If you want to allow for both http and https requests, but redirect new browsers capable of https to https version, here is simple nginx configuration snippet:
set $do_http_upgrade "$https$http_upgrade_insecure_requests"; location / { if ($do_http_upgrade = "1") { add_header Vary Upgrade-Insecure-Requests; return 307 https://$host$request_uri; } root /var/www/your-website-root; }
$https can be either "on" or empty, $http_upgrade_insecure_requests can be either "1" or empty → this means $do_http_upgrade will be set to "1" only in case request came in via http and browser set the Upgrade-Insecure-Requests header.