Question

我从www和非www重定向到我的网站的https-non-www uri不起作用。

这是我的服务器阻止：

server {
       listen           80;
       listen           [::]:80;
       server_name      gfelot.xyz www.gfelot.xyz;
       return           301 https://gfelot.xyz$request_uri;
}

server {
       listen           443 ssl http2 default_server;
       listen           [::]:443 ssl http2 default_server;
       include          snippets/ssl-gfelot.xyz.conf;
       include          snippets/ssl-params.conf;

       server_name      gfelot.xyz;

       access_log       /var/log/nginx/gfelot.xyz.access.log;
       error_log        /var/log/nginx/gfelot.xyz.log;

       root /var/www/html;
       index index.html index.htm

       error_page       404 /404.html;
       error_page       500 502 503 504 /50x.html;

       location = /50x.html {
                root /usr/share/nginx/html;
       }

       location ~* \.css$ {
                 access_log off;
                 expires 1M;
                 add_header Pragma public;
                 add_header Cache-Control public;
                 add_header Vary Accept-Encoding;
       }
}

包括ssl-gfelot.xyz.conf：

ssl_certificate /etc/letsencrypt/live/gfelot.xyz/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/gfelot.xyz/privkey.pem;

包括ssl-params.conf：

ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH";
ssl_ecdh_curve secp384r1;
ssl_session_cache shared:SSL:10m;
ssl_session_tickets off;
ssl_stapling on;
ssl_stapling_verify on;
resolver 8.8.8.8 8.8.4.4 valid=300s;
resolver_timeout 5s;
# Disable preloading HSTS for now.  You can use the commented out header line that includes
# the "preload" directive if you understand the implications.
#add_header Strict-Transport-Security "max-age=63072000; includeSubdomains; preload";
add_header Strict-Transport-Security "max-age=63072000; includeSubdomains";
add_header X-Frame-Options SAMEORIGIN;
add_header X-Content-Type-Options nosniff;

ssl_dhparam /etc/ssl/certs/dhparam.pem;

Answer 1

server {
   listen           80;
   listen           [::]:80;
   server_name      gfelot.xyz www.gfelot.xyz;
   return           301 https://gfelot.xyz$request_uri;
}

server {
   listen           443;
   server_name      gfelot.xyz;

   ssl on;
   ssl_certificate  < your ssl file ssl-xyx.crt path>;
   ssl_certificate_key <ssl keyfile.key path>;
   access_log       /var/log/nginx/gfelot.xyz.access.log;
   error_log        /var/log/nginx/gfelot.xyz.log;

   root /var/www/html;
   index index.html index.htm

   error_page       404 /404.html;
   error_page       500 502 503 504 /50x.html;

   location = /50x.html {
            root /usr/share/nginx/html;
   }

   location ~* \.css$ {
             access_log off;
             expires 1M;
             add_header Pragma public;
             add_header Cache-Control public;
             add_header Vary Accept-Encoding;
   }
}

Nginx - 301重定向www和非www到https-non-www不工作

1 个答案: