我的问题是我想将所有流量https和http,www和非www重定向到https://example.com,但是如果我访问https://example.com的网站,则会收到“您的连接不安全”的信息。
我遵循了这个答案NGINX: redirect non-www https to https://www,但它仅从http重定向到https,而非www重定向到www!
如何将全部重定向到https://?
server
{
listen :80;
server_name example.com www.example.com ;
access_log /var/log/nginx/domains/example.com.log;
access_log /var/log/nginx/domains/example.com.bytes bytes;
error_log /var/log/nginx/domains/example.com.error.log;
root /home/admin/domains/example.com/public_html;
index index.php index.html index.htm;
include /usr/local/directadmin/data/users/admin/nginx_php.conf;
include /etc/nginx/webapps.conf;
return 301 https://$host$request_uri;
}
server
{
listen :443 ssl http2;
server_name example.com www.example.com ;
access_log /var/log/nginx/domains/example.com.log;
access_log /var/log/nginx/domains/example.com.bytes bytes;
error_log /var/log/nginx/domains/example.com.error.log;
root /home/admin/domains/example.com/private_html;
index index.php index.html index.htm;
ssl_certificate
/usr/local/directadmin/data/users/admin/domains/example.com.cert.combined;
ssl_certificate_key
/usr/local/directadmin/data/users/admin/domains/example.com.key;
include /usr/local/directadmin/data/users/admin/nginx_php.conf;
include /etc/nginx/webapps.ssl.conf;
add_header Strict-Transport-Security "max-age=3411" always;
open_file_cache max=200000 inactive=20s;
open_file_cache_valid 30s;
open_file_cache_min_uses 2;
open_file_cache_errors on;
client_header_timeout 3m;
client_body_timeout 10;
send_timeout 2;
client_header_buffer_size 1k;
large_client_header_buffers 4 4k;
gzip on;
gzip_min_length 10240;
gzip_proxied expired no-cache no-store private auth;
gzip_types text/plain text/css text/xml text/javascript application/x-
javascript application/json application/xml;
gzip_disable msie6;
output_buffers 1 32k;
postpone_output 1460;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
send_lowat 12000;
keepalive_timeout 65;
keepalive_requests 100000;
reset_timedout_connection on;
server_tokens off;
client_body_buffer_size 128k;
client_max_body_size 10m;
location = /favicon.ico {
log_not_found off;
access_log off;
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
location ~* \.(txt|log)$ {
allow 192.168.0.0/16;
deny all;
}
location ~ \..*/.*\.php$ {
return 403;
}
location ~ ^/sites/.*/private/ {
return 403;
}
location ~ ^/sites/[^/]+/files/.*\.php$ {
deny all;
}
location ~* ^/.well-known/ {
allow all;
}
location ~ (^|/)\. {
return 403;
}
location / {
try_files $uri /index.php?$query_string; # For Drupal >= 7
if ($allowed_country = no) {
return 443;
}
}
location @rewrite {
rewrite ^/(.*)$ /index.php?q=$1;
}
location ~ /vendor/.*\.php$ {
deny all;
return 404;
}
location ~ '\.php$|^/update.php' {
fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
include fastcgi_params;
fastcgi_param HTTP_PROXY "";
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param QUERY_STRING $query_string;
fastcgi_intercept_errors on;
#fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
}
location ~ ^/sites/.*/files/styles/ { # For Drupal >= 7
try_files $uri @rewrite;
}
location ~ ^(/[a-z\-]+)?/system/files/ { # For Drupal >= 7
try_files $uri /index.php?$query_string;
}
location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
try_files $uri @rewrite;
expires max;
log_not_found off;
}
}
答案 0 :(得分:0)
您进行的重定向看起来不错,但是您确定您具有example.com的有效ssl证书并且已正确安装在主机上? “您的连接不安全”消息通常与重定向无关,这是由于证书问题引起的。
答案 1 :(得分:0)
代替此:
return 301 https://$host$request_uri;
使用:
return 301 https://$server_name$request_uri;