Redirect nginx www应使用https下的301永久重定向_Redirect_Nginx_Https_Canonicalization

Redirect nginx www应使用https下的301永久重定向

redirect nginx https

Redirect nginx www应使用https下的301永久重定向,redirect,nginx,https,canonicalization,Redirect,Nginx,Https,Canonicalization,我试图通过添加第一个serverblock将www.example.com重定向到。但它不会重定向。而且它必须被永久重定向，以避免SEO问题和用户的安全警告这是我完整的NGINX配置文件： <code> server { listen 80; listen 443; server_name www.example.com; return 301 $scheme://example.com$request_uri; }

我试图通过添加第一个serverblock将www.example.com重定向到。但它不会重定向。而且它必须被永久重定向，以避免SEO问题和用户的安全警告

这是我完整的NGINX配置文件：

<code>
    server {

    listen 80;
    listen 443;
    server_name www.example.com;   
    return 301 $scheme://example.com$request_uri;
    }

    server {       
    listen 80 default_server;

    listen [::]:80 default_server ipv6only=on;       
    listen 443 ssl http2 default_server;
    listen [::]:443 ssl http2 default_server;

    root /var/www/html;

    index index.php index.html index.htm;
    server_name example.com;

    #Password protects the test subdomain
    ##  auth_basic "Restricted Content";
    ##  auth_basic_user_file /etc/nginx/.htpasswd;


    # Make site accessible from https://example.com/

    server_name example.com;
    include snippets/ssl-example.com.conf;        
    include snippets/ssl-params.conf;        
    location ~ /.well-known {              
    allow all;
        }       
    location / {    
    try_files $uri $uri/ /index.php$is_args$query_string;
    #try_files $uri $uri/ /index.php?q=$request_uri;                
    # First attempt to serve request as file, then               
    # as directory, then fall back to displaying a 404.             
    # try_files $uri $uri/ =404;              
    # Uncomment to enable naxsi on this location            
    # include /etc/nginx/naxsi.rules
    }  
    error_page 500 502 503 504 /50x.html;  
    location = /50x.html {

    root /usr/share/nginx/html;     
    }
    location ~ [^/]\.php(/|$) {
    fastcgi_split_path_info ^(.+?\.php)(/.*)$;
    if (!-f $document_root$fastcgi_script_name) {   
    return 404;
    }
    # Mitigate https://httpoxy.org/ vulnerabilities
    fastcgi_param HTTP_PROXY "";
    include snippets/fastcgi-php.conf;
    fastcgi_pass unix:/run/php/php7.0-fpm.sock;
    include fastcgi_params;
    }      
    location ~ \.php$ {
    #match actual filename with extension or file not found
    #try_files $uri $uri =404;
    include snippets/fastcgi-php.conf;   
    fastcgi_pass unix:/run/php/php7.0-fpm.sock;       
    }

    # deny access to .htaccess files, if Apache's document root   
    # concurs with nginx's one  
    #
    #location ~ /\.ht 
    {     
    #       deny all;
    #
    }

    }
</code>

至少，您的服务器块缺少在443端口和证书定义上启用

https

的

ssl

关键字

server {
    listen 80;
    listen 443 ssl;
    ssl_certificate     ...;
    ssl_certificate_key ...;

    server_name www.example.com;   
    return 301 $scheme://example.com$request_uri;
}

如果对于

example.com

和

www.example.com

，您只有一个证书文件，

ssl\u xxx

指令可能会出现在周围的块中，由两个服务器块继承。更多信息请参见。

我终于解决了这个问题。通过将www.example.com和example.com添加到Let's Encrypt证书中，它突然起了作用

是的 sudo-letsencrypt-certonly-a webroot--webroot路径=/var/www/html-d www.example.com，example.com

所以在重新启动nginx之后，www重定向突然起作用了！我还将重定向放在底部，并更改了nginx文件，如下所示：

server {
listen 443 ssl http2 default_server;
listen [::]:443 ssl http2 default_server;

include snippets/ssl-www.example.com.conf;
include snippets/ssl-params.conf;

root /var/www/html;
index index.php index.html index.htm;

server_name example.com;

#Password protects the test subdomain
##  auth_basic "Restricted Content";
##  auth_basic_user_file /etc/nginx/.htpasswd;

location ~ /.well-known {
allow all;
}
location / {
try_files $uri $uri/ /index.php$is_args$query_string;
# include /etc/nginx/naxsi.rules
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
location ~ [^/]\.php(/|$) {
fastcgi_split_path_info ^(.+?\.php)(/.*)$;
if (!-f $document_root$fastcgi_script_name) {
return 404;
}
# Mitigate https://httpoxy.org/ vulnerabilities
fastcgi_param HTTP_PROXY "";
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/run/php/php7.0-fpm.sock;
include fastcgi_params;
}
location ~ \.php$ {
#match actual filename with extension or file not found
#try_files $uri $uri =404;
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/run/php/php7.0-fpm.sock;
}
}
server {
listen [::]:80 default_server ipv6only=on;
listen 80 default_server;
server_name www.example.com;
return 301 https://example.com$request_uri;
}

Let's encrypt似乎不支持像*.example.com这样的通配符证书，所以我想我也必须为www.example.com添加一个证书，尽管我只是重定向它。那么？：server{listen 80 default_server；listen[：：]：80 default_server ipv6only=on；listen 443 ssl http2 default_server；listen[：：]：443 ssl http2 default_server；server_name www.example.com；include snippets/ssl-www.example.com.conf；include snippets/ssl-params.conf；返回301$scheme://example.com$request_uri；}server{listen 80 default_server；listen[：：]：80 default_server ipv6only=on；listen 443 ssl http2 default_server；listen[：：]：443 ssl http2 default_server；server_name example.com；