Tag Archives: Nginx configuration 80

Nginx configuration 80 can be accessed by forcing jump 443 or not

In our production configuration, we did not configure the configuration of 80 mandatory jump 443
configuration as follows

server {
  listen 80 default_server;
  listen 443 ssl;
  server_name domain;
  server_name_in_redirect off;
  ssl_certificate /etc/nginx/ssl/full_chain_rsa.crt;
  ssl_certificate_key /etc/nginx/ssl/证书.key;
  ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4:!DH:!DHE;
  ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
}

There is also a forced jump to do

server {
    listen 80;
    server_name www.domain.com;
    rewrite ^(.*)$ https://${server_name}$1 permanent; 
}
server {
    listen 443;
    server_name www.domain.com;
    root /home/wwwroot;
    ssl on;
    ssl_certificate /etc/nginx/certs/server.crt;
    ssl_certificate_key /etc/nginx/certs/server.key;
    ....
}