From 6311f1edc90f5a5327ca496f2fe03e833d98f130 Mon Sep 17 00:00:00 2001
From: Patrick ZAJDA <patrick@zajda.fr>
Date: Sat, 3 Aug 2019 16:44:50 +0200
Subject: [PATCH] Put http to https redirect before SEO in Nginx virtualhost.
 It makes better the compliance with HSTS, http to https redirect must be done
 before domain to www.domain.

---
 server/conf/nginx_vhost.conf.master | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/server/conf/nginx_vhost.conf.master b/server/conf/nginx_vhost.conf.master
index e78a107c77..b1db61fe1c 100644
--- a/server/conf/nginx_vhost.conf.master
+++ b/server/conf/nginx_vhost.conf.master
@@ -25,6 +25,13 @@ server {
 
         root   <tmpl_var name='web_document_root_www'>;
 		
+<tmpl_if name='ssl_enabled'>
+<tmpl_if name='rewrite_to_https' op='==' value='y'>
+        if ($scheme != "https") {
+            rewrite ^ https://$http_host$request_uri? permanent;
+        }
+</tmpl_if>
+</tmpl_if>
 <tmpl_if name='seo_redirect_enabled'>
         if ($http_host <tmpl_var name='seo_redirect_operator'> "<tmpl_var name='seo_redirect_origin_domain'>") {
             rewrite ^ $scheme://<tmpl_var name='seo_redirect_target_domain'>$request_uri? permanent;
@@ -40,13 +47,6 @@ server {
             rewrite ^<tmpl_var name='local_redirect_exclude'>(.*)$ <tmpl_var name='local_redirect_target'>$2 <tmpl_var name='local_redirect_type'>;
         }
 </tmpl_loop>
-<tmpl_if name='ssl_enabled'>
-<tmpl_if name='rewrite_to_https' op='==' value='y'>
-        if ($scheme != "https") {
-            rewrite ^ https://$http_host$request_uri? permanent;
-        }
-</tmpl_if>
-</tmpl_if>
 
 <tmpl_loop name="own_redirects">
 <tmpl_if name='use_rewrite'>
-- 
GitLab