Sunday, May 26, 2019

Nginx配置Http跳轉到Https

Nginx配置Http跳轉到Https,需要修改Nginx.conf配置文件:

server {
listen       443;
server_name  www.qiaodahai.com;

ssl                  on;
ssl_certificate      ca.pem;
ssl_certificate_key  ca.key;

ssl_session_timeout  5m;

ssl_protocols  SSLv2 SSLv3 TLSv1;
ssl_ciphers  ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
ssl_prefer_server_ciphers   on;
error_page 497 "https://$host$uri?$args"; #這是跳轉Http請求到Https

location / {
root   html;
index  index.html index.htm;
}
}
server {
listen 80;
server_name www.qiaodahai.com;
rewrite ^/(.*) https://$server_name$1 permanent;    #跳轉到Https
}

也就是再添加一個虛擬機server,80端口一個,443端口一個。

但是有些程序只會給你往端口上轉發,不會自動修正http為https,這樣的程序還不少,例如phpmyadmin:

遇到這樣的程序我們需要修改Nginx.conf配置文件,在443的server的fastcgi字段中添加一個語句:

fastcgi_param HTTPS on; #attention!#

例如

location ~ .*.(php|php5)?$
            {
                try_files $uri =404;
                fastcgi_pass  unix:/tmp/php-cgi.sock;
                fastcgi_index index.php;
                fastcgi_param HTTPS on; #attention!#
                include fcgi.conf;
            }

這樣就可以了。

Related Post

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.