https://www.chuhu.com/document/20160705-366.html
Apache配置
保留之前的80端口的站点配置:
1
2
3
4
5
6
7
8
|
<VirtualHost *:80> ServerAdmin webmaster@chuhu.net DocumentRoot "/opt/lampp/htdocs" ServerName chuhu.net ServerAlias www.chuhu.net ErrorLog "logs/dummy-www.chuhu.net-error_log" CustomLog "logs/dummy-www.chuhu.net-access_log" common < /VirtualHost > |
复制一份,修改配制成如下:
1
2
3
4
5
6
7
8
9
10
11
|
<VirtualHost *:443> ServerAdmin webmaster@chuhu.net DocumentRoot "/opt/lampp/htdocs" ServerName chuhu.net ServerAlias www.chuhu.net SSLEngine on SSLCertificateFile /etc/letsencrypt/live/chuhu .net /fullchain .pem SSLCertificateKeyFile /etc/letsencrypt/live/chuhu .net /privkey .pem ErrorLog "logs/dummy-www.chuhu.net-error_log" CustomLog "logs/dummy-www.chuhu.net-access_log" common < /VirtualHost > |
重启下web服务,访问https://chuhu.net即可。
https://www.v2ex.com/t/310130
nginx 配置文件
打开你的 nginx 配置文件,我的是:/usr/local/nginx/conf/vhost/inotepad.cn.conf
。
修改记录:
server
{
listen 80;
server_name www.inotepad.cn inotepad.cn;
return 301 https://$server_name$request_uri; #非 http 跳转到 https
}
server
{
listen 443 ssl;
ssl on;
ssl_certificate /etc/letsencrypt/live/inotepad.cn/fullchain.pem; #Nginx 所需要 ssl_certificate 文件
ssl_certificate_key /etc/letsencrypt/live/inotepad.cn/privkey.pem; #安全证书 KEY 文件
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers AES256+EECDH:AES256+EDH:!aNULL;
server_name www.inotepad.cn inotepad.cn;
index index.html index.htm index.php default.html default.htm default.php;
root /home/wwwroot/notepad;
[...] #更多的配置
}
apache的虚拟域名rewrite配置以及.htaccess的使用。
https://blog.csdn.net/zls986992484/article/details/52878482
Rewirte主要的功能就是实现URL的跳转,隐藏URL真实地址,可以帮组我们实现拟静态,拟目录,域名跳转,防止盗链,搜索引擎得收录等。Rewirte配置可以通过服务器级的(httpd.conf)和目录级的 (.htaccess)两种方式实现。
https://blog.csdn.net/qq_36031499/article/details/54317366
https://www.cnblogs.com/pirlo21/p/6963463.html
增加 Nginx 虚拟主机
配置 Virtual host 步骤如下:
1. 进入 nginx的安装目录,我的目录是在/usr/local/nginx,找到nginx 的配置文件/usr/local/nginx/conf/nginx.conf并打开,在http{}范围引入虚拟主机配置文件如下:
include vhost/*.conf; |
2. 在/usr/local/nginx/conf/vhost目录下,创建对应虚拟主机的配置文件 www.demo.com.conf (文件格式{域名}.conf),每个虚拟主机(域名)对应一个配置文件。打开配置文件, 添加服务如下:
server { listen 80; server_name www.demo.com; location / { root /var/www/demo; index index.html index.htm index.php; } //日志保存方式以及存放位置 log_format www.demo.com '$remote_addr - $remote_user [$time_local] $request' '$status $body_bytes_sent $http_referer ' '$http_user_agent $http_x_forwarded_for'; access_log /var/log/www.demo.com.log www.demo.com; //支持php,这里使用的是 FastCGI, 修改如下 location ~ .*\.(php|php5)?$ { #网站目录 root /var/www/test; #phpcgi端口,默认9000 fastcgi_pass 127.0.0.1:9000; fastcgi_index index.php; #document_root指向的就是网站目录 fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; include fastcgi_params; } } |
4. 重启 Nginx 服务, 执行以下语句.
/etc/init.d/nginx reload |
图片防盗链
图片作为重要的耗流量大的静态资源, 可能网站主并不希望其他网站直接引用, Nginx 可以通过 referer 来防止外站盗链图片.
server { listen 80; server_name demo.neoease.com; index index.html index.htm index.php; root /var/www/demo_neoease_com; # 这里为图片添加为期 1 年的过期时间, 并且禁止 Google, 百度和本站之外的网站引用图片 location ~ .*\.(ico|jpg|jpeg|png|gif)$ { expires 1y; valid_referers none blocked demo.neoease.com *.google.com *.baidu.com; if ($invalid_referer) { return 404; } } log_format demo.neoease.com '$remote_addr - $remote_user [$time_local] $request' '$status $body_bytes_sent $http_referer ' '$http_user_agent $http_x_forwarded_for'; access_log /var/log/demo.neoease.com.log demo.neoease.com; } |
WordPress 伪静态配置
如果将 WordPress 的链接结构设定为 /%postname%/
, /%postname%.html
等格式时, 需要 rewrite URL, WordPress 提供 Apache 的 .htaccess 修改建议, 但没告知 Nginx 该如何修改. 我们可以将 WordPress 的虚拟主机配置修改如下:
server { listen 80; server_name demo.neoease.com; index index.html index.htm index.php; root /var/www/demo_neoease_com; location / { if (-f $request_filename/index.html){ rewrite (.*) $1/index.html break; } if (-f $request_filename/index.php){ rewrite (.*) $1/index.php; } if (!-f $request_filename){ rewrite (.*) /index.php; } } rewrite /wp-admin$ $scheme://$host$uri/ permanent; location ~ .*\.(php|php5)?$ { fastcgi_pass unix:/tmp/php-cgi.sock; fastcgi_index index.php; include fcgi.conf; } log_format demo.neoease.com '$remote_addr - $remote_user [$time_local] $request' '$status $body_bytes_sent $http_referer ' '$http_user_agent $http_x_forwarded_for'; access_log /var/log/demo.neoease.com.log demo.neoease.com; } |