### redirect to secure site

server {
    listen 80;
    server_name default_server;

    # redirect to properly formed HTTPS location
    location / {
        return 301 https://$host$request_uri;
    }
    
    # process Let's Encrypt challenges
    location ^~ /.well-known/acme-challenge {
        # log requests for security reasons
        access_log /var/log/nginx/LetsEncrypt_access.log main;
        error_log /var/log/nginx/LetsEncrypt_error.log warn;

        default_type text/plain;
        root /usr/share/nginx/html/letsencrypt;
        autoindex on;
    }
}