如何使用certbot for HTTPS将www重定向到非www&;nginx
我正在尝试将www重定向到非www,但它不起作用。我试过类似问题的各种答案,但都不起作用 我有3个域的SSL证书,分别是如何使用certbot for HTTPS将www重定向到非www&;nginx,nginx,https,ssl-certificate,nginx-config,certbot,Nginx,Https,Ssl Certificate,Nginx Config,Certbot,我正在尝试将www重定向到非www,但它不起作用。我试过类似问题的各种答案,但都不起作用 我有3个域的SSL证书,分别是example.com、www.example.com和admin.example.com 这是我当前的配置,适用于非www和admin,但www.example.com不起作用 # HTTP - redirect all requests to HTTPS server { listen 80; listen [::]:80; return 301 h
example.com
、www.example.com
和admin.example.com
这是我当前的配置,适用于非www和admin,但www.example.com不起作用
# HTTP - redirect all requests to HTTPS
server {
listen 80;
listen [::]:80;
return 301 https://$host$request_uri;
}
# Redirect to non-www
server {
server_name www.example.com;
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/example.se/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/example.se/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
return 301 https://example.com$request_uri;
}
# non-www
server {
server_name example.com;
location / {
proxy_pass http://localhost:3000;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/example.se/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/example.se/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
# CMS
server {
server_name admin.example.com;
location / {
proxy_pass http://localhost:1337;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/example.se/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/example.se/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
我使用DigitalOcean,其中管理员和非www都指向我的液滴,而www.example.com有一个指向example.com(非www)的CNAME记录。首先,www.example.com和example.com应该位于一个服务器块中 其次,您需要将其添加到您的
#非www
服务器配置博客中
if ($host = 'www.example.com') {
return 301 https://example.com$request_uri;
}
第三,要将所有请求重定向到HTTPS,必须在#HTTP-将所有请求重定向到HTTPS
块中添加服务器名称
最后,您的NGINX配置文件如下所示
# HTTP - redirect all requests to HTTPS
server {
server_name example.com www.example.com admin.example.com;
listen 80;
listen [::]:80;
return 301 https://$host$request_uri;
}
# non-www
server {
server_name example.com www.example.com;
location / {
proxy_pass http://localhost:3000;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
if ($host = 'www.example.com') {
return 301 https://example.com$request_uri;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/example.se/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/example.se/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
# CMS
server {
server_name admin.example.com;
location / {
proxy_pass http://localhost:1337;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/example.se/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/example.se/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
更新NGINX配置文件后,请重新启动NGINX:
$ sudo systemctl restart nginx