我想在我的网站上强制使用ssl并将非www重定向到www。我阅读了很多指南并尝试了示例配置,但没有完全奏效。 使用我的配置,它给了我太多重定向错误
这是我的配置
server {
listen 80 default_server;
listen [::]:80 default_server;
# SSL configuration
#
server_name mydomainname.com www.mydomainname.com;
return 301 https://www.mydomainname.com$request_uri;
}
server {
listen 443 ssl http2;
listen [::]:443 ssl default_server;
include snippets/ssl-mydomainname.com.conf;
include snippets/ssl-params.conf;
server_name mydomainname.com;
return 301 https://www.mydomainname.com$request_uri;
#
# Note: You should disable gzip for SSL traffic.
# See: https://bugs.debian.org/773332
#
# Read up on ssl_ciphers to ensure a secure configuration.
# See: https://bugs.debian.org/765782
#
# Self signed certs generated by the ssl-cert package
# Don't use them in a production server!
#
# include snippets/snakeoil.conf;
root /var/www/blog;
# Add index.php to the list if you are using PHP
index index.html index.htm index.nginx-debian.html;
server_name _;
location ~ /.well-known {
allow all;
}
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ =404;
}
location ~* \.(?:ico|css|js|gif|jpe?g|png)$ {
expires 30d;
add_header Pragma public;
add_header Cache-Control "public";
}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
#location ~ \.php$ {
# include snippets/fastcgi-php.conf;
#
# # With php7.0-cgi alone:
# fastcgi_pass 127.0.0.1:9000;
# # With php7.0-fpm:
# fastcgi_pass unix:/run/php/php7.0-fpm.sock;
#}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
}
# Virtual Host configuration for example.com
#
# You can move that to a different file under sites-available/ and symlink that
# to sites-enabled/ to enable it.
#
#server {
# listen 80;
# listen [::]:80;
#
# server_name example.com;
#
# root /var/www/example.com;
# index index.html;
#
# location / {
# try_files $uri $uri/ =404;
# }
#}
请给我一些建议。
答案 0 :(得分:0)
您需要将443服务器块分成两部分。例如:
server {
listen 443 ssl default_server;
listen [::]:443 ssl default_server;
include snippets/ssl-mydomainname.com.conf;
include snippets/ssl-params.conf;
return 301 https://www.mydomainname.com$request_uri;
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
include snippets/ssl-mydomainname.com.conf;
include snippets/ssl-params.conf;
server_name www.mydomainname.com;
...
}
因此,默认安全服务器会重定向到您的安全www服务器。有关详情,请参阅this document。这也假定证书对www和非www服务器名称都有效。