{"id":439,"date":"2023-10-20T16:33:10","date_gmt":"2023-10-20T08:33:10","guid":{"rendered":"https:\/\/blog.yyspark.com\/?p=439"},"modified":"2023-10-20T16:58:12","modified_gmt":"2023-10-20T08:58:12","slug":"nginx-%e5%8f%8d%e5%90%91%e4%bb%a3%e7%90%86-http-https%e4%ba%8c%e5%90%88%e4%b8%80","status":"publish","type":"post","link":"https:\/\/airlive.online\/index.php\/2023\/10\/20\/nginx-%e5%8f%8d%e5%90%91%e4%bb%a3%e7%90%86-http-https%e4%ba%8c%e5%90%88%e4%b8%80\/","title":{"rendered":"Nginx-\u53cd\u5411\u4ee3\u7406-http-https\u4e8c\u5408\u4e00"},"content":{"rendered":"\n<pre class=\"wp-block-code\"><code>    server\n    {\n        listen 80;\n\tlisten 443 ssl http2;\n        server_name www.yyspark.com; #\u57df\u540d\n        #server_name www.yyspark.com yyspark.com; #\u57df\u540d\n        \n       <strong> #SSL-START SSL\u76f8\u5173\u914d\u7f6e<\/strong>\n        <em><strong>#########\u4e0d\u5e26www\u7684\u7f51\u5740\u8df3\u8f6c\u5230\u5e26www  <\/strong><\/em>   \n        if ( $host !~ ^www ) {\n            return $scheme:\/\/www.$host$request_uri;\n        }\n        <em><strong>#########\u4e0d\u5e26www\u7684\u7f51\u5740\u8df3\u8f6c\u5230\u5e26www <\/strong> <\/em>\n     <em>   <strong>#########HTTP_TO_HTTPS_START<\/strong><\/em>\n        if ($server_port !~ 443)\n        {\n            rewrite ^(\/.*)$ https:\/\/$host$1 permanent;\n        }\n     <em>   <strong><em><strong>#########<\/strong><\/em>HTTP_TO_HTTPS_END<\/strong><\/em>\n        ssl_certificate \/www\/ssl\/yyspark.com.pem;\n        ssl_certificate_key \/www\/ssl\/yyspark.com.key;\n        ssl_protocols TLSv1 TLSv1.1 TLSv1.2;\n        ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;\n        ssl_prefer_server_ciphers on;\n        ssl_session_cache shared:SSL:10m;\n        ssl_session_timeout 10m;\n        error_page 497 https:\/\/$host$request_uri;\n        <strong>#SSL-END SSL\u76f8\u5173\u914d\u7f6e<\/strong>\n \n        location \/\n        {\n            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;\n            proxy_set_header Upgrade $http_upgrade;\n            proxy_set_header Connection $http_connection;\n            proxy_pass https:\/\/yyspark.com:5001;\n        }\n\n    }<\/code><\/pre>\n\n\n\n<h2 class=\"wp-block-heading\">\u4f8b\u5b502\uff1a<\/h2>\n\n\n\n<pre class=\"wp-block-code\"><code>server\n{\n    listen 80;\n\t\tlisten 443 ssl http2;\n    server_name jp.yiyilearning.com;\n    index index.php index.html index.htm default.php default.htm default.html;\n    root \/www\/wwwroot\/jp.yiyilearning.com;\n\n    #SSL-START SSL\u76f8\u5173\u914d\u7f6e\uff0c\u8bf7\u52ff\u5220\u9664\u6216\u4fee\u6539\u4e0b\u4e00\u884c\u5e26\u6ce8\u91ca\u7684404\u89c4\u5219\n    #error_page 404\/404.html;\n    ssl_certificate    \/www\/server\/panel\/vhost\/cert\/jp.yiyilearning.com\/fullchain.pem;\n    ssl_certificate_key    \/www\/server\/panel\/vhost\/cert\/jp.yiyilearning.com\/privkey.pem;\n    ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3;\n    ssl_ciphers EECDH+CHACHA20:EECDH+CHACHA20-draft:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;\n    ssl_prefer_server_ciphers on;\n    ssl_session_cache shared:SSL:10m;\n    ssl_session_timeout 10m;\n    add_header Strict-Transport-Security \"max-age=31536000\";\n    error_page 497  https:\/\/$host$request_uri;\n\n    #SSL-END\n\n#PROXY-START\/\n\nlocation ^~ \/\n{\n    proxy_pass https:\/\/yiyilearning.com:88\/;\n    proxy_set_header Host yiyilearning.com;\n    proxy_set_header X-Real-IP $remote_addr;\n    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;\n    proxy_set_header REMOTE-HOST $remote_addr;\n    proxy_set_header Upgrade $http_upgrade;\n    proxy_set_header Connection $connection_upgrade;\n    proxy_http_version 1.1;\n    # proxy_hide_header Upgrade;\n\n    add_header X-Cache $upstream_cache_status;\n\n    #Set Nginx Cache\n    \n    \n    set $static_fileYLIkKxbl 0;\n    if ( $uri ~* \"\\.