server { listen 443; server_name cm.example.com pdf.example.com; ssl on; ssl_certificate /etc/nginx/ssl/example.com/wildcard.example.com.pem; ssl_certificate_key /etc/nginx/ssl/example.com/wildcard.example.com.key; access_log /var/log/nginx/cm.example.com.access.log; error_log /var/log/nginx/cm.example.com.error.log; location / { proxy_pass https://192.168.0.1:8443/; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection 'upgrade'; proxy_set_header Host $host; proxy_cache_bypass $http_upgrade; proxy_intercept_errors on; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $remote_addr; proxy_redirect off; client_max_body_size 10m; client_body_buffer_size 128k; proxy_buffer_size 4k; proxy_buffers 4 32k; proxy_busy_buffers_size 64k; proxy_temp_file_write_size 64k; error_page 301 302 307 = @handle_redirect; } location @handle_redirect { set $saved_redirect_location '$upstream_http_location'; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection 'upgrade'; proxy_set_header Host $host; proxy_cache_bypass $http_upgrade; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $remote_addr; proxy_redirect off; client_max_body_size 10m; client_body_buffer_size 128k; proxy_buffer_size 4k; proxy_buffers 4 32k; proxy_busy_buffers_size 64k; proxy_temp_file_write_size 64k; # If IP exists just proxy pass if ($saved_redirect_location ~* "192.168.0.1") { proxy_pass $saved_redirect_location; } # If IP doesnt exist append it first if ($saved_redirect_location !~* "192.168.0.1") { proxy_pass https://192.168.0.1:8443/$saved_redirect_location; } } }