【发布时间】:2017-01-11 12:49:42
【问题描述】:
我从 www 和非 www 重定向到我网站的 https-non-www uri 不起作用。
这里是我的服务器块:
server {
listen 80;
listen [::]:80;
server_name gfelot.xyz www.gfelot.xyz;
return 301 https://gfelot.xyz$request_uri;
}
server {
listen 443 ssl http2 default_server;
listen [::]:443 ssl http2 default_server;
include snippets/ssl-gfelot.xyz.conf;
include snippets/ssl-params.conf;
server_name gfelot.xyz;
access_log /var/log/nginx/gfelot.xyz.access.log;
error_log /var/log/nginx/gfelot.xyz.log;
root /var/www/html;
index index.html index.htm
error_page 404 /404.html;
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
location ~* \.css$ {
access_log off;
expires 1M;
add_header Pragma public;
add_header Cache-Control public;
add_header Vary Accept-Encoding;
}
}
包括 ssl-gfelot.xyz.conf :
ssl_certificate /etc/letsencrypt/live/gfelot.xyz/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/gfelot.xyz/privkey.pem;
包括 ssl-params.conf :
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH";
ssl_ecdh_curve secp384r1;
ssl_session_cache shared:SSL:10m;
ssl_session_tickets off;
ssl_stapling on;
ssl_stapling_verify on;
resolver 8.8.8.8 8.8.4.4 valid=300s;
resolver_timeout 5s;
# Disable preloading HSTS for now. You can use the commented out header line that includes
# the "preload" directive if you understand the implications.
#add_header Strict-Transport-Security "max-age=63072000; includeSubdomains; preload";
add_header Strict-Transport-Security "max-age=63072000; includeSubdomains";
add_header X-Frame-Options SAMEORIGIN;
add_header X-Content-Type-Options nosniff;
ssl_dhparam /etc/ssl/certs/dhparam.pem;
【问题讨论】:
标签: redirect nginx https http-status-code-301