我有一个开发人员试图为我的Nginx服务器创buildSSLconfiguration,但是它仍然不能正常工作。 我想强制/redirect到我的所有子域到HTTP,并且只允许没有子域的主域,使用SSL。
这是我目前的configuration:
set $ssl_rule ""; if ($scheme = http) { set $ssl_rule "1"; } if ($scheme = https) { set $ssl_rule "0"; } if ($host = "mystite.com") { set $ssl_rule "${ssl_rule}1"; } if ($host = "www.mysite.com") { set $ssl_rule "${ssl_rule}1"; } if ($host ~ (?!www).+.mysite\.com) { set $ssl_rule "${ssl_rule}0"; } if ($ssl_rule = "11") { return 301 https://$host$request_uri; } #if ($ssl_rule = "00") { # return 301 http://$host$request_uri; #} 任何人都可以看到我的configuration有什么问题吗?
你的主要问题是“如果”在一台服务器下的一堆域名,而不是在不同的服务器下定义域名。 这是你应该怎么做的。
# Main domain. Can swap to www if you like. server { server_name example.com; listen 443 ssl http2; ssl_certificate /var/lib/acme/live/etc; ssl_certificate_key /var/lib/acme/live/etc; location { // whatever } } # Forward https www to root domain server { server_name www.example.com; listen 443 ssl https; ssl_certificate /var/lib/acme/live/etc; ssl_certificate_key /var/lib/acme/live/etc; location / { return 301 https://example.com; } } # Forward www and non-www http to main https server { server_name www.example.com example.com; listen 80; location / { return 301 https://example.com; } } # First http subdomain server { server_name subdomain2.example.com; listen 80; location / { // whatever } } # second http subdomain server { server_name subdomain2.example.com; listen 80; location / { // whatever } }