过去两天我一直在为这个问题绞尽脑汁,但似乎无法解决这个问题。我正尝试通过 nginx 将所有非 www http 和非 www https 连接重定向到 www-https 来访问我的网站。这是我使用的 conf. 文件
# Centmin Mod Getting Started Guide
# must read http://centminmod.com/getstarted.html
# redirect from non-www to www
# uncomment, save file and restart Nginx to enable
# if unsure use return 302 before using return 301
server {
#listen 80;
server_name example.com;
return 301 $scheme://www.example.com$request_uri;
}
server {
#listen 80;
listen 443 ssl;
ssl on;
ssl_dhparam /usr/local/nginx/conf/ssl/example.com/dhparam.pem;
ssl_certificate /usr/local/nginx/conf/ssl/example.com/example.com_combined.crt;
ssl_certificate_key /usr/local/nginx/conf/ssl/example.com/example.com.key;
include /usr/local/nginx/conf/ssl_include.conf;
server_name www.example.com;
# mozilla recommended
ssl_ciphers ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA:!CAMELLIA:!DES-CBC3-SHA;
ssl_prefer_server_ciphers on;
add_header Alternate-Protocol 443:npn-spdy/3;
add_header Strict-Transport-Security "max-age=31536000; includeSubdomains;";
#add_header X-Content-Type-Options "nosniff";
#add_header X-Frame-Options DENY;
#spdy_headers_comp 5;
ssl_buffer_size 1400;
ssl_session_tickets on;
# enable ocsp stapling
resolver 8.8.8.8 8.8.4.4 valid=10m;
resolver_timeout 10s;
ssl_stapling on;
ssl_stapling_verify on;
ssl_trusted_certificate /usr/local/nginx/conf/ssl/example.com/beegeekn.net_combined.crt;
# ngx_pagespeed & ngx_pagespeed handler
include /usr/local/nginx/conf/pagespeed.conf;
include /usr/local/nginx/conf/pagespeedhandler.conf;
include /usr/local/nginx/conf/pagespeedstatslog.conf;
# limit_conn limit_per_ip 16;
# ssi on;
access_log /home/nginx/domains/example.com/log/access.log combined buffer=256k flush=60m;
error_log /home/nginx/domains/example.com/log/error.log;
root /home/nginx/domains/example.com/public;
# prevent access to ./directories and files
location ~ (?:^|/)\. {
deny all;
}
location / {
# block common exploits, sql injections etc
#include /usr/local/nginx/conf/block.conf;
# Enables directory listings when index file not found
#autoindex on;
# Shows file listing times as local time
#autoindex_localtime on;
# Enable for vBulletin usage WITHOUT vbSEO installed
# More example Nginx vhost configurations at
# http://centminmod.com/nginx_configure.html
try_files $uri $uri/ @handler;
index index.html index.php;
expires 30d;
}
location @handler {
rewrite / /index.php;
}
location ~ .php/ {
rewrite ^(.*.php)/ $1 last;
}
location ~ .php$ {
#if(!-e $request_filename) {
# rewrite / /index.php last;
#}
expires off;
fastcgi_pass 127.0.0.1:9000;
fastcgi_param HTTPS $fastcgi_https;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param MAGE_RUN_CODE default;
fastcgi_param MAGE_RUN_TYPE store;
include fastcgi_params;
location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
expires 1d;
log_not_found off;
}
}
# include /usr/local/nginx/conf/staticfiles.conf;
# include /usr/local/nginx/conf/php.conf;
# include /usr/local/nginx/conf/drop.conf;
#include /usr/local/nginx/conf/errorpage.conf;
# include /usr/local/nginx/conf/vts_server.conf;
}
我对配置文件完全一窍不通,我尝试了谷歌的各种设置,但还没有得出可靠的结论。谢谢
编辑
终于找到了解决办法
server {
server_name exmaple.com;
ssl_certificate /usr/local/nginx/conf/ssl/example.com/example.com_combined.crt;
ssl_certificate_key /usr/local/nginx/conf/ssl/example.com/example.com.key;
listen *:80;
listen *:443 ssl;
#listen [::]:80 ipv6only=on;
#listen [::]:443 ssl ipv6only=on;
return 301 https://www.example.com$request_uri;
}
#
# Redirect all non-encrypted to encrypted
#
server {
server_name www.example.com;
listen *:80;
#listen [::]:80;
return 301 https://www.example.com$request_uri;
}
#
# There we go!
#
server {
server_name www.example.com;
ssl_dhparam /usr/local/nginx/conf/ssl/example.com/dhparam.pem;
ssl_certificate /usr/local/nginx/conf/ssl/example.com/example.com_combined.crt;
ssl_certificate_key /usr/local/nginx/conf/ssl/example.com/example.com.key;
listen *:443 ssl;
#listen [::]:443 ssl;
答案1
您应该创建不同的服务器块,类似于这个问题:
https://stackoverflow.com/questions/7947030/nginx-no-www-to-www-and-www-to-no-www
无 wwwhttps://www
server {
listen 80;
listen 443 ssl;
server_name example.com;
return 301 https://www.example.com$request_uri;
}
server {
listen 443 ssl;
server_name www.example.com;
## here goes the rest of your conf...
}