#添加支持PHP 80端口自动跳转443
server {
listen 80;
server_name www.wangfeng.live;
rewrite ^(.*) https://$server_name$1 permanent; #跳转到443
}
server {
ssl_certificate /etc/nginx/cert/www.wangfeng.live.pem; #证书.pem
ssl_certificate_key /etc/nginx/cert/www.wangfeng.live.key; #证书.key
ssl_session_cache shared:SSL:1m; #设置储存SSL会话的缓存类型和大小。
ssl_session_timeout 10m; #设置客户端能够反复使用储存在缓存中的会话参数时间。
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; #使用此加密套件。
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; #使用该协议进行配置。
ssl_prefer_server_ciphers on; #依赖SSLv3和TLSv1协议的服务器密码将优先于客户端密码。
server_tokens off; #隐藏版本号
listen 443 ssl http2 default_server;
listen [::]:443 ssl http2 default_server;
server_name www.wangfeng.live;
root /var/www/wordpress;
index index.php index.html;
location / {
if (-f $request_filename/index.html){
rewrite (.*) $1/index.html break;
}
if (-f $request_filename/index.php){
rewrite (.*) $1/index.php;
}
if (!-f $request_filename){
rewrite (.*) /index.php;
}
}
error_page 404 /404.html;
location = /40x.html {
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
location ~ \.php$ {
root /var/www/wordpress;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
index index.html index.php index.htm;
}
}