Redirect nginx www应使用https下的301永久重定向
我试图通过添加第一个serverblock将www.example.com重定向到。但它不会重定向。而且它必须被永久重定向,以避免SEO问题和用户的安全警告 这是我完整的NGINX配置文件:Redirect nginx www应使用https下的301永久重定向,redirect,nginx,https,canonicalization,Redirect,Nginx,Https,Canonicalization,我试图通过添加第一个serverblock将www.example.com重定向到。但它不会重定向。而且它必须被永久重定向,以避免SEO问题和用户的安全警告 这是我完整的NGINX配置文件: <code> server { listen 80; listen 443; server_name www.example.com; return 301 $scheme://example.com$request_uri; }
<code>
server {
listen 80;
listen 443;
server_name www.example.com;
return 301 $scheme://example.com$request_uri;
}
server {
listen 80 default_server;
listen [::]:80 default_server ipv6only=on;
listen 443 ssl http2 default_server;
listen [::]:443 ssl http2 default_server;
root /var/www/html;
index index.php index.html index.htm;
server_name example.com;
#Password protects the test subdomain
## auth_basic "Restricted Content";
## auth_basic_user_file /etc/nginx/.htpasswd;
# Make site accessible from https://example.com/
server_name example.com;
include snippets/ssl-example.com.conf;
include snippets/ssl-params.conf;
location ~ /.well-known {
allow all;
}
location / {
try_files $uri $uri/ /index.php$is_args$query_string;
#try_files $uri $uri/ /index.php?q=$request_uri;
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
# try_files $uri $uri/ =404;
# Uncomment to enable naxsi on this location
# include /etc/nginx/naxsi.rules
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
location ~ [^/]\.php(/|$) {
fastcgi_split_path_info ^(.+?\.php)(/.*)$;
if (!-f $document_root$fastcgi_script_name) {
return 404;
}
# Mitigate https://httpoxy.org/ vulnerabilities
fastcgi_param HTTP_PROXY "";
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/run/php/php7.0-fpm.sock;
include fastcgi_params;
}
location ~ \.php$ {
#match actual filename with extension or file not found
#try_files $uri $uri =404;
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/run/php/php7.0-fpm.sock;
}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht
{
# deny all;
#
}
}
</code>
至少,您的服务器块缺少在443端口和证书定义上启用
https
的ssl
关键字
server {
listen 80;
listen 443 ssl;
ssl_certificate ...;
ssl_certificate_key ...;
server_name www.example.com;
return 301 $scheme://example.com$request_uri;
}
如果对于
example.com
和www.example.com
,您只有一个证书文件,ssl\u xxx
指令可能会出现在周围的块中,由两个服务器块继承。更多信息请参见。我终于解决了这个问题。通过将www.example.com和example.com添加到Let's Encrypt证书中,它突然起了作用
是的
sudo-letsencrypt-certonly-a webroot--webroot路径=/var/www/html-d www.example.com,example.com
所以在重新启动nginx之后,www重定向突然起作用了!
我还将重定向放在底部,并更改了nginx文件,如下所示:
server {
listen 443 ssl http2 default_server;
listen [::]:443 ssl http2 default_server;
include snippets/ssl-www.example.com.conf;
include snippets/ssl-params.conf;
root /var/www/html;
index index.php index.html index.htm;
server_name example.com;
#Password protects the test subdomain
## auth_basic "Restricted Content";
## auth_basic_user_file /etc/nginx/.htpasswd;
location ~ /.well-known {
allow all;
}
location / {
try_files $uri $uri/ /index.php$is_args$query_string;
# include /etc/nginx/naxsi.rules
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
location ~ [^/]\.php(/|$) {
fastcgi_split_path_info ^(.+?\.php)(/.*)$;
if (!-f $document_root$fastcgi_script_name) {
return 404;
}
# Mitigate https://httpoxy.org/ vulnerabilities
fastcgi_param HTTP_PROXY "";
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/run/php/php7.0-fpm.sock;
include fastcgi_params;
}
location ~ \.php$ {
#match actual filename with extension or file not found
#try_files $uri $uri =404;
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/run/php/php7.0-fpm.sock;
}
}
server {
listen [::]:80 default_server ipv6only=on;
listen 80 default_server;
server_name www.example.com;
return 301 https://example.com$request_uri;
}
Let's encrypt似乎不支持像*.example.com这样的通配符证书,所以我想我也必须为www.example.com添加一个证书,尽管我只是重定向它。那么?:server{listen 80 default_server;listen[::]:80 default_server ipv6only=on;listen 443 ssl http2 default_server;listen[::]:443 ssl http2 default_server;server_name www.example.com;include snippets/ssl-www.example.com.conf;include snippets/ssl-params.conf;返回301$scheme://example.com$request_uri;}server{listen 80 default_server;listen[::]:80 default_server ipv6only=on;listen 443 ssl http2 default_server;listen[::]:443 ssl http2 default_server;server_name example.com;