Has*_*aig 2 nginx django redirect 301-redirect
我正在开发一个带有 nginx 反向代理和 Gunicorn 应用服务器的 Django 应用程序。作为一名新手 Web 开发人员,我需要将www流量重定向到no wwwWeb 服务器级别的帮助。我目前正在应用程序内的中间件级别执行相同的操作,但需要提高性能。
目前我的nginx虚拟主机文件布局如下:
proxy_cache_path /var/cache/nginx levels=1:2 keys_zone=my_cache:10m max_size=100m inactive=6m;
upstream my_server {
server unix:/home/myuser/myproject/myfolder/myproject.sock fail_timeout=0;
}
server {
listen 80;
server_name example.com www.example.com;
# a bunch of 'location' blocks e.g. 'location /' or 'location @http_proxy_to_app', etc.
}
server {
listen 443 ssl;
server_name example.com www.example.com;
# SSL related stuff
# a bunch of 'location' blocks e.g. 'location /' or 'location @http_proxy_to_app', etc.
}
在这种情况下,我如何将www 重定向到 no-www?我见过的大多数示例都解释说我需要server在顶部添加一个专用块,如下所示:
server {
server_name www.example.com;
return 301 $scheme://example.com$request_uri;
}
其他建议是在我的服务器块(内部)中包含类似以下内容location /。我不确定这是否与反向代理相关代码兼容:
if ($host ~* ^www\.(.*)$) {
rewrite / $scheme://$1 permanent;
}
作为一个新手,我想确认使用哪种做法(以及为什么),考虑到我的 nginx 文件当前的布局方式,因此出现了这个问题。
这是我的实际配置:
server {
server_name example.com;
listen 443 ssl;
#ssl_certificate /etc/ssl/certs/ssl-bundle.crt;
ssl_certificate /etc/nginx/ssl/cert_chain.crt;
#ssl_certificate_key /etc/ssl/myserver.key;
ssl_certificate_key /etc/nginx/ssl/server.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
#ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
#ssl_ciphers ECDH+AESGCM:ECDH+AES256:ECDH+AES128:DH+3DES:!ADH:!AECDH:!MD5;
ssl_session_cache shared:SSL:1250m;
ssl_session_timeout 180m;
ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:ECDHE-RSA-AES128-GCM-SHA256:AES256+EECDH:DHE-RSA-AES128-GCM-SHA256:AES256+EDH:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4";
ssl_dhparam /etc/ssl/certs/dhparam.pem;
ssl_stapling on;
ssl_stapling_verify on;
#ssl_trusted_certificate /etc/ssl/COMODO_DV_SHA-2_under_SHA-2root.crt;
ssl_trusted_certificate /etc/nginx/ssl/example_com.ca-bundle;
# write error log file for https errors:
error_log /var/log/nginx/https-error_log warn;
location ~* \.(?:ico|css|js|gif|jpe?g|png)$ { root /home/myuser/myproj/myapp; expires 24h; add_header Vary Accept-Encoding; access_log off; }
.... more config to follow ...
}
处理http://example.com、https://example.com、http://www.example.com和https://www.example.com的 Web 服务器的首选设置如下,当example.com域和首选 https:
server {
server_name example.com www.example.com;
listen 80;
return 301 https://example.com$request_uri;
}
server {
server_name www.example.com;
listen 443 ssl;
return 301 https://example.com$request_uri;
}
server {
server_name example.com;
listen 443 ssl;
... actual server configuration ...
}
在此设置中,只有一个实际 URLhttps://example.com可用于访问网站内容,这有利于索引。在您当前的设置中,所有网址都提供相同的网站内容,这会导致 Google 出现重复问题。
为重定向定义单独的虚拟主机是首选方法,因为评估该if语句会导致对已进入正确虚拟主机块的请求进行重复工作。
| 归档时间: |
|
| 查看次数: |
2450 次 |
| 最近记录: |