我尝试通过添加第一个服务器块将www.example.com重定向到https://example.com。但它并没有重定向。并且必须永久重定向以避免SEO问题和用户的安全警告。
这是我完整的 NGINX 配置文件:
<code>
server {
listen 80;
listen 443;
server_name www.example.com;
return 301 $scheme://example.com$request_uri;
}
server {
listen 80 default_server;
listen [::]:80 default_server ipv6only=on;
listen 443 ssl http2 default_server;
listen [::]:443 ssl http2 default_server;
root /var/www/html;
index index.php index.html index.htm;
server_name example.com;
#Password protects the test subdomain
## auth_basic "Restricted Content";
## auth_basic_user_file /etc/nginx/.htpasswd;
# Make site accessible from https://example.com/
server_name example.com;
include snippets/ssl-example.com.conf;
include snippets/ssl-params.conf;
location ~ /.well-known {
allow all;
}
location / {
try_files $uri $uri/ /index.php$is_args$query_string;
#try_files $uri $uri/ /index.php?q=$request_uri;
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
# try_files $uri $uri/ =404;
# Uncomment to enable naxsi on this location
# include /etc/nginx/naxsi.rules
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
location ~ [^/]\.php(/|$) {
fastcgi_split_path_info ^(.+?\.php)(/.*)$;
if (!-f $document_root$fastcgi_script_name) {
return 404;
}
# Mitigate https://httpoxy.org/ vulnerabilities
fastcgi_param HTTP_PROXY "";
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/run/php/php7.0-fpm.sock;
include fastcgi_params;
}
location ~ \.php$ {
#match actual filename with extension or file not found
#try_files $uri $uri =404;
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/run/php/php7.0-fpm.sock;
}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht
{
# deny all;
#
}
}
</code>
答案 0 :(得分:0)
至少,您的服务器块缺少ssl关键字,以便在443端口和证书定义上启用https。
server {
listen 80;
listen 443 ssl;
ssl_certificate ...;
ssl_certificate_key ...;
server_name www.example.com;
return 301 $scheme://example.com$request_uri;
}
如果example.com和www.example.com只有一个证书文件,则ssl_xxx指令可能出现在周围的块中,以供两个服务器块继承。有关详情,请参阅this document。
答案 1 :(得分:0)
我终于解决了它。通过将www.example.com和example.com添加到Let的加密证书,它突然起作用。
我做到了 sudo letsencrypt certonly -a webroot --webroot-path = / var / www / html -d www.example.com,example.com
因此重新启动nginx后,www重定向突然起作用了! 我还将重定向放在底部并更改了nginx文件,如下所示:
server {
listen 443 ssl http2 default_server;
listen [::]:443 ssl http2 default_server;
include snippets/ssl-www.example.com.conf;
include snippets/ssl-params.conf;
root /var/www/html;
index index.php index.html index.htm;
server_name example.com;
#Password protects the test subdomain
## auth_basic "Restricted Content";
## auth_basic_user_file /etc/nginx/.htpasswd;
location ~ /.well-known {
allow all;
}
location / {
try_files $uri $uri/ /index.php$is_args$query_string;
# include /etc/nginx/naxsi.rules
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
location ~ [^/]\.php(/|$) {
fastcgi_split_path_info ^(.+?\.php)(/.*)$;
if (!-f $document_root$fastcgi_script_name) {
return 404;
}
# Mitigate https://httpoxy.org/ vulnerabilities
fastcgi_param HTTP_PROXY "";
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/run/php/php7.0-fpm.sock;
include fastcgi_params;
}
location ~ \.php$ {
#match actual filename with extension or file not found
#try_files $uri $uri =404;
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/run/php/php7.0-fpm.sock;
}
}
server {
listen [::]:80 default_server ipv6only=on;
listen 80 default_server;
server_name www.example.com;
return 301 https://example.com$request_uri;
}