately by Nginx without running regex matching — it is faster, cleaner, and less prone to misconfiguration.

WWW to Non-WWW (or Vice Versa)

Google treats www.example.com and example.com as separate URLs. Serving content on both without a canonical redirect splits PageRank and can cause duplicate content issues. Choose one version as canonical — most modern sites use non-www — and redirect the other.

# Redirect www to non-www (HTTPS)
server {
    listen 443 ssl;
    server_name www.example.com;
    ssl_certificate     /etc/letsencrypt/live/example.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
    return 301 https://example.com$request_uri;
}

301 vs 302: Which to Use?

A 301 redirect is permanent — search engines update their index to point to the new URL, browsers cache the redirect indefinitely, and PageRank transfers fully. A 302 redirect is temporary — search engines keep the original URL in their index and may or may not pass PageRank to the destination.

Use 301 for HTTP-to-HTTPS redirects and www canonicalization — these are permanent decisions. Use 302 only for genuinely temporary redirects, such as redirecting users during maintenance, or A/B testing where you intend to revert. If you accidentally used 302 and now want search engines to re-crawl with 301, they will update gradually but it can take weeks for the cache to expire.

Complete Configuration: Three Server Blocks

The complete production setup uses three server blocks: one for HTTP redirecting to HTTPS, one for www redirecting to non-www (HTTPS), and one for the canonical HTTPS non-www domain serving actual content.

# Block 1: HTTP -> HTTPS redirect
server {
    listen 80;
    server_name example.com www.example.com;
    return 301 https://example.com$request_uri;
}
# Block 2: www HTTPS -> non-www HTTPS
server {
    listen 443 ssl;
    server_name www.example.com;
    ssl_certificate     /etc/letsencrypt/live/example.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
    return 301 https://example.com$request_uri;
}
# Block 3: canonical HTTPS server
server {
    listen 443 ssl;
    server_name example.com;
    ssl_certificate     /etc/letsencrypt/live/example.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
    root /var/www/example.com/public;
    # ... rest of your site config
}

Verify the Redirect Chain

Test that the redirect works and that there are no redirect loops. A redirect loop happens when your application redirects back to HTTP (common with misconfigured WordPress HTTPS settings), causing an infinite cycle. CloudStick handles SSL configuration and HTTPS redirect automatically — when you enable SSL through the CloudStick dashboard, the correct redirect blocks are added without requiring manual configuration.

# Check redirect with curl (follow chain)
curl -I -L http://example.com/
# Expected output:
# HTTP/1.1 301 Moved Permanently
# Location: https://example.com/
# HTTP/2 200