[英]Apply SSL and www in main domain and not in subdomain in nginx
I am working on to apply SSL (https) and www to domain ("https:// www.xyz.com") in the browser whenever I type anything for the domain ("xyz.com"). 每当我为域(“ xyz.com”)输入任何内容时,我都在努力将SSL(https)和www应用于浏览器中的域(“ https:// www.xyz.com”)。
I have subdomains as well and I don't want to apply "www" in subdomains (this is working fine). 我也有子域名,并且我不想在子域名中应用“ www”(这很好)。
Everything is working great except if I type "https:// xyz.com" in the browser, ngingx doesn't apply www (it should be "https:// www.xyz.com") but it gives "https:// xyz.com" only. 除非我在浏览器中输入“ https:// xyz.com”,否则ngingx不适用于www(应为“ https:// www.xyz.com”),但它会显示“ https:/ / xyz.com”。
Following is the config file of sites-available: 以下是网站可用的配置文件:
server {
listen 443;
server_name xyz.com *.xyz.com;
ssl on;
ssl_certificate /etc/nginx/ssl/xyz.crt;
ssl_certificate_key /etc/nginx/ssl/*.xyz.com.key;
ssl_session_timeout 5m;
ssl_protocols SSLv3 TLSv1;
ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv3:+EXP;
ssl_prefer_server_ciphers on;
location / {
proxy_pass http://127.0.0.1:8069;
proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;
proxy_buffer_size 128k;
proxy_buffers 16 64k;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
location ~* /web/static/ {
proxy_buffering off;
proxy_pass http://127.0.0.1:8069;
}
}
}
server {
listen 80;
server_name xyz.com;
add_header Strict-Transport-Security max-age=2592000;
rewrite ^/.*$ https://www.$host$request_uri? permanent;
}
server {
listen 80;
server_name *.xyz.com;
add_header Strict-Transport-Security max-age=2592000;
rewrite ^/.*$ https://$host$request_uri? permanent;
}
Kindly guide me where I am doing wrong. 请指导我哪里做错了。
Thanks in advance. 提前致谢。
move add_header Strict-Transport-Security max-age=2592000;
移动
add_header Strict-Transport-Security max-age=2592000;
option to ssl server block with 443 port. 带有443端口的ssl服务器块的选项。
server {
listen 443;
add_header Strict-Transport-Security max-age=2592000;
# rest configs
}
Change http 80 block to 将http 80块更改为
server {
listen 80;
listen [::]:80;
server_name example.com;
return 301 https://www.example.com$request_uri; # permenent redirect
}
NOTE: any changes made to nginx config needs a reload
signal to nginx process to apply the changes in ubuntu it requires sudo service nginx reload
注意:对nginx配置所做的任何更改都需要向nginx进程
reload
信号以将更改应用到ubuntu中,这需要sudo service nginx reload
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.