https to http error "too many redirects"

Daniël Mostertman daniel at
Fri Mar 20 09:35:49 UTC 2015

You said that in your configuration, you have the following line:

# HSTS (ngx_http_headers_module is required) (15768000 seconds = 6 months)
add_header Strict-Transport-Security max-age=15768000;

This makes nginx send a HSTS header to browsers that visit the website. 
With this, you tell the browser to always use https:// and never use 
http://, for the whole website.
If you do not disable this, any and all requests done to the site will 
make sure that any requests for the next 6 months of that visit (you set 
it to 6 months), will always, no matter what the user or redirect 
types/does, use https://.

If you want to avoid this behaviour, you should first reduce the 
duration of the header (max-age=) to 1 second, so that browsers will 
reduce the remaining time to 1 second.
Then disable it after a few days/a week, depending on how long you think 
users take to return to your website.

jinwon42 schreef op 20-3-2015 om 10:20:
> You should set it to 1 for a while and then disable it.
> What's mean?
> How can i do? Please teach me.
> Thanks
> Posted at Nginx Forum:,257458,257472#msg-257472
> _______________________________________________
> nginx mailing list
> nginx at

More information about the nginx mailing list