Nginx: Redirect non-www to www https

2019-01-06 21:36发布

站内问答 / 移动开发
802 1 4

I have my below nginx config, I'm trying to redirect everything to https://www regardless of what comes in for example http://example.com, http://www.example.com or https://example.com.

I've looked at numerous topics on SO and tried a couple of things but still stumped, I can't ever get https://example.com to redirect to the https://www pattern!?

server {
    listen          80;
    listen          443 ssl;
    server_name     example.com;
    return          301 https://www.example.com$request_uri;
}

server {
    listen       443 ssl;

    ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_prefer_server_ciphers on;
    ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
    ssl_dhparam /etc/nginx/ssl/dhparams.pem;
    ssl_session_timeout 30m;
    ssl_session_cache shared:SSL:10m;
    ssl_buffer_size 8k;
    add_header Strict-Transport-Security max-age=31536000;

    root         /usr/share/nginx/html;

    # Load configuration files for the default server block.
    include /etc/nginx/default.d/*.conf;

    location / {
    }

    error_page 404 /404.html;
        location = /40x.html {
    }

    error_page 500 502 503 504 /50x.html;
        location = /50x.html {
    }
}

标签: nginx
举报
1条回答
倾城 Initia
2楼-- · 2019-01-06 21:49

Make one server block a default server and give the other server block the one true server_name.

server {
    listen  80 default_server;
    listen  443 ssl default_server;

    ssl_certificate ...;
    ssl_certificate_key ...;
    return  301 https://www.example.com$request_uri;
}

server {
    listen  443 ssl;
    server_name www.example.com;

    ssl_certificate ...;
    ssl_certificate_key ...;
    ...
}

The default server for https requires a valid certificate. Assuming you have a wildcard certificate - most of the ssl_ statements could be moved into the outer block and be inherited by both server blocks. For example:

ssl_certificate ...;
ssl_certificate_key ...;
ssl_...;

server {
    listen  80 default_server;
    listen  443 ssl default_server;
    return  301 https://www.example.com$request_uri;
}

server {
    listen  443 ssl;
    server_name www.example.com;
    ...
}

See this document for more.

查看更多
0人赞 添加讨论(0) 举报
登录 后发表回答
相关问题
查看全部
相关文章
查看全部
收藏的人(4)