之前配置的是http 和 https 都可以访问,配置如下:
后来要配置成访问http时自动跳转到https,改成如下配置:
一定要把80端口独立写出来进行rewrite到https, 如果不独立出来,访问时nginx会报错,说重定向死循环了, 因为访问80端口rewrite到443,而访问443时又rewrite到443,再又rewrite到443..... 如此便死循环了,分开写就是只对80端口进行rewrite,443不能rewrite到443
server {
listen 443 ssl;
listen 80;
server_name test.com;
#设置长连接
keepalive_timeout 70;
#减少点击劫持
add_header X-Frame-Options DENY;
#禁止服务器自动解析资源类型
add_header X-Content-Type-Options nosniff;
#防XSS攻击
add_header X-Xss-Protection 1;
location / {
proxy_pass http://127.0.0.1:8081;
}
location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$ {
expires 30d;
proxy_pass http://127.0.0.1:8081;
}
location ~ .*\.(js|css)?$ {
expires 30d;
proxy_pass http://127.0.0.1:8081;
}
}
后来要配置成访问http时自动跳转到https,改成如下配置:
server {
listen 443 ssl;
# listen 80; [b]这个要注释掉,再底下单独写个server[/b]
server_name test.com;
#设置长连接
keepalive_timeout 70;
#减少点击劫持
add_header X-Frame-Options DENY;
#禁止服务器自动解析资源类型
add_header X-Content-Type-Options nosniff;
#防XSS攻击
add_header X-Xss-Protection 1;
location / {
proxy_pass http://127.0.0.1:8081;
}
location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$ {
expires 30d;
proxy_pass http://127.0.0.1:8081;
}
location ~ .*\.(js|css)?$ {
expires 30d;
proxy_pass http://127.0.0.1:8081;
}
}
server {
listen 80;
server_name test.com;
rewrite ^(.*) https://$server_name$1 permanent;
}
一定要把80端口独立写出来进行rewrite到https, 如果不独立出来,访问时nginx会报错,说重定向死循环了, 因为访问80端口rewrite到443,而访问443时又rewrite到443,再又rewrite到443..... 如此便死循环了,分开写就是只对80端口进行rewrite,443不能rewrite到443