Nginx Rewrite相关功能-自动跳转https
作者:尹正杰
版权声明:原创作品,谢绝转载!否则将追究法律责任。
一.编写配置文件
1>.编辑主配置文件
[root@node101.yinzhengjie.org.cn ~]# cat /yinzhengjie/softwares/nginx/conf/nginx.conf
worker_processes 4;
worker_cpu_affinity 00000001 00000010 00000100 00001000;
events {
worker_connections 100000;
use epoll;
accept_mutex on;
multi_accept on;
}
http {
include mime.types;
default_type text/html;
server_tokens off;
charset utf-8;
log_format my_access_json '{"@timestamp":"$time_iso8601",' '"host":"$server_addr",' '"clientip":"$remote_addr",' '"size":$body_bytes_sent,' '"re
sponsetime":$request_time,' '"upstreamtime":"$upstream_response_time",' '"upstreamhost":"$upstream_addr",' '"http_host":"$host",' '"uri":"$uri",' '"domain":"$host",' '"xff":"$http_x_forwarded_for",' '"referer":"$http_referer",' '"tcp_xff":"$proxy_protocol_addr",' '"http_user_agent":"$http_user_agent",' '"status":"$status"}';
access_log logs/access_json.log my_access_json;
ssl_certificate /yinzhengjie/softwares/nginx/certs/www.yinzhengjie.org.cn.crt;
ssl_certificate_key /yinzhengjie/softwares/nginx/certs/www.yinzhengjie.org.cn.key;
ssl_session_cache shared:sslcache:20m;
ssl_session_timeout 10m;
include /yinzhengjie/softwares/nginx/conf.d/*.conf;
}
[root@node101.yinzhengjie.org.cn ~]#
[root@node101.yinzhengjie.org.cn ~]#
[root@node101.yinzhengjie.org.cn ~]# nginx -t
nginx: the configuration file /yinzhengjie/softwares/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /yinzhengjie/softwares/nginx/conf/nginx.conf test is successful
[root@node101.yinzhengjie.org.cn ~]#
[root@node101.yinzhengjie.org.cn ~]#
2>.编辑子配置文件
[root@node101.yinzhengjie.org.cn ~]# cat /yinzhengjie/softwares/nginx/conf.d/node101_yinzhengjie_org.cn.conf
server {
listen 80;
listen 443 ssl;
server_name node101.yinzhengjie.org.cn;
location / {
root /yinzhengjie/data/web/nginx/static;
index index.html;
#一定要加这个判断条件,否则会导致死循环哟
if ( $scheme = http ){
rewrite / https://node101.yinzhengjie.org.cn permanent;
}
}
location = /favicon.ico {
root /yinzhengjie/data/web/nginx/images/jd;
}
}
[root@node101.yinzhengjie.org.cn ~]#
[root@node101.yinzhengjie.org.cn ~]# nginx -t
nginx: the configuration file /yinzhengjie/softwares/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /yinzhengjie/softwares/nginx/conf/nginx.conf test is successful
[root@node101.yinzhengjie.org.cn ~]#
二.准备测试数据并启动服务
1>.准备测试数据
[root@node101.yinzhengjie.org.cn ~]# mkdir -pv /yinzhengjie/data/web/nginx/static mkdir: created directory ‘/yinzhengjie/data/web/nginx’ mkdir: created directory ‘/yinzhengjie/data/web/nginx/static’ [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# echo "<h1>node101.yinzhengjie.org.cn</h1>" > /yinzhengjie/data/web/nginx/static/index.html [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# cat /yinzhengjie/data/web/nginx/static/index.html <h1>node101.yinzhengjie.org.cn</h1> [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# mkdir -pv /yinzhengjie/data/web/nginx/images/jd mkdir: created directory ‘/yinzhengjie/data/web/nginx/images’ mkdir: created directory ‘/yinzhengjie/data/web/nginx/images/jd’ [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# wget https://www.jd.com/favicon.ico -O /yinzhengjie/data/web/nginx/images/jd/favicon.ico --2019-12-24 14:52:37-- https://www.jd.com/favicon.ico Resolving www.jd.com (www.jd.com)... 220.194.105.131, 2408:8710:20:1140:8000::3 Connecting to www.jd.com (www.jd.com)|220.194.105.131|:443... connected. HTTP request sent, awaiting response... 200 OK Length: 25214 (25K) [image/x-icon] Saving to: ‘/yinzhengjie/data/web/nginx/images/jd/favicon.ico’ 100%[===========================================================================================================>] 25,214 --.-K/s in 0.002s 2019-12-24 14:52:37 (13.2 MB/s) - ‘/yinzhengjie/data/web/nginx/images/jd/favicon.ico’ saved [25214/25214] [root@node101.yinzhengjie.org.cn ~]# [root@node101.yinzhengjie.org.cn ~]# ll /yinzhengjie/data/web/nginx/images/jd/favicon.ico -rw-r--r-- 1 root root 25214 Mar 25 2016 /yinzhengjie/data/web/nginx/images/jd/favicon.ico [root@node101.yinzhengjie.org.cn ~]#
2>.启动服务
[root@node101.yinzhengjie.org.cn ~]# ss -ntl
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 *:22 *:*
LISTEN 0 128 :::22 :::*
[root@node101.yinzhengjie.org.cn ~]#
[root@node101.yinzhengjie.org.cn ~]# nginx
[root@node101.yinzhengjie.org.cn ~]#
[root@node101.yinzhengjie.org.cn ~]# ss -ntl
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 *:80 *:*
LISTEN 0 128 *:22 *:*
LISTEN 0 128 *:443 *:*
LISTEN 0 128 :::22 :::*
[root@node101.yinzhengjie.org.cn ~]#
[root@node101.yinzhengjie.org.cn ~]#
三.浏览器访问nginx
[root@node101.yinzhengjie.org.cn ~]# curl -L -k -i http://node101.yinzhengjie.org.cn HTTP/1.1 301 Moved Permanently Server: yinzhengjie2019 Date: Tue, 24 Dec 2019 06:58:44 GMT Content-Type: text/html Content-Length: 178 Connection: keep-alive Location: https://node101.yinzhengjie.org.cn HTTP/1.1 200 OK Server: yinzhengjie2019 Date: Tue, 24 Dec 2019 06:58:44 GMT Content-Type: text/html; charset=utf-8 Content-Length: 36 Last-Modified: Tue, 24 Dec 2019 06:49:09 GMT Connection: keep-alive ETag: "5e01b4e5-24" Accept-Ranges: bytes <h1>node101.yinzhengjie.org.cn</h1> [root@node101.yinzhengjie.org.cn ~]#
