Nginx 服务器配置文件 nginx.conf 记录

05-09-2019
最近更新于:2022-07-06 16:31:32

Nginx 服务器配置文件 nginx.conf 记录

nginx.conf

 访问 www 返回 @ 域 
# Nginx no-www to www and www to no-www
  return 301 $scheme://domain.com$request_uri;

 重写url地址(隐藏文件扩展名) 
# This 'rewrite' down below working on: / to non-/
  rewrite ^/(.*)/$ /$1 permanent;
  # ../pages/2bfriends/ 200-OK ../pages/2bfriends

  # The "Holy Grail" Solution for Removing ".html" in NGINX:
  # Code in StackOverflow : https://stackoverflow.com/a/38238001/7685506
  if ($request_uri ~ ^/(.*)\.html$) {
  	return 302 /$1;
  }
  # What does "try_files" do?
  try_files $uri $uri.html $uri/ =404;

 通过目录形式访问文件 
if ($request_uri ~ ^/(.*)\.html$) {
  	return 302 /$1;
  }
  #通过目录形式访问文件 $uri.xml
  try_files $uri $uri.html $uri.xml $uri/ =404;  
  if ($request_uri ~ ^/(.*)\.xml$) {
  	return 302 /$1;
  }

 .httpaswd +401自定义 
location ~ ^/path/.*\.pvt|.prv$ {
  	auth_basic "Restricted .pvt.prv files";
  	auth_basic_user_file /etc/nginx/.htpasswd;
  }
  # set customize 401 / Unauthorized-page
  error_page 401 /401.html;location = /401.html {
  	auth_basic off;
  }
  location ~ /\. { deny  all; }


.httpaswd 404 - root 外部访问 
# securing access to a folder - 404 error
  root   /root/cV585m;
  # see: https://www.ruby-forum.com/topic/4411851
  
  location / {
  	index index.php index.html index.htm;
  }

 Let's Encrypt SSL 配置 acme.sh 
listen 443;
  server_name domain.com *.domain.com www.domain.com;
  ssl on  
  ssl_certificate /root/.acme.sh/domain.com/fullchain.cer;
  ssl_certificate_key /root/.acme.sh/domain.com/domain.com.key;

  ssl_session_timeout 5m;
  ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
  ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;
  ssl_prefer_server_ciphers on;

 CORS跨域访问 
#告诉浏览器允许跨域访问的方法
  add_header Access-Control-Allow-Methods *;
  
  # 告诉浏览器缓存OPTIONS预检请求1小时
  add_header Access-Control-Max-Age 3600;
  
  #允许带有cookie访问
  add_header Access-Control-Allow-Credentials true;
  
  #注意 * 不能满足带有cookie的访问,Origin 必须是全匹配,这里通过变量获取
  add_header Access-Control-Allow-Origin $http_origin;
  
  #设置支持所有的自定义请求头
  add_header Access-Control-Allow-Headers $http_access_control_request_headers;

还有些其他日常配置就不提及了。


评论留言

既来之则留之,欢迎在下方留言评论。提交评论后还可以撤销或重新编辑,未发布的留言会被储存在本地以供下次继续编辑(Valine 会自动保存您的评论信息到浏览器)