server { listen 80; server_name www.domain.com; index index.php index.html index.htm default.php default.htm default.html; root /www/wwwroot/domain.com; location /wap { rewrite ^/wap(.*)$ https://m.domain.com$1 permanent; } #SSL-START SSL相关配置,请勿删除或修改下一行带注释的404规则 #error_page 404/404.html; ssl_certificate /etc/letsencrypt/live/www.domain.com/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/www.domain.com/privkey.pem; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE; ssl_prefer_server_ciphers on; ssl_session_cache shared:SSL:10m; ssl_session_timeout 10m; error_page 497 https://$host$request_uri; #SSL-END #ERROR-PAGE-START 错误页配置,可以注释、删除或修改 error_page 404 /404.html; error_page 502 /502.html; #ERROR-PAGE-END #PHP-INFO-START PHP引用配置,可以注释或修改 include enable-php-55.conf; #PHP-INFO-END #REWRITE-START URL重写规则引用,修改后将导致面板设置的伪静态规则失效 include /www/server/panel/vhost/rewrite/www.domain.com.conf; #REWRITE-END #禁止访问的文件或目录 location ~ ^/(\.user.ini|\.htaccess|\.git|\.svn|\.project|LICENSE|README.md) { return 404; } #一键申请SSL证书验证目录相关设置 location ~ \.well-known{ allow all; } location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$ { expires 30d; error_log off; access_log off; } location ~ .*\.(js|css)?$ { expires 12h; error_log off; access_log off; } access_log /www/wwwlogs/www.domain.com.log; error_log /www/wwwlogs/www.domain.com.error.log; } server { listen 443 ssl http2; server_name m.domain.com; index index.php index.html index.htm default.php default.htm default.html; root /www/wwwroot/domain.com; #SSL-START SSL相关配置,请勿删除或修改下一行带注释的404规则 #error_page 404/404.html; ssl_certificate /etc/letsencrypt/live/www.domain.com/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/www.domain.com/privkey.pem; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE; ssl_prefer_server_ciphers on; ssl_session_cache shared:SSL:10m; ssl_session_timeout 10m; error_page 497 https://$host$request_uri; #SSL-END #ERROR-PAGE-START 错误页配置,可以注释、删除或修改 error_page 404 /404.html; error_page 502 /502.html; #ERROR-PAGE-END #PHP-INFO-START PHP引用配置,可以注释或修改 include enable-php-55.conf; #PHP-INFO-END #REWRITE-START URL重写规则引用,修改后将导致面板设置的伪静态规则失效 include /www/server/panel/vhost/rewrite/www.domain.com.conf; #REWRITE-END #禁止访问的文件或目录 location ~ ^/(\.user.ini|\.htaccess|\.git|\.svn|\.project|LICENSE|README.md) { return 404; } #一键申请SSL证书验证目录相关设置 location ~ \.well-known{ allow all; } location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$ { expires 30d; error_log off; access_log off; } location ~ .*\.(js|css)?$ { expires 12h; error_log off; access_log off; } access_log /www/wwwlogs/www.domain.com.log; error_log /www/wwwlogs/www.domain.com.error.log; } server { listen 80; server_name domain.com; return 301 http://www.domain.com$request_uri; } server { listen 80; server_name m.domain.com; return 301 https://m.domain.com$request_uri; }
服务器环境 宝塔面板 centos7.5 + nginx1.14 + php5.6.
网站是thinkphp搭建的,解析了一个m.domain.com的子域名到wap模块,客户希望网站部署https,但是申请的是单域名证书,所以部署到了m.domain.com这个子域名上,并做了301
温馨提示! 以下是付费内容 你可以随意修改付费可见的字段或内容,这里仅测试标题:nginx部署ssl,http跳转到https配置示例 请直接修改模板中需要显示的付费字段
发表评论 取消回复