[Sn1F3rt]

I would always prefer and always recommend to use the redirection method that the web server provides. May it be .htaccess, other similar configuration files or direct entries in the vHost (like nginx does it). This way you get redirected to the HTTPS version of the site BEFORE you load any content on the site. This leaves no time or space to possibly load something via an unsecured connection (if all resources on the site are loaded over and support HTTPS).

Using a solution within the software you host can possibly be insecure by having security flaws in that software that can exploit the redirection feature to load malicious code on the client side browser.

My two cents. I'm using Nginx now for over 5 years and love it.

I agree with your view on security issues. In fact that's the sole reason why I stopped using plugins once one of my teammates was the victim of a pharming attack.

He had a beautiful WordPress blog with over 1K views a day, which was the victim of the attack. In fact that got him banned by his hosting service and he's lost a huge lot of vital information, which he didn't backup.

One thing more I've also been involved with nginx for over a year now but Apache is an all time favorite.