Nginx now supports redirects. New template: nginx_redirect.conf Also changed: 1) With Nginx, both the password protected directories and redirect use a "location /" section. There cannot be two, so it was decided that if you've got duplicates, the password protected directory would win, and the redirect would be skipped. If you do need a password protected redirect, then just password protect a directory, and do the redirect with an index.php. 2) The order of the locations matters. It was discovered that the / location would trump another /sub location. As such, both the redirects and password protected directories are going to be sorted (within their types), from the longest location path, to the shortest. So if you have /, it will be last, for that type (type being password protection vs redirects: they don't be mixed.. it's all sorted redirects listed first, then all sorted password protection) 3) Password protected directories on Subdomains: If you protect the folder: /domains/domain.com/public_html/subdomain for subdomain.domain.com, the location actually need to be: location / and not /subdomain. The nginx.conf writing code will figure that out and only include location paths that start with /subdomain/ or that are exactly /subdomain, and will swap them to be /. Eg: ".../public_html/subdomain/folder" becomes "location /folder/". Note that the protection will still exist as "location /subdomain/folder/" within the server entry for the main domain, for domain.com/subdomain/folder access. 4) Because the FileManager is chrooted, the rewrite of the nginx.conf cannot happen right away. A rewrite request is sent to the task.queue before the chroot, and then the protection list files are written immediately after. Possible race condition, but unlikely that the dataskq would get the task.queue and run it before the list files are written (dataskq checks services before processing requests) In any case, it means that the rewrite may happen up to 1 minute later.. and the restart, possibly 1 minute after that... so 2 minutes for password protection to show up. Be patient, as it's not immediate like apache, as that used realtime .htaccess files. Nginx requires config rewrites and a full Nginx service reload.