# The default server
# conf_file in /etc/nginx/conf.d/
server {
listen 80;
# listen [::]:80 default_server;
server_name yourdomain.com;
root /usr/share/html/www;
rewrite ^(.*)$ https://$host$1 permanent; # http to https
return 301 $scheme://yourdomain.com$request_uri; # www to nonwww
# Load configuration files for the default server block.
include /etc/nginx/default.d/*.conf;
location / { # WP URL 结构伪静态
#root /usr/share/html/www;
index index.html index.htm index.php;
if (-f $request_filename/index.html){
rewrite (.*) $1/index.html break;
}
if (-f $request_filename/index.php){
rewrite (.*) $1/index.php;
}
if (!-f $request_filename){
rewrite (.*) /index.php;
}
}
# rewrite /wp-admin$ $scheme://$host$uri/ permanent; # wp_admin
# error_page 404 https://yourdomain.com/if404; # 自定义 404 页面
error_page 404 /404.html;
location = /40x.html {
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
location ~ \.php$ {
root html;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
#fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
fastcgi_param SCRIPT_FILENAME /root/yourpath$fastcgi_script_name;
include fastcgi_params;
}
# https 443 监听
listen 443 ssl;
ssl_certificate /cert/yourdomain.com.pem;
ssl_certificate_key /cert/yourdomain.com.key;
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
# 启用 OCSP Stapling
ssl_stapling on;
ssl_stapling_verify on;
ssl_trusted_certificate /path/to/your/chain.crt;
resolver 8.8.8.8 8.8.4.4 1.1.1.1 223.5.5.5 valid=30s ipv6=off;
resolver_timeout 10s;
}
友情提示:本站所有文章,如无特殊说明或标注,均为何星星原创发布。与此同时,趋于近年来本站的文章内容频繁被他站盗用与机器采集,现已全局禁用网站文字内容操作,了解详情或转载文章请 点此 继续!
0 条评论