我在Rackspace云上使用nginx,遵循一个教程,搜索了网络,到目前为止还不能得到这个排序。
我想要www.mysite.example去mysite。例如,正常的。htaccess为SEO和其他原因。
My /etc/nginx/sites-available/www.example.com.vhost config:
server {
listen 80;
server_name www.example.com example.com;
root /var/www/www.example.com/web;
if ($http_host != "www.example.com") {
rewrite ^ http://example.com$request_uri permanent;
}
我也试过
server {
listen 80;
server_name example.com;
root /var/www/www.example.com/web;
if ($http_host != "www.example.com") {
rewrite ^ http://example.com$request_uri permanent;
}
我也试过。第二次尝试都给出重定向循环错误。
if ($host = 'www.example.com' ) {
rewrite ^ http://example.com$uri permanent;
}
我的DNS设置为标准:
site.example 192.192.6.8 A type at 300 seconds
www.site.example 192.192.6.8 A type at 300 seconds
(示例ip和文件夹已用于示例和帮助人们在未来)。我使用Ubuntu 11。
我的配置是- Nginx + tomcat 9 + Ubuntu 20.04 + spring boot app
上面所有的答案都不适合我-也不适合Nginx文件中的上游符号-所以我改变了我的设置
感谢上帝的certbot -这个util非常有用,它为您的网站生成基本文件,然后我添加了我的更改-重定向https://www.example.com, http://www.example.com到只有一个https://example.com
server {
if ($host = www.example.com) {
return 301 https://example.com$request_uri;
}
root /var/www/example.com/html;
index index.html index.htm index.nginx-debian.html;
server_name example.com www.example.com;
location / {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://127.0.0.1:8080; # This is upstream name, note the variable $scheme in it
proxy_redirect off;
}
listen [::]:443 ssl ipv6only=on; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/www.example.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/www.example.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = www.example.com) {
return 301 https://example.com$request_uri;
} # managed by Certbot
if ($host = example.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
listen [::]:80;
server_name example.com www.example.com;
return 404; # managed by Certbot
}
实际上你甚至不需要重写。
server {
#listen 80 is default
server_name www.example.com;
return 301 $scheme://example.com$request_uri;
}
server {
#listen 80 is default
server_name example.com;
## here goes the rest of your conf...
}
因为我的答案得到越来越多的支持,但上面也一样。永远不要在这种情况下使用重写。为什么?因为nginx必须处理并开始搜索。如果你使用return(应该在任何nginx版本中都可用),它会直接停止执行。这在任何上下文中都是首选。
将非SSL和SSL都重定向到它们的非www对应对象:
server {
listen 80;
listen 443 ssl;
server_name www.example.com;
ssl_certificate path/to/cert;
ssl_certificate_key path/to/key;
return 301 $scheme://example.com$request_uri;
}
server {
listen 80;
listen 443 ssl;
server_name example.com;
ssl_certificate path/to/cert;
ssl_certificate_key path/to/key;
# rest goes here...
}
如果您的服务器只在端口80(默认)上监听,并且listen选项不包含ssl关键字,$scheme变量将只包含http。不使用该变量将不会为您带来任何性能。
注意,如果使用HSTS,则需要更多的服务器块,因为HSTS头不应该通过非加密连接发送。因此,您需要带重定向的未加密服务器块和带重定向和HSTS标头的加密服务器块。
重定向所有内容到SSL(个人配置UNIX与IPv4, IPv6, SPDY,…):
#
# Redirect all www to non-www
#
server {
server_name www.example.com;
ssl_certificate ssl/example.com/crt;
ssl_certificate_key ssl/example.com/key;
listen *:80;
listen *:443 ssl spdy;
listen [::]:80 ipv6only=on;
listen [::]:443 ssl spdy ipv6only=on;
return 301 https://example.com$request_uri;
}
#
# Redirect all non-encrypted to encrypted
#
server {
server_name example.com;
listen *:80;
listen [::]:80;
return 301 https://example.com$request_uri;
}
#
# There we go!
#
server {
server_name example.com;
ssl_certificate ssl/example.com/crt;
ssl_certificate_key ssl/example.com/key;
listen *:443 ssl spdy;
listen [::]:443 ssl spdy;
# rest goes here...
}
我猜你们现在可以自己想象其他化合物的这种模式。
更多我的配置?去这里和这里。
