如果不使用 HTTPS 服务:
server {listen 80;server_name example.com;return 301 http://www.example.com$request_uri;}server {listen 80;server_name www.example.com;location / {proxy_pass http://localhost:8080;proxy_set_header X-Forwared-Proto $scheme;proxy_set_header Host $host;proxy_set_header X-Real-IP $remote_addr;}}
HTTP 默认端口强制跳转 HTTPS 配置
server {listen 80;location / {return 301 https://$host$request_uri;}}server {listen 443 ssl;}
server {listen 80;listen 443 ssl http2 default_server;# 公钥,发送到连接服务器的客户端ssl_certificate cert/example.com.pem;# 私钥,权限要得到保护但 Nginx 的主进程能够读取ssl_certificate_key cert/example.com.key;# 设置 SSL/TLS 会话缓存的类型和大小ssl_session_cache shared:SSL:10m;# 客户端可以重用会话缓存中 SSL 参数的过期时间ssl_session_timeout 10m;ssl_protocols SSLv2 TLSv1 TLSv1.1 TLSv1.2;ssl_ciphers ECDHE-RSA-AES256-SHA384:AES256-SHA256:RC4:HIGH:!MD5:!aNULL:!eNULL:!NULL:!DH:!EDH:!AESGCM;ssl_prefer_server_ciphers on;server_name m.example.com;location /test/ {proxy_pass https://h5.example.com;rewrite /test/(.*) /$1 break;proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;}location / {proxy_pass https://m.example.com;proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;}access_log /var/log/nginx/example.access.log main;}
参考资料: