hey mlybrand, You can check the redirecting behaviour with CURL. Use, $ curl -I -k http://example.org # to get only the respond header and dont validate the ssl cert Also, maybe try "return 301 https://$host$request_uri;" over "rewrite ^(.*) https://$host$1 permanent;", and check the with curl, again. Good luck and have a nice week! ~ed