server {
listen *:80;
server_name *******.com; #你的域名
rewrite ^(.*) https://$server_name$1 permanent;
location / {
root /***/****/*****/; #你的项目路径
index index.html index.htm;
}
}
server {
listen 443 ssl;
server_name ******.com ; #你的域名
index index.html index.htm index.php default.html default.htm default.php;
root /***/****/*****; #你的项目路径
ssl_certificate /usr/local/nginx/conf/ssl/********.pem; #需要将cert-file-name.pem替换成已上传的证书文件的名称。
ssl_certificate_key /usr/local/nginx/conf/ssl/**********.key; #需要将cert-file-name.key替换已上传的证书私钥文件的名称。
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers on;
include rewrite/none.conf;
include enable-php-pathinfo.conf;
location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
{
expires 30d;
}
location ~ .*\.(js|css)?$
{
expires 12h;
}
location ~ /.well-known {
allow all;
}
location ~ /\.
{
deny all;
}
#伪静态
location / {
index index.html index.htm index.php;
#主要是这一段一定要确保存在
if (!-e $request_filename) {
rewrite ^(.*)$ /index.php?s=/$1 last;
break;
}
#结束
#autoindex on;
}
access_log off;
}
lnmp 配置https证书,并强制http跳转到https
于 2023-08-17 09:32:34 首次发布