例子:域名为bgcc.cc
server {
listen 80;
server_name bgcc.cc,www.bgcc.cc;
return 307 https://bgcc.cc$request_uri;
}
server {
listen 443;
server_name www.bgcc.cc;
return 307 https://bgcc.cc$request_uri;
ssl_prefer_server_ciphers on;
ssl_certificate sslkey/bgcc.cc.pem;
ssl_certificate_key sslkey/bgcc.cc.key;
ssl_protocols TLSv1.1 TLSv1.2;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4:!DH:!DHE;
}
server {
listen 443 ssl;
server_name bgcc.cc;
index index.html index.htm;
access_log /data/logs/bgcc.cc.acc.log access;
error_log /data/logs/bgcc.cc.err.log;
root /data/www;
gzip on; #开启gizip
gzip_buffers 32 4K;#压缩在内存中缓冲32块 每块4K
gzip_comp_level 6 ;#压缩级别 推荐6
gzip_min_length 4000;#开始压缩的最小长度4bit
gzip_types text/css text/xml apploation/x-javascript;#只对CSS、XML、JS文件进行压缩。 默认压缩text/html 不需要指定,否则报错
ssl_prefer_server_ciphers on;
keepalive_timeout 70;
ssl_certificate sslkey/bgcc.cc.pem;
ssl_certificate_key sslkey/bgcc.cc.key;
ssl_protocols TLSv1.1 TLSv1.2;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4:!DH:!DHE;
}
说明:
- 访问http://bgcc.cc 跳到 https://bgcc.cc
- 访问http://www.bgcc.cc 跳到 https://bgcc.cc
- 访问https://www.bgcc.cc 跳到 https://bgcc.cc