Nginx配置ssl、反向代理配置文件
配置ssl、反向代理的时候 最后整理的一份配置文件 重要项都有详细的说明
server {
listen 443;
server_name ******.com;
ssl on;
root /home/wwwroot/test_lightning; # 前台文件存放文件夹,可改成别的
access_log /home/wwwlogs/******.com.log;
error_log /home/wwwlogs/error.log.*******.dmpdsp.com.log;
index index.html index.php index.htm; # 上面配置的文件夹里面的index.html
ssl_certificate /usr/local/nginx/certs/******.com.pem; # 改成你的证书的路径名字
ssl_certificate_key /usr/local/nginx/certs/******.com.key; # 你的证书的路径名字
ssl_session_timeout 5m;
ssl_ciphers ECD8-GMD5:!ADH:!RC4;
ssl_protocols TLSv1 TSv1.2;
ssl_prefer_server_ciphers on;
include "enable-php.conf";
location = /s.do {
#access_log /home/wwwlogs/access.log.84.taobao.s.do;
#if ($request_uri ~ "^/s\.do\?id=(\w\d{8})") {
# access_log /home/wwwlogs/access.log.84.taobao.s.do.$1;
#}
try_files $uri =404;
fastcgi_pass unix:/tmp/php-cgi.sock;
fastcgi_index index.php;
include fastcgi.conf;
}
location /order/rest/ {
#配置反向代理 也可以使用端口号配置的方式
proxy_pass http://******.com/order/rest/ ; #被代理的url
}
location / {
#url重写 为了去掉index.php
if (!-e $request_filename) {
rewrite ^(.*)index.php(.*)$ /index.php?s=$2 last;
rewrite ^(.*)$ /index.php?s=$1 last;
break;
}
}
}
server {
listen 80;
server_name test.dmpdsp.com; #你的域名
rewrite ^(.*)$ https://$host$1 permanent; # 这里的目的是为了把http的域名请求转成https
}