ignore_invalid_headers on; server { listen 443 ssl default; root /usr/share/nginx/www; index index.html index.htm; ssl on; ssl_certificate /etc/ssl/certs/ssl-cert-snakeoil.pem; ssl_certificate_key /etc/ssl/private/ssl-cert-snakeoil.key; ssl_session_timeout 5m; ssl_protocols SSLv3 TLSv1; ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv3:+EXP; ssl_prefer_server_ciphers on; client_max_body_size 75M; client_body_buffer_size 512k; location /media { alias /home/cloud/circle/circle/static_collected; # your Django project's media files } location /static { alias /home/cloud/circle/circle/static_collected; # your Django project's static files } location /doc { alias /home/cloud/circle-website/_build/html; } location / { uwsgi_pass unix:///tmp/uwsgi.sock; include /etc/nginx/uwsgi_params; # or the uwsgi_params you installed manually } location /vnc/ { proxy_pass http://localhost:9999; proxy_set_header X-Real-IP $remote_addr; proxy_set_header Host $host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; # WebSocket support (nginx 1.4) proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; } } server { listen 80 default; rewrite ^ https://$host/; # permanent; }