In our production configuration, we did not configure the configuration of 80 mandatory jump 443
configuration as follows
server {
listen 80 default_server;
listen 443 ssl;
server_name domain;
server_name_in_redirect off;
ssl_certificate /etc/nginx/ssl/full_chain_rsa.crt;
ssl_certificate_key /etc/nginx/ssl/证书.key;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4:!DH:!DHE;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
}
There is also a forced jump to do
server {
listen 80;
server_name www.domain.com;
rewrite ^(.*)$ https://${server_name}$1 permanent;
}
server {
listen 443;
server_name www.domain.com;
root /home/wwwroot;
ssl on;
ssl_certificate /etc/nginx/certs/server.crt;
ssl_certificate_key /etc/nginx/certs/server.key;
....
}
Read More:
- [Nginx] solution: it can’t be accessed on the background API interface after HTTPS (access the specified port through the domain name)
- [Solved] nginx: [error] open() “/usr/local/nginx/nginx.pid” failed (2: No such file or directory)
- [Solved] Nginx Restart Error: /run/nginx.pid failed (2: No such file or directory)
- Common configuration methods of nginx
- Nginx Startup Error: “/var/run/nginx/nginx.pid” failed” [How to Solve]
- Nginx Error: Swap file “/etc/nginx/.nginx.conf.swp“ already exists
- Fastplanner compilation error: Could not find a package configuration file provided by “cmake_modules”
- Nginx Error: nginx: [emerg] the “ssl“ parameter requires ngx_http_ssl_module in /project/api/nginx.conf:
- Nginx error: nginx: [error] invalid PID number ““ in “/run/nginx.pid“
- summary of configuration and deployment of uwsgi+nginx+flag in centos7 and why internal server error is prompted [official instructions]
- Nginx Startup Error: Job for nginx.service failed because the control process exited with error code
- [Solved] G++ Error: Command ‘g++‘ not found, but can be installed with:
- Solve the problem of 404 Not Found error in nginx accessing dynamic interface
- [Solved] Nginx Startup Error: directive is not allowed here in
- Nginx realizes the same background service for portal and business
- [Solved] ERROR: The kernel module failed to load, because it was not signed by a key that is trusted by the
- Nginx, which is suitable for front-end H5 requests, routes and forwards according to the URL and cuts the URL
- Nginx Error: [emerg] bind() to [::]:80 failed (98: Address already in use)
- Git pull error: Your local changes to the following files would be overwritten by me
- Git error when switching branches: Your local changes to the following files would be overwritten by checkout