过去两天我一直在摸索这个问题,我似乎无法得到这个工作。 我正尝试通过nginx为我的网站redirect所有非万维网http和非万维网https连接到www-https。 这是conf。 我正在使用的文件
# Centmin Mod Getting Started Guide # must read http://centminmod.com/getstarted.html # redirect from non-www to www # uncomment, save file and restart Nginx to enable # if unsure use return 302 before using return 301 server { #listen 80; server_name example.com; return 301 $scheme://www.example.com$request_uri; } server { #listen 80; listen 443 ssl; ssl on; ssl_dhparam /usr/local/nginx/conf/ssl/example.com/dhparam.pem; ssl_certificate /usr/local/nginx/conf/ssl/example.com/example.com_combined.crt; ssl_certificate_key /usr/local/nginx/conf/ssl/example.com/example.com.key; include /usr/local/nginx/conf/ssl_include.conf; server_name www.example.com; # mozilla recommended ssl_ciphers ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA:!CAMELLIA:!DES-CBC3-SHA; ssl_prefer_server_ciphers on; add_header Alternate-Protocol 443:npn-spdy/3; add_header Strict-Transport-Security "max-age=31536000; includeSubdomains;"; #add_header X-Content-Type-Options "nosniff"; #add_header X-Frame-Options DENY; #spdy_headers_comp 5; ssl_buffer_size 1400; ssl_session_tickets on; # enable ocsp stapling resolver 8.8.8.8 8.8.4.4 valid=10m; resolver_timeout 10s; ssl_stapling on; ssl_stapling_verify on; ssl_trusted_certificate /usr/local/nginx/conf/ssl/example.com/beegeekn.net_combined.crt; # ngx_pagespeed & ngx_pagespeed handler include /usr/local/nginx/conf/pagespeed.conf; include /usr/local/nginx/conf/pagespeedhandler.conf; include /usr/local/nginx/conf/pagespeedstatslog.conf; # limit_conn limit_per_ip 16; # ssi on; access_log /home/nginx/domains/example.com/log/access.log combined buffer=256k flush=60m; error_log /home/nginx/domains/example.com/log/error.log; root /home/nginx/domains/example.com/public; # prevent access to ./directories and files location ~ (?:^|/)\. { deny all; } location / { # block common exploits, sql injections etc #include /usr/local/nginx/conf/block.conf; # Enables directory listings when index file not found #autoindex on; # Shows file listing times as local time #autoindex_localtime on; # Enable for vBulletin usage WITHOUT vbSEO installed # More example Nginx vhost configurations at # http://centminmod.com/nginx_configure.html try_files $uri $uri/ @handler; index index.html index.php; expires 30d; } location @handler { rewrite / /index.php; } location ~ .php/ { rewrite ^(.*.php)/ $1 last; } location ~ .php$ { #if(!-e $request_filename) { # rewrite / /index.php last; #} expires off; fastcgi_pass 127.0.0.1:9000; fastcgi_param HTTPS $fastcgi_https; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_param MAGE_RUN_CODE default; fastcgi_param MAGE_RUN_TYPE store; include fastcgi_params; location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ { expires 1d; log_not_found off; } } # include /usr/local/nginx/conf/staticfiles.conf; # include /usr/local/nginx/conf/php.conf; # include /usr/local/nginx/conf/drop.conf; #include /usr/local/nginx/conf/errorpage.conf; # include /usr/local/nginx/conf/vts_server.conf; } 我是一个完整的noob,当涉及到这些configuration文件,我试图从谷歌的各种设置,但还没有得出一个坚实的结论。 谢谢
编辑
终于find了一个工作
server { server_name exmaple.com; ssl_certificate /usr/local/nginx/conf/ssl/example.com/example.com_combined.crt; ssl_certificate_key /usr/local/nginx/conf/ssl/example.com/example.com.key; listen *:80; listen *:443 ssl; #listen [::]:80 ipv6only=on; #listen [::]:443 ssl ipv6only=on; return 301 https://www.example.com$request_uri; } # # Redirect all non-encrypted to encrypted # server { server_name www.example.com; listen *:80; #listen [::]:80; return 301 https://www.example.com$request_uri; } # # There we go! # server { server_name www.example.com; ssl_dhparam /usr/local/nginx/conf/ssl/example.com/dhparam.pem; ssl_certificate /usr/local/nginx/conf/ssl/example.com/example.com_combined.crt; ssl_certificate_key /usr/local/nginx/conf/ssl/example.com/example.com.key; listen *:443 ssl; #listen [::]:443 ssl;
你应该像这个问题一样创build不同的服务器块:
https://stackoverflow.com/questions/7947030/nginx-no-www-to-www-and-www-to-no-www
没有www到https:// www
server { listen 80; listen 443 ssl; server_name example.com; return 301 https://www.example.com$request_uri; } server { listen 443 ssl; server_name www.example.com; ## here goes the rest of your conf... }