server {
listen 80;
rewrite ^(.*)$ https://$server_name$1 permanent;
server_name example.com;
if ( "$host" != 'example.com' ){
rewrite ^/(.*)$ http://example.com/$1 permanent;
}
access_log logs/web.log main;
location / {
root web目录;
index index.php index.html ;
}
location ~ \.php$ {
root web目录;
fastcgi_pass unix:/dev/shm/php-fpm.socket;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME web目录$fastcgi_script_name;
include fastcgi_params;
}
}
server {
listen 443;
ssl on;
ssl_certificate /usr/local/data/nginx/conf/https.pem;
ssl_certificate_key /usr/local/data/nginx/conf/https.key;
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
access_log logs/access_web.log;
location / {
root web目录;
index index.php index.html;
}
location ~ \.php$ {
root web目录;
fastcgi_pass unix:/dev/shm/php-fpm.socket;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME web目录$fastcgi_script_name;
include fastcgi_params;
}
}
注意
rewrite ^(.*)$ https://$server_name$1 permanent;
这里是强制重定向,去掉以后http和https 都能同时访问
本文转自 shouhou2581314 51CTO博客,原文链接:http://blog.51cto.com/thedream/1933409,如需转载请自行联系原作者
