这是我支持SSL的真实域名 - > https://www.wknet.se/
这是我的cookie免费域名 - > http://cdnwknet.com/
我希望我的真实网站看起来像这样 - >设置完成后,wknet.se /?style。
在我的真实网站的<head>
我有这个 - &gt; <link rel="stylesheet" href="http://cdnwknet.com/wk-templates/css/bootstrap.3.2.0.min.css" media="all">
。如您所见,我将静态css文件指向我的cookie free domain。
我的无cookie域的配置文件如下所示:
server {
listen 80;
listen [::]:80;
server_name www.cdnwknet.com;
return 301 http://cdnwknet.com$request_uri;
}
server {
listen 80;
server_name cdnwknet.com;
root /var/www/cdnwknet.com/html;
index index.php index.html index.htm;
error_page 403 /error/403.html;
error_page 404 /error/404.html;
charset utf-8;
if ( $request_uri ~ ^(/index\.php)$ ) {
return 301 http://cdnwknet.com;
}
location / {
try_files $uri $uri/ =404;
expires max;
add_header Pragma public;
add_header Cache-Control "public, must-revalidate, proxy-revalidate";
access_log off;
log_not_found off;
fastcgi_hide_header Set-Cookie;
tcp_nodelay off;
break;
}
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
}
location = /error/403.html {
root /var/www/cdnwknet.com/html;
allow all;
}
location = /error/404.html {
root /var/www/cdnwknet.com/html;
allow all;
}
}
在我的真实域名的DNS设置中,我添加了一个CNAME,如此图片显示---&gt; i.stack.imgur.com/y0BkE.jpg
我正在使用DigitalOcean,我的真实网站和无cookie域名在同一个Droplet(服务器)上。不含cookie的域名与我的真实域名具有相同的IP地址。
现在,我在这里缺少什么,我的无Cookie域名配置是否正确?
如果需要更改,我的真实域名配置如下:
server {
listen 80 default_server;
listen [::]:80 default_server ipv6only=on;
server_name wknet.se www.wknet.se;
add_header Strict-Transport-Security max-age=15768000;
return 301 https://www.wknet.se$request_uri;
}
server {
listen 443 ssl;
server_name wknet.se;
ssl_certificate /etc/nginx/ssl/SSL.crt;
ssl_certificate_key /etc/nginx/ssl/KEY.key;
ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:RC4+RSA:+HIGH:+MEDIUM;
ssl_prefer_server_ciphers on;
return 301 https://www.wknet.se$request_uri;
}
server {
listen 443 ssl;
server_name www.wknet.se;
root /var/www/wknet.se/html;
index index.php index.html index.htm;
ssl_certificate /etc/nginx/ssl/SSL.crt;
ssl_certificate_key /etc/nginx/ssl/KEY.key;
ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:RC4+RSA:+HIGH:+MEDIUM;
ssl_prefer_server_ciphers on;
error_page 403 /error/403.html;
error_page 404 /error/404.html;
charset utf-8;
if ( $request_uri ~ ^(/index\.php)$ ) {
return 301 https://www.wknet.se;
}
location / {
try_files $uri $uri/ =404;
}
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
}
location ~ /\.ht {
deny all;
}
location = /favicon.ico {
log_not_found off;
access_log off;
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
location ~ /\. {
deny all;
error_log off;
log_not_found off;
}
location ~* .(jpg|jpeg|png|gif|ico|css|js)$ {
log_not_found off;
expires 365d;
add_header Cache-Control "public, max-age=315360000";
}
location ~* ^.+\.(ogg|ogv|svg|svgz|eot|otf|woff|mp4|ttf|rss|atom|jpg|jpeg|png|gif|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf)$ {
access_log off;
log_not_found off;
expires max;
add_header Pragma public;
add_header Cache-Control "public, must-revalidate, proxy-revalidate";
}
location ~* \.(7z|ai|class|css|csv|ejs|eps|flv|html?|jar|jpe?g|js|json|lzh|m4a|m4v|mov|mp3|pdf|pict|pls|ps|psd|swf|tiff?|txt|webp)$ {
access_log off;
log_not_found off;
expires max;
add_header Pragma public;
add_header Cache-Control "public, must-revalidate, proxy-revalidate";
}
location = /error/403.html {
root /var/www/wknet.se/html;
allow all;
}
location = /error/404.html {
root /var/www/wknet.se/html;
allow all;
}
}
答案 0 :(得分:0)
添加一个单独的子域,例如static.wknet.se
并添加:
server{
fastcgi_hide_header Set-Cookie;
}