NGINX配置之Https配置

现在的https越来越流行,这个未来应该是必备技能了,下面举个Yii2的项目,进行https配置,https证书自己需要准备好,不会的可以看我的文章
下面就是示例配置【仅供参考】

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
server {
listen 443 ssl http2;

ssl_certificate /etc/letsencrypt/live/gowhich.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/gowhich.com/privkey.pem;

ssl_session_timeout 10m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_session_cache builtin:1000 shared:SSL:10m;

resolver 8.8.8.8 8.8.4.4 valid=300s;

resolver_timeout 5s;

server_name www.gowhich.com gowhich.com;

access_log /home/wwwlogs/www.gowhich.com.log access;
error_log /home/wwwlogs/www.gowhich.com.error.log;

index index.html index.htm index.php default.html default.htm default.php;
root /home/wwwroot/www1.gowhich.com/web;

include yii.conf;

if ($host = 'gowhich.com') {
rewrite ^/(.*)$ https://www.gowhich.com/$1 permanent;
}

location ~ [^/]\.php(/|$) {
# comment try_files $uri =404; to enable pathinfo
try_files $uri =404;
fastcgi_pass unix:/tmp/php-cgi.sock;
fastcgi_index index.php;
include fastcgi.conf;
#include pathinfo.conf;
}

location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$ {
expires 30d;
}

location ~ .*\.(js|css)?$ {
expires 12h;
}
}