本帖最后由 cjf051 于 2017-5-31 15:48 编辑
ayue168 发表于 2017-5-31 15:42
你看下你的nginxconf 还有443.在原本的443里面写rewrite
这样网址可以跳了,但是页面无法访问,访问提示:重定向太多!
有证书的443的 server_name写的是 www.xxx.com的话你就在写一个 server{listen 443; rewrite www.xxx.com}
哎呀.好乱. 不懂帮顶/
server_namewww.domain.com domain.com;
帮顶
ayue168 发表于 2017-5-31 15:49
有证书的443的 server_name写的是 www.xxx.com的话你就在写一个 server{listen 443; rewrite www.xxx.com} ...
再写一个server就不跳了
NoBB 发表于 2017-5-31 15:53
server_namewww.domain.com domain.com;
加了,http跳,https不跳
https的要写在下面那个server 443端口里面啊。你写80端口这里肯定不会跳转。
冻猫 发表于 2017-5-31 15:57
https的要写在下面那个server 443端口里面啊。你写80端口这里肯定不会跳转。
写在那里的话能跳,但是提示重定向太多,无法访问了 本帖最后由 aboutyj 于 2017-5-31 16:05 编辑
如下:但是我想说,谁TM会闲的蛋疼https://domain.com这样去访问啊?这么有空去手输https://?习惯的都是直接在地址栏输domain.com这样吧?然后浏览器自动补齐成http://domain.com然后跳转
[*]vim /your-conf-path/your-conf.conf
[*]
[*]server {
[*] listen 80;
[*] server_name domain.com;
[*] return 301 https://www.domain.com$request_uri;
[*]}
[*]
[*]server {
[*] listen 80;
[*] server_name www.domain.com;
[*] return 301 https://www.domain.com$request_uri;
[*]}
[*]
[*]server {
[*] listen 443 ssl;
[*] server_name domain.com;
[*] ssl_certificate /your-sslca-path/domain.crt;
[*] ssl_certificate_key /your-sslca-path/domain.key;
[*] return 301 https://www.domain.com$request_uri;
[*]}
[*]
[*]server {
[*] listen 443 ssl;
[*] server_name www.domain.com;
[*] charset utf-8;
[*]
[*] ssl on;
[*] ssl_certificate /your-sslca-path/domain.crt;
[*] ssl_certificate_key /your-sslca-path/domain.key;
[*] ssl_session_timeout60m;
[*] ssl_protocolsSSLv2 SSLv3 TLSv1;
[*] ssl_ciphersALL:!ADH:!EXPOR***56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
[*] ssl_prefer_server_ciphers on;
[*] add_header Strict-Transport-Security "max-age=15552000; includeSubDomains";
[*]
[*] location / {
[*] ......
[*] }
[*]......
[*]}复制代码
我自己用的你看看,我直接lnmp生成的改的
[*]server
[*] {
[*] listen 80;
[*] server_name www.domain.com domain.com;
[*] rewrite ^(.*)$https://www.domain.com/$1 permanent;
[*] }
[*]
[*]server
[*] {
[*] #listen 80;
[*] #listen [::]:80;
[*] listen 443;
[*]
[*] ssl on;
[*] ssl_certificate /etc/letsencrypt/live/www.domain.com/fullchain.pem;
[*] ssl_certificate_key /etc/letsencrypt/live/www.domain.com/privkey.pem;
[*] ssl_trusted_certificate /etc/letsencrypt/live/www.domain.com/root_ca_cert_plus_intermediates;
[*] ssl_session_timeout5m;
[*]
[*] server_name www.domain.com domain.com;
[*] index index.html index.htm index.php default.html default.htm default.php;
[*] root/home/wwwroot/domain.com;
[*]
[*] if ($host = 'domain.com')
[*] {
[*] rewrite ^/(.*)$ https://www.domain.com/$1 permanent;
[*] }
[*]
[*] include wordpress.conf;
[*] #error_page 404 /404.html;
[*] include enable-php.conf;
[*]
[*] location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
[*] {
[*] expires 30d;
[*] }
[*]
[*] location ~ .*\.(js|css)?$
[*] {
[*] expires 12h;
[*] }
[*]
[*] location ~ /\.
[*] {
[*] deny all;
[*] }
[*]
[*] access_log/home/wwwlogs/domain.com.log;
[*] }
[*]复制代码