A basic config for forcing HTTPS.
//Default website
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name ntalam.com www.ntalam.com;
return https://ntalam.com$request_uri;
...
}
//Website 2
server {
listen 80;
listen [::]:80;
server_name proxy.ntalam.com;
return https://proxy.ntalam.com$request_uri;
...
}
//Reading from port 443
server {
server_name ntalam.com www.ntalam.com;
listen [::]:443 ssl ipv6only=on; # managed by Certbot
listen 443 ssl; # managed by Certbot
root /path/to/ntalam_com;
location = /favicon.ico {
log_not_found off;
access_log off;
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
ssl_certificate /etc/letsencrypt/live/ntalam.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/ntalam.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}