配置HTTPS
第一、云服务器账号内是否开放443端口
第二、内容服务器防火墙是否开放443
第三、查看是否有xsl、ssl扩展
第四、证书上传
第五、修改配置文件
server
{
listen 443 ssl;
server_name www.abc.com;
ssl_certificate /etc/nginx/cert/www.abc.com.crt;
ssl_certificate_key /etc/nginx/cert/www.abc.com.key;
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
index index.php index.html index.htm default.php default.htm default.html;
root /project/test/public;
access_log /var/log/nginx/www.abc.com.access.log main;
error_log /var/log/nginx/www.abc.com.error.log warn;
#ERROR-PAGE-START 错误页配置,可以注释、删除或修改
error_page 404 /404.html;
error_page 502 /502.html;
#ERROR-PAGE-END
#REWRITE-START URL重写规则引用,修改后将导致面板设置的伪静态规则失效
location / {
try_files $uri $uri/ /index.php$is_args$query_string;
client_max_body_size 100m;
}
#REWRITE-END
#禁止访问的文件或目录
location ~ ^/(\.user.ini|\.htaccess|\.git|\.project|LICENSE|README.md)
{
return 404;
}
location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
{
expires 30d;
access_log off;
}
location ~ \.php {
include /etc/nginx/fastcgi_params;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
set $real_script_name $fastcgi_script_name;
if ($fastcgi_script_name ~ "^(.+?\.php)(/.+)$") {
set $real_script_name $1;
set $path_info $2;
}
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param SCRIPT_NAME $real_script_name;
fastcgi_param PATH_INFO $path_info;
fastcgi_connect_timeout 300;
fastcgi_read_timeout 300;
fastcgi_send_timeout 300;
fastcgi_buffer_size 64k;
fastcgi_buffers 4 64k;
fastcgi_busy_buffers_size 128k;
}
location ~ .*\.(js|css)?$
{
expires 12h;
access_log off;
}
}
