以本网站的域名为实例进行操作
upstream jiadian_365_main {
server 127.0.0.1:10801;
}
server {
listen 80;
server_name jiadian-365.cn www.jiadian-365.cn;
# 重定向HTTP到HTTPS
rewrite ^(.*) https://$host$1 permanent;
}
server {
listen 443 ssl;
server_name jiadian-365.cn www.jiadian-365.cn;
#SSL-START SSL相关配置,请勿删除或修改下一行带注释的404规则
ssl_certificate ssl/jiadian-365-cn-0911141924_chain.crt;
ssl_certificate_key ssl/jiadian-365-cn-0911141924_key.key;
ssl_session_timeout 5m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;
ssl_prefer_server_ciphers on;
add_header Strict-Transport-Security "max-age=31536000" always;
#SSL-END
location / {
proxy_pass http://jiadian_365_main;
proxy_redirect http:// $scheme://;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
#proxy_set_header Connection keep-alive;
#proxy_set_header Host $host:$server_port;
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
网上很多教程没有包含标红的那两行,具体有啥作用自己百度,如果没有配置则nginx会自动跳转到http://www.jiadian-365.cn:443/ 上,对于访客来说正常访问好像没啥影响,但是对于管理员来讲编辑页面的时候就会用到iframe嵌套,从而触发浏览器安全机制阻止页面正常加载
