nginx访问http自动跳转https
#user nobody;
worker_processes 1;
#error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
#pid logs/nginx.pid;
#这个指令是指当一个nginx 进程打开的最多文件描述符数目,理论值应该是最多打开文件数(ulimit -n)与nginx 进程数相除,但是nginx 分配请求并不是那么均匀,所以最好与ulimit -n 的值保持一致
#如果nginx 中worker_connections 值设置是1024,worker_processes 值设置是4,按反向代理模式下最大连接数的理论计算公式:
#最大连接数 = worker_processes * worker_connections / 4
#生产环境中worker_connections 建议值最好超过9000,计划将一台nginx 设置为10240,再观察一段时间
worker_rlimit_nofile 65535;
events {
#默认最大的并发数为1024,如果你的网站访问量过大,已经远远超过1024这个并发数,那你就要修改worker_connecions这个值 ,这个值越大,并发数也有就大
worker_connections 10240;
}
http {
# 不显示 nginx 版本号
server_tokens Off;
include mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log logs/access.log main;
sendfile on;
#tcp_nopush on;
keepalive_timeout 65;
#gzip on;
upstream tomcat_servers{
server 10.1.1.1:22080 weight=1;
server 10.1.1.2:22080 weight=1;
server 10.1.1.3:22080 weight=1;
}
server {
listen 80;
listen 9443 ssl;
server_name localhost;
ssl_certificate ../cert/certificate.pem;
ssl_certificate_key ../cert/certificate.key;
ssl_session_timeout 30m;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-CHACHA20-POLY1305;
ssl_prefer_server_ciphers off;
# 控制 HTTP 请求头部的缓冲区大小
large_client_header_buffers 4 16k;
# 开启HTTP严格传输安全HSTS
add_header Strict-Transport-Security "max-age=30000000; preload";
charset utf-8;
#access_log logs/host.access.log main;
if ( $scheme = http ) {
return 301 https://$host:9443$request_uri;
}
location / {
proxy_pass http://tomcat_servers;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;
proxy_redirect http:// https://;
}
location /status668887655678tyuiohghjkjhhjwefjkasdffqwerqwff {
allow 127.0.0.1;
deny all;
stub_status on;
access_log logs/status.log;
auth_basic "NginxStatus";
}
error_page 404 /404.html;
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
}
骑着母猪去打猎的备忘录,如有侵权请联系本人骑着母猪去打猎删除。https://www.cnblogs.com/shichq/p/17747080.html
如果本文对您有所帮助,麻烦在下面评论里面随便敲上那么几下键盘,谢谢了
分类:
nginx
【推荐】国内首个AI IDE,深度理解中文开发场景,立即下载体验Trae
【推荐】编程新体验,更懂你的AI,立即体验豆包MarsCode编程助手
【推荐】抖音旗下AI助手豆包,你的智能百科全书,全免费不限次数
【推荐】轻量又高性能的 SSH 工具 IShell:AI 加持,快人一步
· 【自荐】一款简洁、开源的在线白板工具 Drawnix
· 没有Manus邀请码?试试免邀请码的MGX或者开源的OpenManus吧
· 园子的第一款AI主题卫衣上架——"HELLO! HOW CAN I ASSIST YOU TODAY
· 无需6万激活码!GitHub神秘组织3小时极速复刻Manus,手把手教你使用OpenManus搭建本
· C#/.NET/.NET Core优秀项目和框架2025年2月简报