nginx 301 重定向、http 跳转 https

2023-10-21 15:15:48 浏览数 (2)

代码语言:javascript复制
server
    {
        listen 80;
        #listen [::]:80;
        server_name xiaobanma.net *.xiaobanma.net;

        # 将所有 http 跳转到 https
        return 301 https://bbs.xiaobanma.net$request_uri;

        index index.html index.htm index.php default.html default.htm default.php;
        root  /home/wwwroot/bbs.xiaobanma.net;

        include rewrite/discuzx.conf;
        #error_page   404   /404.html;

        # Deny access to PHP files in specific directory
        #location ~ /(wp-contentuploadswp-includesimages)/.*.php$ { deny all; }

        include enable-php.conf;

        location ~ .*.(gifjpgjpegpngbmpswf)$
        {
            expires      30d;
        }

        location ~ .*.(jscss)?$
        {
            expires      12h;
        }

        location ~ /.well-known {
            allow all;
        }

        location ~ /.
        {
            deny all;
        }

        access_log  /home/wwwlogs/bbs.xiaobanma.net.log;
    }

server
    {
        listen 443 ssl http2;
        #listen [::]:443 ssl http2;
        server_name xiaobanma.net *.xiaobanma.net;

        # 如果不是 bbs.xiaobanma.net 的域名,301 重定向到 bbs.xiaobanma.net
        if ($host != 'bbs.xiaobanma.net') {
                return 301 https://bbs.xiaobanma.net$request_uri;
        }

        index index.html index.htm index.php default.html default.htm default.php;
        root  /home/wwwroot/bbs.xiaobanma.net;
        ssl on;
        ssl_certificate /usr/local/nginx/conf/ssl/xiaobanma.net/fullchain.cer;
        ssl_certificate_key /usr/local/nginx/conf/ssl/xiaobanma.net/xiaobanma.net.key;
        ssl_session_timeout 5m;
        ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
        ssl_prefer_server_ciphers on;
        ssl_ciphers "EECDH CHACHA20:EECDH CHACHA20-draft:EECDH AES128:RSA AES128:EECDH AES256:RSA AES256:EECDH 3DES:RSA 3DES:!MD5";
        ssl_session_cache builtin:1000 shared:SSL:10m;
        # openssl dhparam -out /usr/local/nginx/conf/ssl/dhparam.pem 2048
        ssl_dhparam /usr/local/nginx/conf/ssl/dhparam.pem;

        include rewrite/discuzx.conf;
        #error_page   404   /404.html;

        # Deny access to PHP files in specific directory
        #location ~ /(wp-contentuploadswp-includesimages)/.*.php$ { deny all; }

        include enable-php.conf;

        location ~ .*.(gifjpgjpegpngbmpswf)$
        {
            expires      30d;
        }

        location ~ .*.(jscss)?$
        {
            expires      12h;
        }

        location ~ /.well-known {
            allow all;
        }

        location ~ /.
        {
            deny all;
        }

        access_log  /home/wwwlogs/bbs.xiaobanma.net.log;
    }

0 人点赞