当你的lnmp后端装了apache,使用wp博客又要用https的时候

作者:阿川 发布时间:February 19, 2017 分类:服务器 点击:6403

今儿个和我朋友测试Wordpress程序,发现在windows的IIS下跑的嗷嗷的,https和http都正常的一塌糊涂.
但是同样在linux下面用LNMPA(nginx前端,apache后端)的时候.CSS与JS不会转换成https.现在记录下过程,方便以后查阅
首先申请一证书,保存好key和csr.将两个文件放入同一目录,比如/usr/local/nginx/conf下面,因为http配置与其他网站无异,所以暂且不记录,我们主要记录不同的配置.
在nginx写如何下配置:

server
    {
 
	listen 443;
	ssl on;
        ssl_certificate /usr/local/nginx/1bundle.crt;
        ssl_certificate_key /usr/local/nginx/2.key;
        ssl_session_timeout 5m;
        ssl_protocols TLSv1 TLSv1.1 TLSv1.2; #按照这个协议配置
        ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;#按照这个套件配置
        ssl_prefer_server_ciphers on;        
	proxy_set_header        X-Forwarded-Proto $scheme;
	add_header              Front-End-Https   on;
 
        server_name yourdomains.com;
 
        index index.html index.htm index.php default.html default.htm default.php;
        root  /home/wwwroot/caipiaopinpai;
 
        location /
        {
            try_files $uri @apache;
        }
 
        location @apache
        {
            internal;
            proxy_pass https://localhost:8081;
            include proxy.conf;
        }
 
        location ~ [^/]\.php(/|$)
        {
            proxy_pass https://localhost:8081;
            include proxy.conf;
        }
 
        location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
        {
            expires      30d;
        }
 
        location ~ .*\.(js|css)?$
        {
            expires      12h;
        }
 
        access_log  /home/wwwlogs/yourdomains.log.log  access;
    }


apache的vhost.conf配置如下
<VirtualHost *:8081>
ServerAdmin webmaster@example.com
php_admin_value open_basedir "/home/wwwroot/www:/tmp/:/var/tmp/:/proc/"
DocumentRoot "/home/wwwroot/www"
ServerName www.yourdomains.com
 
SSLEngine on
SSLCertificateFile    /usr/local/nginx/1bundle.crt
 SSLCertificateKeyFile /usr/local/nginx/2.key
SSLProtocol ALL -SSLv2 -SSLv3
 SSLVerifyClient none
 SSLVerifyDepth 1
 SSLHonorCipherOrder On
 
 
ErrorLog "/home/wwwlogs/www.log-error_log"
CustomLog "/home/wwwlogs/www.log-access_log" common
<Directory "/home/wwwroot/www">
    SetOutputFilter DEFLATE
    Options FollowSymLinks
    AllowOverride All
    Order allow,deny
    Allow from all
    DirectoryIndex index.html index.php
</Directory>
</VirtualHost>

普通情况下,nginx监听的80端口与apache的88端口一同使用,SSL情况下,443端口与8081一起使用.
好了,打完手工

标签: none

添加新评论 »