(gif|png|jpg|css|js|woff|woff2)$\" )\n    {\n    \tset $static_fileYLIkKxbl 1;\n    \texpires 1m;\n        }\n    if ( $static_fileYLIkKxbl = 0 )\n    {\n    add_header Cache-Control no-cache;\n    }\n}\n\n#PROXY-END\/\n\n    #ERROR-PAGE-START  \u9519\u8bef\u9875\u914d\u7f6e\uff0c\u53ef\u4ee5\u6ce8\u91ca\u3001\u5220\u9664\u6216\u4fee\u6539\n    #error_page 404 \/404.html;\n    #error_page 502 \/502.html;\n    #ERROR-PAGE-END\n\n    #PHP-INFO-START  PHP\u5f15\u7528\u914d\u7f6e\uff0c\u53ef\u4ee5\u6ce8\u91ca\u6216\u4fee\u6539\n    #\u6e05\u7406\u7f13\u5b58\u89c4\u5219\n\n    location ~ \/purge(\/.*) {\n        proxy_cache_purge cache_one $host$1$is_args$args;\n        #access_log  \/www\/wwwlogs\/jp.yiyilearning.com_purge_cache.log;\n    }\n\t#\u5f15\u7528\u53cd\u5411\u4ee3\u7406\u89c4\u5219\uff0c\u6ce8\u91ca\u540e\u914d\u7f6e\u7684\u53cd\u5411\u4ee3\u7406\u5c06\u65e0\u6548\n\tinclude \/www\/server\/panel\/vhost\/nginx\/proxy\/jp.yiyilearning.com\/*.conf;\n\n\tinclude enable-php-00.conf;\n    #PHP-INFO-END\n\n    #REWRITE-START URL\u91cd\u5199\u89c4\u5219\u5f15\u7528,\u4fee\u6539\u540e\u5c06\u5bfc\u81f4\u9762\u677f\u8bbe\u7f6e\u7684\u4f2a\u9759\u6001\u89c4\u5219\u5931\u6548\n    include \/www\/server\/panel\/vhost\/rewrite\/jp.yiyilearning.com.conf;\n    #REWRITE-END\n\n    #\u7981\u6b62\u8bbf\u95ee\u7684\u6587\u4ef6\u6216\u76ee\u5f55\n    location ~ ^\/(\\.user.ini|\\.htaccess|\\.git|\\.env|\\.svn|\\.project|LICENSE|README.md)\n    {\n        return 404;\n    }\n\n    #\u4e00\u952e\u7533\u8bf7SSL\u8bc1\u4e66\u9a8c\u8bc1\u76ee\u5f55\u76f8\u5173\u8bbe\u7f6e\n    location ~ \\.well-known{\n        allow all;\n    }\n\n    #\u7981\u6b62\u5728\u8bc1\u4e66\u9a8c\u8bc1\u76ee\u5f55\u653e\u5165\u654f\u611f\u6587\u4ef6\n    if ( $uri ~ \"^\/\\.well-known\/.*\\.(php|jsp|py|js|css|lua|ts|go|zip|tar\\.gz|rar|7z|sql|bak)$\" ) {\n        return 403;\n    }\n\n    access_log  \/www\/wwwlogs\/jp.yiyilearning.com.log;\n    error_log  \/www\/wwwlogs\/jp.yiyilearning.com.error.log;\n}<\/code><\/pre>\n\n\n\n<h2 class=\"wp-block-heading\">\u4f8b\u5b503<\/h2>\n\n\n\n<pre class=\"wp-block-code\"><code>server\n{\n    listen 80;\n\t\tlisten 443 ssl http2;\n    server_name mv.yiyilearning.com;\n    index index.php index.html index.htm default.php default.htm default.html;\n    root \/www\/wwwroot\/mv.yiyilearning.com;\n\n    #SSL-START SSL\u76f8\u5173\u914d\u7f6e\uff0c\u8bf7\u52ff\u5220\u9664\u6216\u4fee\u6539\u4e0b\u4e00\u884c\u5e26\u6ce8\u91ca\u7684404\u89c4\u5219\n    #error_page 404\/404.html;\n    #HTTP_TO_HTTPS_START\n    if ($server_port !~ 443){\n        rewrite ^(\/.*)$ https:\/\/$host$1 permanent;\n    }\n    #HTTP_TO_HTTPS_END\n    ssl_certificate    \/www\/server\/panel\/vhost\/cert\/mv.yiyilearning.com\/fullchain.pem;\n    ssl_certificate_key    \/www\/server\/panel\/vhost\/cert\/mv.yiyilearning.com\/privkey.pem;\n    ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3;\n    ssl_ciphers EECDH+CHACHA20:EECDH+CHACHA20-draft:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;\n    ssl_prefer_server_ciphers on;\n    ssl_session_cache shared:SSL:10m;\n    ssl_session_timeout 10m;\n    add_header Strict-Transport-Security \"max-age=31536000\";\n    error_page 497  https:\/\/$host$request_uri;\n\n    #SSL-END\n\n#PROXY-START\/\n\nlocation ^~ \/\n{\n    proxy_pass http:\/\/nas.yyspark.com:8096;\n    proxy_set_header Host nas.yyspark.com;\n    proxy_set_header X-Real-IP $remote_addr;\n    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;\n    proxy_set_header REMOTE-HOST $remote_addr;\n    proxy_set_header Upgrade $http_upgrade;\n    proxy_set_header Connection $connection_upgrade;\n    proxy_http_version 1.1;\n    # proxy_hide_header Upgrade;\n\n    add_header X-Cache $upstream_cache_status;\n\n    #Set Nginx Cache\n    \n    \n    if ( $uri ~* \"\\.