lnmp服务器配置HTTPS

时间:2021-02-10 04:57:38

server {
  server_name ktsf.weiyou18.com;
  #listen 80;
  listen 443;
  ssl on;
  ssl_certificate /usr/local/nginx/conf/vhost/cert/214819247210150.pem;
  ssl_certificate_key /usr/local/nginx/conf/vhost/cert/214819247210150.key;
  ssl_session_timeout 5m;
  ssl_ciphers ECDHE-RSA-AES256-GCM-SHA512:DHE-RSA-AES256-GCM-SHA512:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384;
  ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
  ssl_prefer_server_ciphers on;

  index index.php index.html index.htm;
  root /home/wwwroot/ktsf/public;
  location /nginx_status {
    stub_status on;
    access_log off;
    allow 127.0.0.1;
    deny all;
  }

  location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$ {
    expires 30d;
  }

  location ~ .*\.(js|css)?$ {
    expires 12h;
  }
  location / {
    if (!-e $request_filename) {
    rewrite ^(.*)$ /index.php?s=/$1 last;
    break;
    }
  }

  location ~ \.php$ {
    fastcgi_pass 127.0.0.1:9000;
    fastcgi_index index.php;
    fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
    fastcgi_param PHP_VALUE open_basedir=/home/wwwroot/ktsf:/tmp/:/proc/;
    include fastcgi_params;
  }

  access_log /home/wwwlog/ktsf/access.log access;
  error_log /home/wwwlog/ktsf/error.log error;
}

相关文章