### No need to enable the following in wp-config.php # define('FORCE_SSL_ADMIN', true); # define('FORCE_SSL_LOGIN', true); ### Process non-SSL requests server { listen 80; server_name example.com; index index.php; # Replace the path with the actual path to WordPress core files root /home/username/sites/example.com/public; # Process PHP requests location ~ \.php$ { # Request to wp-login to go through HTTPS protocol location ~ /wp-(admin|login) { return 301 https://$host$request_uri; } # Process non-admin requests try_files $uri =404; include "fastcgi.conf"; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_index index.php; fastcgi_pass fpm; } # Nginx way of mod_write location / { try_files $uri $uri/ /index.php$is_args$args; } } server { listen 443 ssl; server_name example.com; index index.php; # Replace the path with the actual path to WordPress core files root /home/username/sites/example.com/public; # Generate Certificates # http://wiki.nginx.org/HttpSslModule#Generate_Certificates ssl_certificate /path/to/combined.crt; ssl_certificate_key /path/to/server.key; # Logs access_log /var/log/nginx/example.com-access.log combined buffer=64k flush=5m if=$loggable; error_log /var/log/nginx/example.com-error.log; # Process requests to wp-admin/* and wp-login.php location ~ /wp-(admin|login) { location ~ \.php$ { try_files $uri =404; fastcgi_split_path_info ^(.+\.php)(/.+)$; fastcgi_index index.php; fastcgi_intercept_errors on; fastcgi_pass fpm; include "fastcgi.conf"; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; } } # Process non-admin requests include globals/assets.conf; # To avoid displaying posts and post previews in HTTPS location / { return 301 http://example.com$request_uri; } }