使用Nginx仅将桌面流量重定向到HTTPS

时间:2018-11-19 07:27:26

标签: nginx nginx-reverse-proxy nginx-config

我试图将仅桌面(非移动)流量重定向到HTTPS。我使用Nginx,然后对该特定域反向代理到Apache。这是我当前的配置:

server {
    server_name example.com www.example.com;

    location / {
        proxy_pass http://EXAMPLE_IP:8080;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
    }

    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}

使用此Nginx代码:

如何添加逻辑以执行用户代理检测并进行正确的重定向?

我确实发现了这段代码来检测非移动流量-https://gist.github.com/perusio/1326701

1 个答案:

答案 0 :(得分:0)

我解决了!这是对我有用的东西:

### Testing if the client is a mobile or a desktop.
### The selection is based on the usual UA strings for desktop browsers.

## Testing a user agent using a method that reverts the logic of the
## UA detection. Inspired by notnotmobile.appspot.com.
map $http_user_agent $is_desktop {
    default 0;
    ~*linux.*android|windows\s+(?:ce|phone) 0; # exceptions to the rule
    ~*spider|crawl|slurp|bot 1; # bots
    ~*windows|linux|os\s+x\s*[\d\._]+|solaris|bsd 1; # OSes
}

server {
    server_name example.com www.example.com;

    location / {
        proxy_pass http://EXAMPLE_IP:8080;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
    }

    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}

server {
    if ($is_desktop) {
        set $redirection A;
    }

    if ($host = www.example.com) {
        set $redirection "${redirection}B";
    } # managed by Certbot


    if ($host = example.com) {
        set $redirection "${redirection}B";
    } # managed by Certbot


    if ($redirection = AB) {
        return 301 https://$host$request_uri;
    }

    server_name example.com www.example.com;

    listen 80;
    location / {
        proxy_pass http://EXAMPLE_IP:8080;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
    }
}
相关问题
最新问题