Typecho Nginx 使用https加密访问实现方式(解决其他页面404问题)

2023-09-05 15:35:47 浏览数 (4)

typecho nginx

本文假设你已经申请好了证书,并已经配置到服务器

  1. 在项目根目录下的配置文件config.inc.php中添加如下代码,让后台访问https资源,不加的话后台登录仍然访问http;
代码语言:javascript复制
   define('__TYPECHO_SECURE__',true);
  1. nginx配置文件中,在你解析443端口的server中,在localhost中添加如下代码,地址带参数跳转,不加会导致其他页面404;
代码语言:javascript复制
            try_files $uri $uri/ /index.php?$query_string;
            if (!-e $request_filename){  
                rewrite ^/(.*) /index.php last;  
            } 

例如:

代码语言:javascript复制
    location ~ .*.php(/.*)*$ {
        try_files $uri $uri/ /index.php?$query_string;
        if (!-e $request_filename){
            rewrite ^/(.*) /index.php last;
        }
       ...
    }
  1. 在项目代码中header.php中加入如下代码,默认访问https(可选);
代码语言:javascript复制
    if ($_SERVER["HTTPS"] <> "on")
    {
        $xredir = "https://".$_SERVER["SERVER_NAME"].$_SERVER["REQUEST_URI"];
        header("Location: ".$xredir);
    }

附上 nginx https 的配置文件

代码语言:javascript复制
server {
        listen       443 ssl http2 default_server;
        listen       [::]:443 ssl http2 default_server;
        server_name  localhost;
        root         /usr/share/nginx/html/YOURWEB;
        index index.html index.php index.htm;

        ssl_certificate "/usr/cert/YOURCERT.pem";
        ssl_certificate_key "/usr/cert/YOURCERT.key";
        ssl_session_cache shared:SSL:1m;
        ssl_session_timeout  10m;
       #ssl_ciphers HIGH:!aNULL:!MD5;
       #下面这句话可以防止某些浏览器出现 ERR_SPDY_INADEQUATE_TRANSPORT_SECURITY 错误
        ssl_ciphers EECDH AES128:HIGH:!aNULL:!MD5; 
        ssl_prefer_server_ciphers on;

        # Load configuration files for the default server block.
        include /etc/nginx/default.d/*.conf;

        # nginx rewrite
        if (-f $request_filename/index.html){
            rewrite (.*) $1/index.html break;
        }
        if (-f $request_filename/index.php){
            rewrite (.*) $1/index.php;
        }
        if (!-e $request_filename){
            rewrite (.*) /index.php;
        }


        location / {
            index index.html index.htm index.php;
        }

       #location ~ .php$ {
        location ~ .*.php(/.*)*$ {
        # root /usr/share/nginx/html/public_html;

        try_files $uri $uri/ /index.php?$query_string;
        if (!-e $request_filename){
            rewrite ^/(.*) /index.php last;
        }

        #try_files $uri =404;
                fastcgi_pass 127.0.0.1:9000;
                fastcgi_index index.php;
                fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
                include fastcgi_params;
        }

        error_page 404 /404.html;
            location = /40x.html {
        }

        error_page 500 502 503 504 /50x.html;
            location = /50x.html {
        }
    }

1 人点赞