目前使用ssl运行nginx。
但是现在,我必须为特定的网址案例应用http。
我应用了以下代码,但它不起作用。
- >
http://www.example.com/shop/naverpay/naverpay_item?ITEM_ID=ba00000006
服务器{
listen 80;
server_name .example.com;
return 301 https://$server_name$request_uri;
}
服务器{
listen 443 ssl http2;
server_name .example.com;
root /home/example.com/www;
client_max_body_size 10M;
keepalive_timeout 70;
#add_header Strict-Transport-Security "max-age=31536000; includeSubdomains preload";
add_header Strict-Transport-Security "max-age=31536000";
#add_header X-Frame-Options DENY;
ssl on;
http2_max_requests 4096;
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
ssl_dhparam /etc/nginx/ssl/example.com.dhparam;
#OCSP Stapling
ssl_stapling on;
ssl_stapling_verify on;
ssl_trusted_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
resolver 8.8.8.8 8.8.4.4;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA';
ssl_prefer_server_ciphers on;
ssl_session_timeout 10m;
ssl_session_cache shared:SSL:10m;
access_log /home/example.com/log/example.com.access.log;
error_log /home/example.com/log/example.com.error.log warn;
#rewrite ^/shop/naverpay/(.*).php$ http://www.example.com/shop/naverpay/$1 permanent;
location ~ /shop/naverpay {
#rewrite ^ http://$host$request_uri paramenant;
return 301 http://$host$request_uri;
}
location / {
index index.php index.html;
}
# Block dot file (.htaccess .htpasswd .svn .git .env and so on.)
location ~ /\. {
deny all;
}
location = /favicon.ico {
log_not_found off;
access_log off;
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
location ~* ^.+\.(ogg|ogv|svg|svgz|eot|otf|woff|mp4|ttf|rss|atom|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf)$ {
access_log off;
log_not_found off;
expires max;
}
# Block .php file inside upload folder. uploads(wp), files(drupal, xe), data(gnuboard).
location ~* /(?:uploads|files|data)/.*\.php$ {
deny all;
}
# Add PHP handler
location ~ [^/]\.php(/|$) {
fastcgi_split_path_info ^(.+?\.php)(/.*)$;
if (!-f $document_root$fastcgi_script_name) {
return 404;
}
fastcgi_pass unix:/run/php/example.com.sock;
fastcgi_index index.php;
include fastcgi_params;
}
location ~ \.(jpe?g|png|gif)$ {
valid_referers none blocked example.com *.example.com;
if ($invalid_referer) {
return 403;
}
}
}
结果:不工作
我的修改位置:
location ~ /shop/naverpay {
#rewrite ^ http://$host$request_uri paramenant;
return 301 http://$host$request_uri;
}
当所有网址都重定向到https时,我想知道如何只将特定网址设为http。