问题描述
我试图让一些网址的工作HTTPS。但似乎HTTPS云无处不在。在细节,我已经在Nginx的创建虚拟主机2。第一虚拟主机与端口80和另一个与包含SSL的443。现在我的网站.i.e domain.com适用于HTTP和HTTPS,这不是我想要的。我想在一个工作某些URL的HTTPS我在Nginx的虚拟主机规则规定。
I'm trying to get the https working with some urls. but it seems that the https goes everywhere. In details, I have created 2 vhosts on Nginx. The first virtual host with port 80 and the other one with 443 containing SSL. now my site .i.e domain.com works for both http and https and this is not what I want. I want the https working on one some urls I specify with rules in Nginx vhost.
主要的问题是,当我尝试,我得到我的主网站先用HTTP然后当我去到包含https开头secure_area一个URL,它工作正常。但是,每当我在我的网站,别的地方去后,https的坚持去做其他所有网址。
The main issue is when I try that I get my main site first with http then when I go to a url that contains https "secure_area", it works fine. However, whenever I go after that somewhere else in my site, the https keep going on all other urls.
这里是我的443的虚拟主机配置:
ssl_session_cache共享:SSL:5米;
add_header严格,运输和安全最大年龄= 31536000; includeSubDomains;
ssl_session_cache shared:SSL:5m;add_header Strict-Transport-Security "max-age=31536000; includeSubDomains";
server {
listen 443 ssl spdy;
listen [::]:443 ssl spdy;
#server_name www.mydomain.com;
ssl_session_timeout 5m;
root /vars/www/public_html/;
index index.php index.html index.htm;
ssl_certificate /path_to_ssl/certificate.pem;
ssl_certificate_key /path_to_key/server.key;
ssl_ciphers 'ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS';
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
location / {
try_files $uri $uri/ /index.php;
}
location ~ \.php$ {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host $host;
proxy_pass http://127.0.0.1:8080;
}
location ~ /\.ht {
deny all;
}
# Serve static files directly
location ~* \.(png|jpe?g|gif|ico)$ {
expires 1y; access_log off; try_files $uri $uri/ @rewrite; gzip off;
}
location ~* \.(css)$ {
expires 1d; access_log off;
}
location ~* \.(js)$ {
expires 1h; access_log off;
}
location /secure_area/ {
auth_basic "Restricted";
auth_basic_user_file htpasswd;
rewrite ^ https://$http_host$request_uri? permanent;
}
}
这里是我80虚拟主机配置:
server {
listen 80 default_server;
server_name mydomain.com;
return 301 http://www.mydomain.com;
}
server {
listen 80;
server_name www.mydomain.com;
root /vars/www/public_html/;
index index.php index.html index.htm;
location / {
try_files $uri $uri/ /index.php;
}
location ~ \.php$ {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host $host;
proxy_pass http://127.0.0.1:8080;
}
location ~ /\.ht {
deny all;
}
location /secure_area/ {
rewrite ^ https://$http_host$request_uri? permanent;
}
}
的情况下,没有人注意到,Nginx的是在前端的Apache
现在没有任何人有任何想法如何强制HTTPS仅适用于某些URL,并在我的情况secure_area并强制HTTP上的所有其他网址吗?
now does anyone have any idea how to force https only on some urls and in my case secure_area and force http on all other urls?
感谢
推荐答案
您可以告诉SSL服务器,如果被访问的任何其他的URL回重定向到 HTTP
You can tell the SSL server to redirect back to http
if any other URL is visited
server {
listen 80;
server_name example.com;
# normal http settings
location /secure_area/ {
return 301 https://$http_host$request_uri$is_args$query_string;
}
}
server {
listen 443 ssl spdy;
server_name example.com;
# ssl settings;
location /secure_area/ {
#serve secure area content
}
location / {
return 301 http://$http_host$request_uri$is_args$query_string;
}
}
这篇关于只有对nginx的特定URL重定向HTTPS的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!