我是早上看了一篇文章然后亲自实验了下到底怎么配置https,使得网站更加安全。
- https://mp.weixin.qq.com/s/FKJ9MrKdFFrpNa-x9AZ_Hw
前面的步骤你们可以借鉴下,但是后面的东西,有点坑啊,因为我实用的是阿里云的一键安装,所有配置文件修改的动静大了点
上面的证书我放在了nginx/conf下面的cert下
server {
listen 443;
server_name www.showdoc.XXXXX.com showdoc.XXXXX.com;
ssl on;
root /data/wwwroot/www.showdoc.XXXXX.com/showdoc;
index index.html index.htm index.php;
ssl_certificate cert/214793453260942.pem;
ssl_certificate_key cert/214793453260942.key;
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
include /usr/local/nginx/conf/rewrite/wordpress.conf;
#error_page 404 /404.html;
location ~ [^/]\.php(/|$) {
#fastcgi_pass remote_php_ip:9000;
fastcgi_pass unix:/dev/shm/php-cgi.sock;
fastcgi_index index.php;
include fastcgi.conf;
}
location ~ .*\.(gif|jpg|jpeg|png|bmp|swf|flv|mp4|ico)$ {
expires 30d;
access_log off;
}
location ~ .*\.(js|css)?$ {
expires 7d;
access_log off;
}
location ~ /\.ht {
deny all;
}
}
server {
listen 80;
server_name www.showdoc.XXXX.com showdoc.XXXXX.com;
access_log /data/wwwlogs/www.showdoc.XXXXX.com_nginx.log combined;
index index.html index.htm index.php;
root /data/wwwroot/www.showdoc.XXXXX.com/showdoc;
# if ($host != www.showdoc.XXXX.com) { return 301 https://www.showdoc.XXXXX.com$request_uri; }
include /usr/local/nginx/conf/rewrite/wordpress.conf;
#error_page 404 /404.html;
location ~ [^/]\.php(/|$) {
#fastcgi_pass remote_php_ip:9000;
fastcgi_pass unix:/dev/shm/php-cgi.sock;
fastcgi_index index.php;
include fastcgi.conf;
}
location ~ .*\.(gif|jpg|jpeg|png|bmp|swf|flv|mp4|ico)$ {
expires 30d;
access_log off;
}
location ~ .*\.(js|css)?$ {
expires 7d;
access_log off;
}
location ~ /\.ht {
deny all;
}
return 301 https://www.showdoc.XXXXX.com$request_uri;
}
就是这样在访问的时候就可以显示https了,301重定向也管用了