如何重写网址以便始终使用www和https?
// The url can have https but not www
https://example.com
// The url can have www but not https
http://www.example.com
// The url can have neither https, neither www
http://example.com
=> rewrite to https://www.example.com
我已经使用以下内容将https添加到所有请求,但http怎么办?是否有一种有效的添加方式?
server {
listen 80;
listen [::]:80;
return 301 https://$host$request_uri;
}
由于
答案 0 :(得分:2)
创建2个服务器块来处理异常,并创建1个服务器块来处理常见的事情。
server {
listen 80;
server_name www.domain.com
domain.com;
return 301 https://www.domain.com$request_uri;
}
server {
listen 443 ssl;
server_name domain.com;
return 301 https://www.domain.com$request_uri;
}
server {
listen 443 ssl;
server_name www.domain.com;
#
# The usual stuff..
#
}
答案 1 :(得分:0)
TanHongTat答案很好,但您必须考虑nginx的默认服务器行为。如果没有服务器块匹配,即使您定义了server_name,它也会占用第一个。
此外,不要忘记添加ssl证书和密钥,即使只有返回的块。
我最终做了以下事情:
# Default server for http
server {
listen 80;
listen [::]:80;
return 301 https://www.domain.com$request_uri;
}
# Default server for https
server {
listen 443;
return 301 https://www.domain.com$request_uri;
ssl on;
ssl_certificate /..../ssl_certificate.crt;
ssl_certificate_key /..../ssl_certificate.key;
# Disable SSLv3 vulnerability
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
}
server {
listen 443;
server_name www.domain.com;
ssl on;
ssl_certificate /..../ssl_certificate.crt;
ssl_certificate_key /..../ssl_certificate.key;
# Disable SSLv3 vulnerability
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
#
# The usual stuff..
#
}