server {
    listen               80;
    server_name          rehook.example.com;
    return               301 https://$host$request_uri;
}

server {
    listen               443 ssl;
    server_name          rehook.example.com;
    ssl_certificate      ssl/example.com.crt;
    ssl_certificate_key  ssl/example.com.key;
    ssl_protocols        TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers          HIGH:!aNULL:!MD5;
    auth_basic           "Restricted";
    auth_basic_user_file /etc/nginx/htpasswd;
    location / {
        proxy_pass       http://127.0.0.1:9001;
    }
    location /h/ {
        auth_basic       "off";
        proxy_pass       http://127.0.0.1:9000;
    }
}