Nginx 默认配置文件问题

tag-icon tag-icon proxy redirection nginx
Nginx 默认配置文件问题

我使用 NGINX 作为 SSL 的代理服务器,在端口 80 和 443 上使用 Apache,在端口 8082 上使用 Varnish。

使用 NGINX 的原因是将 HTTP 和 HTTPS 请求发送到 Varnish,然后 Varnish 将其发送到 Apache 服务器。

下面是我的默认 NGINX 配置文件:

#Redirect http www to https no-www
server {
server_name _;
access_log off;
 }

#Redirect http no-www to https no-www
server {
// listening to port 80
listen "actual-server-ip";
listen [::]:80;
server_name localhost;
 root /home/maindir;
index index.php;
 access_log off;
 port_in_redirect off;

 location / {
 allow 127.0.0.1;
  auth_basic "Please enter username";
  auth_basic_user_file /etc/nginx/.passfile1;
     }

  }

 server {
 // listening to port 443 for  https requests
  listen      443 ssl default_server;
  listen [::]:443 ssl default_server;
  server_name localhost;
  port_in_redirect off;
  access_log off;
 ssl_certificate /main/ssl/eth0___localhost.pem;
 ssl_certificate_key /main/ssl/eth0___localhost.key;
 ssl_trusted_certificate /main/ssl/eth0___localhost.ca;
  ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
  ssl_dhparam /root/dhparams.pem;
  ssl_prefer_server_ciphers on;
  ssl_ecdh_curve secp384r1;
  root /home/maindir;
  add_header Strict-Transport-Security "max-age=63072000; includeSubDomains;  preload";
  add_header X-Frame-Options SAMEORIGIN;
   add_header X-Content-Type-Options nosniff;
   index index.php index.html index.htm;

 location / {
        proxy_pass  http://127.0.0.1:81; // to direct requests to varnish
        proxy_set_header X-Real-IP  $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto https;
        proxy_set_header X-Forwarded-Port 443;
        proxy_set_header Host $http_host;
       proxy_set_header X-Forwarded-Host $http_host;
      proxy_set_header HTTPS "on";
     proxy_read_timeout    90;
     proxy_connect_timeout 90;
     proxy_redirect   off;
        }

    location ~ /\.ht {
     deny  all;
       }

      }

但我有以下问题:

  1. 它不会将 HTTP 请求定向到 HTTPS
  2. 它不会将非 www 定向到 www

那么,以下命令正确吗:

proxy_pass  http://127.0.0.1:81;

将请求从 NGINX 直接发送到 Varnish 还是应该127.0.0.1是实际的服务器地址?
请问您能给我提供默认 NGINX 文件的正确配置吗?

答案1

# General HTTP to HTTPS
server {
        listen 80;
        server_name default_server;
        location / {
                return 302 https://$host$request_uri;
        }
}



# NON-WWW to WWW
# place this in your 'server' block for port 443
location / { 
    if ($http_host !~ "^www.domain.com"){ 
        rewrite ^(.*)$ $scheme://www.domain.com/$1 redirect; 
    } 
}

相关内容