废话少说,上干货!
1.禁用ip的配置:
# 禁止ip访问
server {
ssl_certificate /usr/local/ssl/flydragon.site_cert_chain.pem; #你的ssl pem
ssl_certificate_key /usr/local/ssl/flydragon.site_key.key; #你的ssl key
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
listen 80 default_server;
listen 443 ssl default_server;
server_name _;
#强制将http的URL重写成https
return 301 https://flydragon.site$request_uri; #修改成你的域名就可以
}
2.同时配置80和443:
server {
listen 80;
#填写绑定证书的域名
server_name flydragon.site;
#charset koi8-r;
# access_log logs/host.access.log main;
#强制将http的URL重写成https
return 301 https://$host$request_uri;
}
# HTTPS server
#
server {
listen 443 ssl;
server_name flydragon.site;
ssl_certificate /usr/local/ssl/flydragon.site_cert_chain.pem;
ssl_certificate_key /usr/local/ssl/flydragon.site_key.key;
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
location / {
root /www/wwwroot/out;
index index.html index.htm;
}
error_page 404 /404/;
location = /404.html {
internal;
}
}
这样配置以后,访问ip时会直接跳转到域名下访问!