Move 'Force SSL' definitions to host root configuration

This fixes issues with these settings not applying to custom locations
defined under hosts.

backend/templates/proxy_host.conf

@@ -11,6 +11,7 @@ server {
 {% include "_assets.conf" %}
 {% include "_exploits.conf" %}
 {% include "_hsts.conf" %}
+{% include "_forced_ssl.conf" %}
 
   access_log /data/logs/proxy_host-{{ id }}.log proxy;
 
@@ -43,7 +44,6 @@ server {
 
     {% endif %}
 
-{% include "_forced_ssl.conf" %}
 {% include "_hsts.conf" %}
 
     {% if allow_websocket_upgrade == 1 or allow_websocket_upgrade == true %}