To limit access to a website / subfolder to certain IP addresses:

location / {
    allow 10.0.X.0/24;
    allow 10.123.123.123;
    allow 10.0.Y.0/24;
    deny  all;
#   proxy_pass http://$http_host$uri$is_args$args
}

To redirect all traffic from non secure to secure sockets layer (SSL), add the following lines to the virtual host config file in /etc/nginx/sites-available/my_vhost_config_file.

server {
    listen 80 default_server;
    server_name _;
    return 301 https://$host$request_uri;
}

Explanations:

Listen 80: This instructs the system to catch all HTTP traffic on Port 80
Server_name _; : This will match any hostname
Return 301: This tells the browser (and search engines) that this is a permanent redirect
https://$host$request_uri: This is a short code to specify the HTTPS version of whatever the user has typed