随着https越来越普及,越来越多的网站都开启了https时代,那么如何在nginx上配置https访问呢,怎样把原来的非https链接重定向(301)到https的链接呢?怎样把不带www的域名重定向(301)到带www的链接上呢,下面配置大家可作为参考。
server { listen 80; server_name beilika.com *.beilika.com; add_header Strict-Transport-Security max-age=15768000; #将非https重定向到https return 301 https://$host$request_uri; } server { listen 443; #listen [::]:443; server_name beilika.com www.beilika.com; #开启证书 ssl on; #证书路径 ssl_certificate /usr/local/nginx/cert/beilika.com/fullchain.cer; #私钥路径 ssl_certificate_key /usr/local/nginx/cert/beilika.com/beilika.com.key; ssl_session_timeout 5m; ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_prefer_server_ciphers on; index index.html index.htm index.php default.html default.htm default.php; root /home/wwwroot/beilika.com; #将不带www的域名重定向到带www的域名(同样也可以将带www域名的重定向到不带www域名) if ( $host = 'beilika.com' ) { return 301 https://www.$host$request_uri; } include rewrite/wordpress.conf; #error_page 404 /404.html; # Deny access to PHP files in specific directory #location ~ /(wp-content|uploads|wp-includes|images)/.*\.php$ { deny all; } include enable-php-pathinfo.conf; location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$ { expires 30d; } location ~ .*\.(js|css)?$ { expires 12h; } location ~ /.well-known { allow all; } location ~ /\. { deny all; } access_log /home/wwwlogs/beilika.com.log; }