我最初将 Nginx 配置设置为自动将 HTTP 重定向到 HTTPS。由于我的工作安全策略和 Cloudflare 集成,HTTPS 不会在我的网络内解析。
我只是想删除强制重定向到 HTTPS。但在注释掉 URI 重写的块后,服务器仍会自动重定向。
这是我的 Nginx 默认配置
#HTTPS redirect (if necessary)
#server {
# listen 80;
# server_name example.com;
# rewrite ^ https://$server_name$request_uri? permanent;
#}
server {
listen 80;
listen [::]:80 default_server ipv6only=on;
listen 443 ssl spdy;
root /var/www/example/current/public;
index index.php index.html index.htm;
spdy_chunk_size 8k;
spdy_headers_comp 7;
server_name example.com;
# Point to ssl certificates
ssl_certificate /root/example.com.crt;
ssl_certificate_key /root/example.com.key;
# Allow only secure TLS protocols
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
#ssl_prefer_server_ciphers on;
#ssl_ciphers AES256+EECDH:AES256+EDH:!aNULL;
ssl on;
# Set the buffer size to 1400 bytes (that way it fits into a single MTU$
ssl_buffer_size 1400;
# add_header Strict-Transport-Security max-age=63072000;
gzip on;
gzip_min_length 1280;
gzip_buffers 16 8k;
gzip_comp_level 4;
gzip_http_version 1.0;
gzip_types text/plain text/html text/css application/javascript appl$
gzip_vary on;
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ /index.php$is_args$args;
}
# pass the PHP scripts to FastCGI server listening on /var/run/php5-fpm$
location ~ \.php$ {
try_files $uri /index.php =404;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_nam$
include fastcgi_params;
}
location ~* \.(css|js|gif|jpe?g|png|woff2?)$ {
#gzip on;
#gzip_vary on;
expires 168h;
add_header Pragma public;
add_header Cache-Control "public, must-revalidate, proxy-revali$
add_header Vary "Accept-Encoding";
}
#include /etc/nginx/global/*;
}
任何帮助都将不胜感激!谢谢。
答案1
首先,删除ssl on;
其次,您有Strict-Transport-Security标头,浏览器会记住该标头两年(正如注释掉的标头所述)。将其添加回来以max-age=0消除影响。
如果你不能这样做(或想要立即生效),请从浏览器中清除 HSTS,例如本文说。