nginx添加301跳转到HTTPS并保留部分80端口的URL

最新推荐文章于 2024-08-12 08:24:58 发布

gsls200808

最新推荐文章于 2024-08-12 08:24:58 发布

阅读量7.3k

点赞数

分类专栏：随想文章标签： nginx ssl

本文链接：https://blog.csdn.net/gsls200808/article/details/53453108

版权

随想专栏收录该内容

171 篇文章 3 订阅

订阅专栏

为什么有这个需求，因为Let’s Encrypt的证书有一个URL必须在80端口认证，很多配置都是全跳到https这就有问题了

参考文章：http://www.tuicool.com/articles/NVNvUf3

主要是配两个server，80端口配置Let’s Encrypt认证的URL和跳转，443端口的配置SSL

我的配置如下

server
    {
        listen 80;

        #listen [::]:80;
        server_name blog.vvvtimes.com;
        index index.html index.htm index.php default.html default.htm default.php;
        root  /home/wwwroot/blog.vvvtimes.com;

        #error_page   404   /404.html;

        location ~ /.well-known/acme-challenge/(.*)
        {
            default_type text/plain;
        }

        location / {
            return 301 https://$server_name$request_uri;
        }

        access_log  /home/wwwlogs/blog.vvvtimes.com.log;
    }
server
    {
        listen 443 ssl;
        #listen [::]:80;
        server_name blog.vvvtimes.com;
        index index.html index.htm index.php default.html default.htm default.php;
        root  /home/wwwroot/blog.vvvtimes.com;

        ssl_certificate /etc/letsencrypt/live/www.vvvtimes.com/fullchain.pem;
        ssl_certificate_key /etc/letsencrypt/live/www.vvvtimes.com/privkey.pem;
        ssl_ciphers "EECDH+CHACHA20:EECDH+CHACHA20-draft:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5";
        ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
        ssl_prefer_server_ciphers on;
        ssl_session_cache shared:SSL:10m;

        include wordpress.conf;
        #error_page   404   /404.html;
        include enable-php.conf;

        location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
        {
            expires      30d;
        }

        location ~ .*\.(js|css)?$
        {
            expires      12h;
        }

        location ~ /\.
        {
            deny all;
        }

        access_log  /home/wwwlogs/blog.vvvtimes.com.log;
    }