这是 vhost 的配置。
我必须将所有 HTTP 请求重定向到 HTTPS,并将所有 website.it 重定向到 www.website.it
我可以优化一些东西吗?
server {
listen 80;
server_name website.it www.website.it;
if ($host = 'website.it' ) {
rewrite ^(.*)$ https://www.website.it$1 permanent;
}
rewrite ^(.*)$ https://$host$1 permanent;
}
server {
listen 443;
server_name website.it www.website.it;
ssl on;
ssl_certificate /etc/ssl/nginx/www.website.it/www.website.it.crt;
ssl_certificate_key /etc/ssl/nginx/www.website.it/www.website.it.key;
root /home/nginx/vhosts/website.it/web;
access_log /home/nginx/vhosts/website.it/log/access.log;
error_log /home/nginx/vhosts/website.it/log/error.log;
if ($host = 'website.it' ) {
rewrite ^(.*)$ https://www.website.it$1 permanent;
}
location / {
index index.php;
try_files $uri $uri/ /index.php;
}
location ~ \.php$ {
fastcgi_pass 127.0.0.1:9003;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include /etc/nginx/fastcgi_params;
}
}
谢谢你!
答案1
我认为你可以使用这个:
server {
listen 80;
server_name website.it www.website.it;
rewrite ^ https://www.website.it$request_uri? permanent;
}
我几乎就是这么做的https://self-evident.org/,但我忘了从哪里得到这个菜谱了。
[已更新...两次]
对于 SSL 部分,我将其分为两节:
server {
listen 443;
server_name website.it;
ssl on;
ssl_certificate /etc/ssl/nginx/www.website.it/www.website.it.crt;
ssl_certificate_key /etc/ssl/nginx/www.website.it/www.website.it.key;
rewrite ^ https://www.website.it$request_uri? permanent;
}
server {
listen 443;
server_name www.website.it;
[etc.]
}
我怀疑 nginx 已经针对根据 server_name 选择“服务器”节进行了优化。解释的“if”子句几乎肯定会更慢。
答案2
您可以删除此行,因为下面的是包含此情况的更一般的陈述:
# delete this:
if ($host = 'website.it' ) {
rewrite ^(.*)$ https://www.website.it$1 permanent;
}