以下配置将会把多个请求重定向301到 https://www.域名.com
[http://域名.com]
[http://www.域名.com]
[https://域名.com]
以上三个地址将重定向301到下面地址
[https://www.域名.com]
配置文件内的server如下
server {
listen 443;
server_name 域名.com;
ssl on; #打开认证
#证书配置
ssl_certificate /root/nginx/证书.pem;
ssl_certificate_key /root/nginx/证书.key;
location / {
return 301 https://www.域名.com$request_uri;
}
}
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name 域名.com;
return 301 https://www.域名.com$request_uri;
}
server {
listen 443;
server_name www.域名.com;
ssl on;
ssl_certificate /root/nginx/证书.pem;
ssl_certificate_key /root/nginx/证书.key;
#静态页面访问
location / {
root /var/www/html;
index index.html index.htm;
try_files $uri $uri/ /index.html last;
}
#后端api访问-可以不要
location /api/ {
proxy_pass http://123.123.123.123:8080/;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
#图片资源自定义配置-可以不要
location ~ ^/img/images/(\d+)/(.+\.(?:jpg|jpeg|png|gif))$ {
proxy_pass http://123.123.123.123:8080/img/images/$1/$2;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
#爬虫读取君子配置-可以不要
location = /sitemap.xml {
root /var/www/html;
}
}
### 多域名配置server {
listen 443;
server_name 域名.com www.域名.com;
ssl on; #打开认证
#证书配置
ssl_certificate /root/nginx/证书.pem;
ssl_certificate_key /root/nginx/证书.key;
location / {
return 301 https://www.域名.com$request_uri;
}
}
证书配置2
server {
listen 80;
server_name www.demo.com;
# 重定向所有 HTTP 请求到 HTTPS
return 301 https://$host$request_uri;
}
server {
listen 443 ssl;
server_name www.demo.com;
ssl_certificate /root/nginx/cert/certificate.crt; # 主证书文件
ssl_certificate_key /root/nginx/cert/private.key; # 私钥文件
ssl_trusted_certificate /root/nginx/cert/ca_bundle.crt; # CA 证书链文件
ssl_protocols TLSv1.2 TLSv1.3; # 启用的TLS协议
ssl_ciphers HIGH:!aNULL:!MD5; # 安全的加密套件
ssl_prefer_server_ciphers on; # 优先使用服务器端的加密套件
ssl_session_cache shared:SSL:10m; # 启用SSL会话缓存
ssl_session_timeout 5m; # 会话超时时间
location / {
root /var/www/html;
index index.html index.htm;
try_files $uri $uri/ /index.html last;
}
location /api/ {
proxy_pass http://u.demo.com:7777/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
location ~ ^/img/images/(\d+)/(.+\.(?:jpg|jpeg|png|gif))$ {
proxy_pass http://u.demo.com:7777/img/images/$1/$2;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
location = /sitemap.xml {
root /var/www/html;
}
}设置反向代理
server {
listen 80; # 监听80端口
server_name yourdomain.com; # 替换为你的域名
location / {
proxy_pass http://yy.demo.com; # 将请求代理到目标服务器
proxy_set_header Host $host; # 保持请求中的Host头
proxy_set_header X-Real-IP $remote_addr; # 转发客户端真实IP
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; # 添加X-Forwarded-For头
proxy_set_header X-Forwarded-Proto $scheme; # 添加X-Forwarded-Proto头
}
}负载均衡配置
upstream backend_servers {
server blog.demo.com weight=1; # 权重较低
server blog.demo.cn:47780 weight=3; # 权重较高
}
server {
listen 80;
server_name www.jaos.cn;
location / {
proxy_pass http://backend_servers;
# 设置常见的代理头信息
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}配置文件下载
location /load/ {
alias /root/nginx/data/;
autoindex on;
autoindex_exact_size off;
autoindex_localtime on;
charset utf-8;
}