如何设置 NGINX 的 SSL 配置,以便除几个定义的路径之外的任何内容都重定向到非 SSL 位置?
我当前的配置如下所示。它是为 Django 设置的。
# Django Configuration
upstream prod {
server 127.0.0.1:8080;
}
server {
listen 80;
server_name www.mysite.org;
rewrite ^/(.*) http://mysite.org/$1 permanent;
}
server {
listen 80;
server_name mysite.org;
root /var/www/mysite.org/cache/;
access_log /var/log/nginx/mysite.org.access.log;
error_log /var/log/nginx/mysite.org.error.log;
client_max_body_size 100m;
#Static files location
location ~ ^/(media)/ {
root /var/www/mysite.org/html/;
expires 30d;
}
# Send everyone to django initially
set $django 1;
if ($is_args = "?") {
set $args_old ?$args;
}
if ($is_args = "") {
set $args_old "";
}
default_type text/html;
location / {
include /etc/nginx/proxy.conf;
if (-f $request_filename/index.html$args_old) {
set $django 0;
}
if ($request_method != GET) {
set $django 1;
}
# For authorized users
# if ($http_cookie ~* "sessionid=([^;]+)(>:;|$)") {
# set $django 1;
# }
# Give back cache
if ($django = 0) {
rewrite (.*) $1/index.html$args_old break;
}
# Send to django
if ($django) {
proxy_pass http://prod;
break;
}
}
}
server {
listen 443;
server_name mysite.org;
ssl on;
ssl_certificate /etc/ssl/certs/mysite-final.crt;
ssl_certificate_key /etc/ssl/private/mysite.key;
ssl_prefer_server_ciphers on;
# access_log /var/log/nginx/ssl.mysite.access.log;
# error_log /var/log/nginx/ssl.mysite.error.log;
client_max_body_size 100m;
#Static files location
location ~ ^/(media)/ {
root /var/www/mysite.org/html/;
expires 30d;
}
default_type text/html;
location / {
include /etc/nginx/proxy.conf;
proxy_set_header X-Forwarded-Protocol https;
proxy_pass http://prod;
}
}
答案1
您只需添加以下内容:
rewrite ^(.*) https://$server_name$1 permanent;
在您的配置中位置/部分的末尾。