Enforce HTTPS on your Nuxt app with Koa backend


1.2.14 years ago4 years agoMinified + gzip package size for @ax2/redirect-ssl in KB



Enforce HTTPS on your Nuxt app with Koa or Express backend


Install package

yarn add @ax2/redirect-ssl

Require and use middleware (Make sure adding it as the first in the chain)

const redirectSSL = require('redirect-ssl')

// Add middleware

// Or if want to provide options
app.use(redirectSSL.create({ redirectPort: 8443 }))



  • Default: true

Trust and check x-forwarded-proto header for HTTPS detection.


  • Default: process.env.NODE_ENV === 'production'

Only enabled in production environment. Force redirecting locally by setting this option to true.


  • Default: 443

Redirect users to this port for HTTPS. (:443 is omitted from URL as is default for https:// schema)


  • Default: undefined

Redirects using this value as host, if omitted will use request host for redirects.

NOTE It should not contain schema or trailing slashes. (Example: google.com)


  • Default: true

Redirect when no SSL detection method is available too. disable this option if you encounter redirect loops.

Status Code

  • Default: 307 Temporary Redirect

Status code when redirecting. The reason of choosing 307 for default is:

  • It prevents changing method from POST TO GET by user agents. (If you don't care, use 302 Found)
  • Is temporary so if for any reason HTTPS disables on server clients won't hurt. (If you need permanent, use 308 Permanent Redirect or 301 Moved Permanently)
  • See This question, 307 on MDN, and RFC 7231 section 6.4.7 for more info.


  • Default: [] An array of routes patterns for which redirection should be disabled.


MIT - Ax2

If you find any bugs or have a feature request, please open an issue on github!

The npm package download data comes from npm's download counts api and package details come from npms.io.