1. 首页
  2. 问答
  3. 将NGINX http重定向到https

将NGINX http重定向到https

2017-07-30 134 views
0

我在我的域名memorisemedicine.com上使用了Nginx服务器上的LetsEncrypt。将NGINX http重定向到https

我在位于/ etc/nginx/sites-available的'memorize-frontend.conf'文件末尾添加了一个服务器块,该文件应该将非SSL流量重定向到SSL(https)。

现在,当我不使用https://访问网站时,我注意到有时我现在正确地重定向了。但特别是在Firefox中,这对我不起作用&我仍然可以访问此域上的http://页面,这是我永远不可能实现的。有人知道我的.conf文件有什么问题吗?我也尝试编辑nginx.conf文件,但它似乎并没有很好地使用服务器模块。

server { 
charset utf-8; 
client_max_body_size 128M; 

listen 80; ## listen for ipv4 
#listen [::]:80 default_server ipv6only=on; ## listen for ipv6 



server_name memorisemedicine.com www.memorisemedicine.com; 


root  /srv/memorise/frontend/web; 
index  index.php; 



# access_log /path/to/basic/log/access.log; 
# error_log /path/to/basic/log/error.log; 

location/{ 
    # Redirect everything that isn't a real file to index.php 
    try_files $uri $uri/ /index.php$is_args$args; 
} 

# uncomment to avoid processing of calls to non-existing static files by Yii 
#location ~ \.(js|css|png|jpg|gif|swf|ico|pdf|mov|fla|zip|rar)$ { 
# try_files $uri =404; 
#} 
#error_page 404 /404.html; 

# deny accessing php files for the /assets directory 
location ~ ^/assets/.*\.php$ { 
    deny all; 
} 

location ~ \.php$ { 
    include fastcgi_params; 
    fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; 
    #fastcgi_pass unix:/var/run/php5-fpm.sock; 
    fastcgi_pass unix:/run/php/php7.0-fpm.sock; 
    try_files $uri =404; 
} 

location ~* /\. { 
    deny all; 
} 

listen 443 ssl; # managed by Certbot 
ssl_certificate /etc/letsencrypt/live/memorisemedicine.com/fullchain.pem; # man$ 
ssl_certificate_key /etc/letsencrypt/live/memorisemedicine.com/privkey.pem; # m$ 
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot 

} 

server { 
return 301 https://memorisemedicine.com$request_uri; 
}

来源

2017-07-30 little tiny man

+0

您的主服务器模块正在监听端口80和443 - 您应该将“listen 80”移动到其他服务器模块。 –

+0

嘿理查德,感谢您的帮助。你是对的,我发现了一些与443一起使用的“listen”实例,并且我删除了那些服务器块,因为它们不是必需的。似乎我仍然没有被重定向到网站的SSL版本.. –

+0

回来我想我知道你的意思 - 我添加了'听80;'使整行'服务器{805;}}听听80; return 301 https://memorisemedicine.com$request_uri;并且它仍然不会重定向。我的普通http流量应该全部通过80 –

回答

0

在你的nginx的配置我不能看到它会监听端口443的SSL服务器的一部分。 我将添加我的配置,以便可以编辑它自己的需要:

server { 
    listen 80; 
    listen [::]:80; 

    return 301 https://$server_name$request_uri; 

    access_log /var/log/nginx/api.example.com-access.log timed; 
    error_log /var/log/nginx/api.example.com-error.log; 

    root /var/www/example/html/public; 

    server_name api.example.com; 

    location/{ 
     index index.html index.php; 
     try_files $uri $uri/ @php; 
    } 

    location ~ \.php$ { 
     fastcgi_pass unix:/var/run/php/php7.0-fpm.sock; 
     fastcgi_param SCRIPT_FILENAME /var/www/example/html/public/index.php; 
     include fastcgi_params; 
    } 

    location ~ /.well-known { 
       allow all; 
     } 

} 

server { 
    listen 443 ssl; 
    listen [::]:443 ssl; 

    access_log /var/log/nginx/api.example.com-access.log timed; 
    error_log /var/log/nginx/api.example.com-error.log; 

    root /var/www/example/html/public; 

    server_name api.example.com; 

    include snippets/ssl-api.example.com.conf; 
    include snippets/ssl-params.conf; 

    location/{ 
     index index.html index.php; 
     try_files $uri $uri/ /index.php?q=$uri&$args; 
    } 

    location ~ \.php$ { 
     fastcgi_pass unix:/var/run/php/php7.0-fpm.sock; 
     fastcgi_param SCRIPT_FILENAME /var/www/example/html/public/index.php; 
     include fastcgi_params; 
    } 

    location ~ /.well-known { 
       allow all; 
     } 

}

我有段/ SSL-api.example.com.conf;包括完整链私有certbot

来源

2017-07-31 22:44:26 Noob

相关问题

 相关问题