Nginx:将非 www 重定向到 www https [英] Nginx: Redirect non-www to www https

问题描述

我有下面的 nginx 配置，我正在尝试将所有内容重定向到 https://www，不管是什么示例 http://example.com、http://www.example.com 或 https://example.com.>

我查看了许多关于 SO 的主题并尝试了几件事，但仍然被难住了，我永远无法获得 https://example.com 重定向到 https://www 模式！?

服务器{听80；听 443 ssl；server_name example.com;返回 301 https://www.example.com$request_uri;}服务器 {听 443 ssl；ssl_certificate/etc/letsencrypt/live/example.com/fullchain.pem;ssl_certificate_key/etc/letsencrypt/live/example.com/privkey.pem;ssl_protocols TLSv1 TLSv1.1 TLSv1.2；ssl_prefer_server_ciphers on;ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';ssl_dhparam/etc/nginx/ssl/dhparams.pem;ssl_session_timeout 30m;ssl_session_cache 共享:SSL:10m；ssl_buffer_size 8k；add_header Strict-Transport-Security max-age=31536000;根目录/usr/share/nginx/html;# 加载默认服务器块的配置文件.包括/etc/nginx/default.d/*.conf;地点/{}error_page 404/404.html;位置 =/40x.html {}error_page 500 502 503 504/50x.html；位置 =/50x.html {}}

解决方案

让一个 server 块成为默认服务器，并给另一个 server 块一个真正的 server_name.

服务器{听 80 default_server;听 443 ssl default_server;ssl_certificate ...;ssl_certificate_key ...;返回 301 https://www.example.com$request_uri;}服务器 {听 443 ssl；server_name www.example.com;ssl_certificate ...;ssl_certificate_key ...;...}

https 的默认服务器需要有效的证书.假设您有一个通配符证书 - 大多数 ssl_ 语句可以移动到外部块中并由两个服务器块继承.例如:

ssl_certificate ...;ssl_certificate_key ...;ssl_...;服务器 {听 80 default_server;听 443 ssl default_server;返回 301 https://www.example.com$request_uri;}服务器 {听 443 ssl；server_name www.example.com;...}

有关更多信息，请参阅本文档.

I have my below nginx config, I'm trying to redirect everything to https://www regardless of what comes in for example http://example.com, http://www.example.com or https://example.com.

I've looked at numerous topics on SO and tried a couple of things but still stumped, I can't ever get https://example.com to redirect to the https://www pattern!?

server {
    listen          80;
    listen          443 ssl;
    server_name     example.com;
    return          301 https://www.example.com$request_uri;
}

server {
    listen       443 ssl;

    ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_prefer_server_ciphers on;
    ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
    ssl_dhparam /etc/nginx/ssl/dhparams.pem;
    ssl_session_timeout 30m;
    ssl_session_cache shared:SSL:10m;
    ssl_buffer_size 8k;
    add_header Strict-Transport-Security max-age=31536000;

    root         /usr/share/nginx/html;

    # Load configuration files for the default server block.
    include /etc/nginx/default.d/*.conf;

    location / {
    }

    error_page 404 /404.html;
        location = /40x.html {
    }

    error_page 500 502 503 504 /50x.html;
        location = /50x.html {
    }
}

解决方案

Make one server block a default server and give the other server block the one true server_name.

server {
    listen  80 default_server;
    listen  443 ssl default_server;

    ssl_certificate ...;
    ssl_certificate_key ...;
    return  301 https://www.example.com$request_uri;
}

server {
    listen  443 ssl;
    server_name www.example.com;

    ssl_certificate ...;
    ssl_certificate_key ...;
    ...
}

The default server for https requires a valid certificate. Assuming you have a wildcard certificate - most of the ssl_ statements could be moved into the outer block and be inherited by both server blocks. For example:

ssl_certificate ...;
ssl_certificate_key ...;
ssl_...;

server {
    listen  80 default_server;
    listen  443 ssl default_server;
    return  301 https://www.example.com$request_uri;
}

server {
    listen  443 ssl;
    server_name www.example.com;
    ...
}

See this document for more.

这篇关于Nginx:将非 www 重定向到 www https的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！