WordPress系列教程(六)----域名开启https连接

最新推荐文章于 2024-07-05 18:21:22 发布

码农致富

最新推荐文章于 2024-07-05 18:21:22 发布

阅读量2.7k

点赞数

分类专栏： WordPress 文章标签： WordPress Nginx

本文链接：https://blog.csdn.net/u011781521/article/details/82824116

版权

WordPress 专栏收录该内容

7 篇文章 96 订阅

订阅专栏

一、前言

现在基本上网站都会使用https进行访问，建立一个信息安全通道，来保证数据传输的安全。

二、域名配置

在域名信息页中点击免费开启SSL证书功能

开启之后，在阿里云中找到云盾

找到证书一栏

找到相应的容器进行下载

三、配置证书

首先在Nginx目录下创建cert/文件夹，比如我这里就是/usr/local/nginx/cert目录，将压缩包中的两个文件上传到该目录下，修改nginx.conf配置文件为如下所示：


user  www www;
worker_processes  1;

#error_log  logs/error.log;
#error_log  logs/error.log  notice;
#error_log  logs/error.log  info;

#pid        logs/nginx.pid;


events {
    worker_connections  1024;
}


http {
    include       mime.types;
    default_type  application/octet-stream;

    #log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
    #                  '$status $body_bytes_sent "$http_referer" '
    #                  '"$http_user_agent" "$http_x_forwarded_for"';

    #access_log  logs/access.log  main;
	
    sendfile        on;
    keepalive_timeout  65;

	#
    # HTTPS server
    #
    server {
	
        listen 443 ssl;
        server_name  localhost;
		root /xxx/xxx/xxx/xxx;
        ssl_certificate      ../cert/1538361029435.pem;
        ssl_certificate_key  ../cert/1538361029435.key;

		ssl_stapling on;
		ssl_stapling_verify on;
			
		error_page  404              /404.html;
		
		location / {
			if (-f $request_filename/index.html){
				rewrite (.*) $1/index.html break;
			}
			if (-f $request_filename/index.php){
				rewrite (.*) $1/index.php;
			}	
			if (!-f $request_filename){
				rewrite (.*) /index.php;
			}
		}

		error_page   500 502 503 504  /50x.html;
		
		location = /50x.html {
			root   html;
		}

		location ~* .(jpg|gif|png|js|css|svg)$ {
			root /xxx/xxx/xxx/xxx; 
			if (-f $request_filename) {
				expires max;
				break;
			}
		}

		location ~ \.php$ {
				fastcgi_pass   127.0.0.1:9000;
				fastcgi_index  index.php;
				include fastcgi_params;
				fastcgi_connect_timeout 300;
				fastcgi_send_timeout 300;
				fastcgi_read_timeout 300;
				fastcgi_split_path_info       ^(.+\.php)(/.+)$;
				fastcgi_param PATH_INFO       $fastcgi_path_info;
				fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info;
				fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
				fastcgi_buffer_size 128k;
				fastcgi_buffers 4 256k;
				fastcgi_busy_buffers_size 256k;
        }
		
	
    }
	
    server {
	
		listen 80;
		server_name localhost;
		rewrite ^   https://$host$request_uri? permanent;

    }

}

在nginx配置文件中，把原来server块中的80端口（http访问）的语句改为443端口，并引入SSL各项配置，同时启用HSTS（HTTP严格传输安全），然后重启服务：