问个 nginx http / https 的问题
- 0次
- 2021-05-20 22:17:57
- idczone
需求是:
1 、 http 的 www 和 @ 强制跳转到 https://example.com
2 、 https 的 www 也强制跳转到 https://example.com
现在完成了 1 ,看了半天 nginx ,也没搞明白 2 怎么实现
server {
listen 80;
server_name example.com www.example.com;
return 301 https://example.com$request_uri;
}
server
{
#listen 80;
listen 443 ssl http2;
#listen [::]:80;
ssl on;
ssl_certificate /usr/local/nginx/c大带宽服务器onf/example.crt;
ssl_certificate_key /usr/local/nginx/conf/example.key;
server_name example.com www.example.com;
index index.html index.htm index.php default.html default.htm default.php;
root /home/wwwroot/example.com;
include example.conf;
#error_page 404 /404.html;
include enable-php.conf;
location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
{
expires 30d;
}
location ~ .*\.(js|css)?$
{
expires 12h;
}
location ~ /\.
{
deny all;
}
access_log off;
}
类似第一个块 再写一个~
再写个 443 的 example.com 不就行了?
server {
listen 443 ssl http2;
ssl on;
ssl_certificate /usr/local/nginx/conf/example.crt;
ssl_certificate_key /usr/local/nginx/conf/example.key;
server_name example.com ;
return 301 https://example.com$request_uri;
}
server {
listen 443;
server_name www.example.com ;
return 301 https://example.com$request_uri;
}
不行的
最近迷上 caddy 了,配置文件都不用指定就跳转
没问题的 肯定可以的
这里有个方案,顺着配置很清晰的:
https://bashy.im/blog/nginx-redirect-to-https-with-without-www-subdomain
我前几天刚好解决了这个问题,写一个带 www 的 https 配置
server
{
listen 443;
[::]:80;
ssl on;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_certificate /usr/local/nginx/ssl/fullchain.cer;
ssl_certificate_key /usr/local/nginx/ssl/domain.me.key;
server_name www.domain.com;
return 301 https://domain.com$request_uri;
}
这有多麻烦。。
HTTPS Config Start />{
80;
osu.pink www.osu.pink;
301 https://www.osu.pink$request_uri;
/>/>{
443 ssl http2;
osu.pink;
/>on;
shared:SSL:10m;
TLSv1 TLSv1.1 TLSv1.2;
EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
/usr/local/nginx/conf/1.crt;
/usr/local/nginx/conf/1.key;
/>301 https://www.osu.pink$request_uri;
/>/>{
443 ssl http2;
www.osu.pink;
index.php index.htm index.html;
/var/www/html/osu;
/>on;
shared:SSL:10m;
TLSv1 TLSv1.1 TLSv1.2;
EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
/usr/local/nginx/conf/1.crt;
/usr/local/nginx/conf/1.key;
/>~ .*\.(php|php5)?$ {
unix:/var/run/phpfpm.sock;
index.php;
fastcgi.conf;
/>#}
已经搞定了,谢谢大家
谢谢大家
只需要像 walkingway 那样就行了 其他不用配置
咋解决的,说下答案啊
还是要单独填一个 443 的块,然后 server_name 是 www 的,指定 301 跳 https 的 @
我之前也是按朋友告诉那么做的,只是单独填的那个 443 忘记加证书路径了。。。
嗯,我提问题之前也是那么做的,只是忘记加证书路径了 所以不好使
完整配置
server {
listen 80;
server_name example.com www.example.com;
return 301 https://example.com$request_uri;
}
server {
listen 443 ssl http2;
ssl on;
ssl_certificate /usr/local/nginx/conf/example.crt;
ssl_certificate_key /usr/local/nginx/conf/example.key;
server_name www.example.com;
return 301 https://example.com$request_uri;
}
server
{
80;
listen 443 ssl http2;
[::]:80;
ssl on;
ssl_certificate /usr/local/nginx/conf/example.crt;
ssl_certificate_key /usr/local/nginx/conf/example.key;
server_name example.com;
index index.html index.htm index.php default.html default.htm default.php;
root /home/wwwroot/example.com;
include example.conf;
404 /404.html;
include enable-php.conf;
location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
{
expires 30d;
}
location ~ .*\.(js|css)?$
{
expires 12h;
}
location ~ /\.
{
deny all;
}
access_log off;
}
写两个 server
一个把 www 和 @的 80 端口 301 到 https
再写一个 https 的 server