NGINX将单个HTTPS URL重写为HTTP

在我的NGINX服务器上，我将所有非SSL通信重定向到我的SSL站点

现在，我想从中排除一个URL，特别是： https://pyronexus.com/forum/pages.php 附加到pages.php的所有内容，例如pages.php？page=blahblah重定向到http://pyronexus.com/forum/pages.php等等

到目前为止，我的配置文件看起来是这样的，但我没有任何运气让我为这个url重新编写的内容起作用

server {
    server_name
        www.pyronexus.com
    ;

    listen 80 default;
    listen 443 ssl;

    ssl_certificate ssl/pyronexus.com.crt;
    ssl_certificate_key ssl/pyronexus.com.key;

    return 301 https://pyronexus.com$request_uri;
}

server {
    server_name
        pyronexus.com
    ;

    listen 80;
    listen 443 default ssl;

    ssl_certificate ssl/pyronexus.com.crt;
    ssl_certificate_key ssl/pyronexus.com.key;

    root /home/nginx/pyronexus.com/public;
    index index.html index.php;

    access_log /home/nginx/pyronexus.com/logs/access.log;
    error_log /home/nginx/pyronexus.com/logs/error.log;

    include php.conf;
    include mime.types;

    location /forum/ {
        #include pyronexus-naxsi.rules;
        rewrite ^/forum/forum-([0-9]+)\.html$ /forum/forumdisplay.php?fid=$1;
        rewrite ^/forum/forum-([0-9]+)-page-([0-9]+)\.html$ /forum/forumdisplay.php?fid=$1&page=$2;
        rewrite ^/forum/thread-([0-9]+)\.html$ /forum/showthread.php?tid=$1;
        rewrite ^/forum/thread-([0-9]+)-page-([0-9]+)\.html$ /forum/showthread.php?tid=$1&page=$2;
        rewrite ^/forum/thread-([0-9]+)-lastpost\.html$ /forum/showthread.php?tid=$1&action=lastpost;
        rewrite ^/forum/thread-([0-9]+)-nextnewest\.html$ /forum/showthread.php?tid=$1&action=nextnewest;
        rewrite ^/forum/thread-([0-9]+)-nextoldest\.html$ /forum/showthread.php?tid=$1&action=nextoldest;
        rewrite ^/forum/thread-([0-9]+)-newpost\.html$ /forum/showthread.php?tid=$1&action=newpost;
        rewrite ^/forum/thread-([0-9]+)-post-([0-9]+)\.html$ /forum/showthread.php?tid=$1&pid=$2;
        rewrite ^/forum/post-([0-9]+)\.html$ /forum/showthread.php?pid=$1;
        rewrite ^/forum/announcement-([0-9]+)\.html$ /forum/announcements.php?aid=$1;
        rewrite ^/forum/user-([0-9]+)\.html$ /forum/member.php?action=profile&uid=$1;
        rewrite ^/forum/calendar-([0-9]+)\.html$ /forum/calendar.php?calendar=$1;
        rewrite ^/forum/calendar-([0-9]+)-year-([0-9]+)\.html$ /forum/calendar.php?action=yearview&calendar=$1&year=$2;
        rewrite ^/forum/calendar-([0-9]+)-year-([0-9]+)-month-([0-9]+)\.html$ /forum/calendar.php?calendar=$1&year=$2&month=$3;
        rewrite ^/forum/calendar-([0-9]+)-year-([0-9]+)-month-([0-9]+)-day-([0-9]+)\.html$ /forum/calendar.php?action=dayview&calendar=$1&year=$2&month=$3&day=$4;
        rewrite ^/forum/calendar-([0-9]+)-week-(n?[0-9]+)\.html$ /forum/calendar.php?action=weekview&calendar=$1&week=$2;
        rewrite ^/forum/event-([0-9]+)\.html$ /forum/calendar.php?action=event&eid=$1;
        rewrite ^/forum/archive/index\.php/forum-([0-9]+)\.html$ /forum/archive/index.php?forum-$1.html;
        rewrite ^/forum/archive/index\.php/thread-([0-9]+)\.html$ /forum/archive/index.php?thread-$1.html;
    }

    location ~ /forum/(inc) {
        deny all;
    }
}

我尝试过的重写规则是这样的，但我仍在掌握这些规则的工作原理：

rewrite ^https://pyronexus.com/forum/pages\.php(.*)$ http://pyronexus.com/forum/pages.php$1;

打开您站点的配置，我的是/etc/nginx/sites enabled/pyronexus.com。 添加以下服务器指令，根据需要调整变量：

server {
    server_name
        www.your-site.com
    ;

    listen 80;
    listen 443 ssl;

    ssl_certificate ssl/your-certificate.crt;
    ssl_certificate_key ssl/your-certificate.key;

    return 301 https://your-site.com$request_uri;
}

此指令将强制任何www连接（无论是通过SSL还是非SSL）连接到非www

添加另一个指令。尽管在本指令中，您可以添加不希望启用SSL的页面的任何排除项。将它们添加到location ~/{}指令之前，我在其中包含了一个示例，它从HTTPS连接中排除：

server {
    server_name
        your-site.com
    ;

    listen 80 default;

    root /your/site/root;

    access_log /your/logs/location/access.log;
    error_log /your/logs/location/error.log;

    include global.conf;

    # This excludes forum/pages.php from being forced through HTTPS
    location ~ ^/forum/pages\.php$ {
        include php.conf;
    }

    # This will force any http:// connections through https://
    location ~ / {
        return 301 https://your-site.com$request_uri;
    }
}

添加第三个也是最后一个指令。这是处理所有SSL连接的指令。您还需要在此处添加您上面添加的任何排除项，并将用户重定向到http连接：

server {
    server_name
        your-site.com
    ;

    listen 443 default ssl;

    ssl_certificate ssl/your-site.crt;
    ssl_certificate_key ssl/your-site.key;

    root /your/site/root;

    access_log /your/logs/location/access.log;
    error_log /your/logs/location/error.log;

    include global.conf;

    # This will force forum/pages.php through http://
    location ~ ^/forum/pages\.php$ {
        return 301 http://your-site.com$request_uri;
    }

    include php.conf;
}

就这样！测试您的配置

如果您想知道my global.conf和php.conf中有什么，那么它们是：

global.conf：

# Tries to access the file directly before handing over to index.php
location / {
    try_files $uri $uri/ /index.php?$args;
}

# Exclude common static file formats from logging and cache as long as possible
location ~* ^.+\.(ogg|ogv|svg|svgz|eot|otf|woff|mp4|ttf|rss|atom|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf|txt)$ {
    access_log off;
    log_not_found off;
    expires max;
}

# Deny access to files that start with a dot, such as .htaccess
location ~ /\. {
    deny all;
}

# Deny access to php files in folders named uploads and files (this is to prevent people uploading php files and executing them)
location ~* /(?:uploads|files)/.*\.php$ {
    deny all;
}

php.conf：

# Pass all php files to php5-fpm
location ~ \.php$ {
    try_files $uri =404;

    include fastcgi_params;

    fastcgi_pass unix:/var/run/php5-fpm.sock;
    fastcgi_index index.php;
}

资料来源：