ubuntu nginx反向代理为LetsEncrypt SSL强制https

gcuhipw9  于 2023-10-17  发布在  Nginx
关注(0)|答案(1)|浏览(142)

我有远程Linux Ubuntu 20运行Nginx反向代理的节点应用程序与最近安装的LetsEncrypt SSL证书,我想对所有请求强制https。目前,HTTP和HTTPS都可以正常工作。我如何更新我的配置以将所有http重定向到https?
协议:IPV4
防火墙:Nginx Full ALLOW Anywhere
节点应用程序位置/var/www/html/mydomain
Nginx配置位置:/etc/nginx/sites-available/default
Nginx配置:

server {
        listen 80 default_server;
        listen [::]:80 default_server;

        root /var/www/html/mydomain;

        # Add index.php to the list if you are using PHP
        index index.html index.htm index.nginx-debian.html;

        server_name mydomain.com www.mydomain.com;

        location ^~ /assets/ {
                gzip_static on;
                expires 12h;
                add_header Cache-Control public;
  }

        location / {
                proxy_http_version 1.1;
                proxy_cache_bypass $http_upgrade;

                proxy_set_header Upgrade $http_upgrade;
                proxy_set_header Connection 'upgrade';
                proxy_set_header Host $host;
                proxy_set_header X-Real-IP $remote_addr;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_set_header X-Forwarded-Proto $scheme;

                proxy_pass http://localhost:3000;
        }

    listen [::]:443 ssl ipv6only=on; # managed by Certbot
    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/gfrweb.site/fullchain.pem; # managed by Certbot

该网站是为HTTP和HTTPS工作,我希望它能重定向到HTTPS的所有HTTP流量。

l0oc07j2

l0oc07j21#

只需将您的http侦听器移动到单个服务器块中,并使用以下命令:

server {
    listen 80 default_server;
    listen [::]:80 default_server;
    server_name mydomain.com www.mydomain.com;
    return 301 https://$host$request_uri;
}

并拆下管路

listen 80 default_server;
        listen [::]:80 default_server;

你的另一个服务器
https://linuxize.com/post/redirect-http-to-https-in-nginx/

相关问题