Nginx 服务器配置文件 nginx.conf 记录
nginx.conf
代码语言:javascript复制 访问 www 返回 @ 域
# Nginx no-www to www and www to no-www
return 301 $scheme://domain.com$request_uri;
重写url地址(隐藏文件扩展名)
# This 'rewrite' down below working on: / to non-/
rewrite ^/(.*)/$ /$1 permanent;
# ../pages/2bfriends/ 200-OK ../pages/2bfriends
# The "Holy Grail" Solution for Removing ".html" in NGINX:
# Code in StackOverflow : https://stackoverflow.com/a/38238001/7685506
if ($request_uri ~ ^/(.*).html$) {
return 302 /$1;
}
# What does "try_files" do?
try_files $uri $uri.html $uri/ =404;
通过目录形式访问文件
if ($request_uri ~ ^/(.*).html$) {
return 302 /$1;
}
#通过目录形式访问文件 $uri.xml
try_files $uri $uri.html $uri.xml $uri/ =404;
if ($request_uri ~ ^/(.*).xml$) {
return 302 /$1;
}
.httpaswd 401自定义
location ~ ^/path/.*.pvt|.prv$ {
auth_basic "Restricted .pvt.prv files";
auth_basic_user_file /etc/nginx/.htpasswd;
}
# set customize 401 / Unauthorized-page
error_page 401 /401.html;location = /401.html {
auth_basic off;
}
location ~ /. { deny all; }
.httpaswd 404 - root 外部访问
# securing access to a folder - 404 error
root /root/cV585m;
# see: https://www.ruby-forum.com/topic/4411851
location / {
index index.php index.html index.htm;
}
Let's Encrypt SSL 配置 acme.sh
listen 443;
server_name domain.com *.domain.com www.domain.com;
ssl on
ssl_certificate /root/.acme.sh/domain.com/fullchain.cer;
ssl_certificate_key /root/.acme.sh/domain.com/domain.com.key;
ssl_session_timeout 5m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;
ssl_prefer_server_ciphers on;
CORS跨域访问
#告诉浏览器允许跨域访问的方法
add_header Access-Control-Allow-Methods *;
# 告诉浏览器缓存OPTIONS预检请求1小时
add_header Access-Control-Max-Age 3600;
#允许带有cookie访问
add_header Access-Control-Allow-Credentials true;
#注意 * 不能满足带有cookie的访问,Origin 必须是全匹配,这里通过变量获取
add_header Access-Control-Allow-Origin $http_origin;
#设置支持所有的自定义请求头
add_header Access-Control-Allow-Headers $http_access_control_request_headers;还有些其他日常配置就不提及了。