(gif|png|jpg|css|js|woff|woff2)$\" )\n    {\n    \texpires 1m;\n    }\n    proxy_ignore_headers Set-Cookie Cache-Control expires;\n    proxy_cache cache_one;\n    proxy_cache_key $host$uri$is_args$args;\n    proxy_cache_valid 200 304 301 302 1m;\n}\n\n#PROXY-END\/\n\n    #ERROR-PAGE-START  \u9519\u8bef\u9875\u914d\u7f6e\uff0c\u53ef\u4ee5\u6ce8\u91ca\u3001\u5220\u9664\u6216\u4fee\u6539\n    #error_page 404 \/404.html;\n    #error_page 502 \/502.html;\n    #ERROR-PAGE-END\n\n    #PHP-INFO-START  PHP\u5f15\u7528\u914d\u7f6e\uff0c\u53ef\u4ee5\u6ce8\u91ca\u6216\u4fee\u6539\n    #\u6e05\u7406\u7f13\u5b58\u89c4\u5219\n\n    location ~ \/purge(\/.*) {\n        proxy_cache_purge cache_one $host$1$is_args$args;\n        #access_log  \/www\/wwwlogs\/mv.yiyilearning.com_purge_cache.log;\n    }\n\t#\u5f15\u7528\u53cd\u5411\u4ee3\u7406\u89c4\u5219\uff0c\u6ce8\u91ca\u540e\u914d\u7f6e\u7684\u53cd\u5411\u4ee3\u7406\u5c06\u65e0\u6548\n\tinclude \/www\/server\/panel\/vhost\/nginx\/proxy\/mv.yiyilearning.com\/*.conf;\n\n\tinclude enable-php-00.conf;\n    #PHP-INFO-END\n\n    #REWRITE-START URL\u91cd\u5199\u89c4\u5219\u5f15\u7528,\u4fee\u6539\u540e\u5c06\u5bfc\u81f4\u9762\u677f\u8bbe\u7f6e\u7684\u4f2a\u9759\u6001\u89c4\u5219\u5931\u6548\n    include \/www\/server\/panel\/vhost\/rewrite\/mv.yiyilearning.com.conf;\n    #REWRITE-END\n\n    #\u7981\u6b62\u8bbf\u95ee\u7684\u6587\u4ef6\u6216\u76ee\u5f55\n    location ~ ^\/(\\.user.ini|\\.htaccess|\\.git|\\.env|\\.svn|\\.project|LICENSE|README.md)\n    {\n        return 404;\n    }\n\n    #\u4e00\u952e\u7533\u8bf7SSL\u8bc1\u4e66\u9a8c\u8bc1\u76ee\u5f55\u76f8\u5173\u8bbe\u7f6e\n    location ~ \\.well-known{\n        allow all;\n    }\n\n    #\u7981\u6b62\u5728\u8bc1\u4e66\u9a8c\u8bc1\u76ee\u5f55\u653e\u5165\u654f\u611f\u6587\u4ef6\n    if ( $uri ~ \"^\/\\.well-known\/.*\\.(php|jsp|py|js|css|lua|ts|go|zip|tar\\.gz|rar|7z|sql|bak)$\" ) {\n        return 403;\n    }\n\n    access_log  \/www\/wwwlogs\/mv.yiyilearning.com.log;\n    error_log  \/www\/wwwlogs\/mv.yiyilearning.com.error.log;\n}<\/code><\/pre>\n","protected":false},"excerpt":{"rendered":"<p>\u4f8b\u5b502\uff1a \u4f8b\u5b503<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-439","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"_links":{"self":[{"href":"https:\/\/airlive.online\/index.php\/wp-json\/wp\/v2\/posts\/439","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/airlive.online\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/airlive.online\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/airlive.online\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/airlive.online\/index.php\/wp-json\/wp\/v2\/comments?post=439"}],"version-history":[{"count":6,"href":"https:\/\/airlive.online\/index.php\/wp-json\/wp\/v2\/posts\/439\/revisions"}],"predecessor-version":[{"id":446,"href":"https:\/\/airlive.online\/index.php\/wp-json\/wp\/v2\/posts\/439\/revisions\/446"}],"wp:attachment":[{"href":"https:\/\/airlive.online\/index.php\/wp-json\/wp\/v2\/media?parent=439"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/airlive.online\/index.php\/wp-json\/wp\/v2\/categories?post=439"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/airlive.online\/index.php\/wp-json\/wp\/v2\/tags?post=439"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}