NGINX將單個HTTPS URL重寫爲HTTP

Question

在我的NGINX服務器上，我將所有非SSL流量重定向到我的SSL站點。現在

，我想有此排除單個URL，具體如下： HTTPS：//pyronexus.com/forum/pages.php，一切都附加到pages.php，如pages.php頁= blahblah重定向到HTTP：//pyronexus.com/forum/pages.php等

我的配置文件看起來像這樣，到目前爲止，但我已經沒有地讓我重寫這一單一運氣好的話網址工作。

server { 
    server_name 
     www.pyronexus.com 
    ; 

    listen 80 default; 
    listen 443 ssl; 

    ssl_certificate ssl/pyronexus.com.crt; 
    ssl_certificate_key ssl/pyronexus.com.key; 

    return 301 https://pyronexus.com$request_uri; 
} 

server { 
    server_name 
     pyronexus.com 
    ; 

    listen 80; 
    listen 443 default ssl; 

    ssl_certificate ssl/pyronexus.com.crt; 
    ssl_certificate_key ssl/pyronexus.com.key; 

    root /home/nginx/pyronexus.com/public; 
    index index.html index.php; 

    access_log /home/nginx/pyronexus.com/logs/access.log; 
    error_log /home/nginx/pyronexus.com/logs/error.log; 

    include php.conf; 
    include mime.types; 

    location /forum/ { 
     #include pyronexus-naxsi.rules; 
     rewrite ^/forum/forum-([0-9]+)\.html$ /forum/forumdisplay.php?fid=$1; 
     rewrite ^/forum/forum-([0-9]+)-page-([0-9]+)\.html$ /forum/forumdisplay.php?fid=$1&page=$2; 
     rewrite ^/forum/thread-([0-9]+)\.html$ /forum/showthread.php?tid=$1; 
     rewrite ^/forum/thread-([0-9]+)-page-([0-9]+)\.html$ /forum/showthread.php?tid=$1&page=$2; 
     rewrite ^/forum/thread-([0-9]+)-lastpost\.html$ /forum/showthread.php?tid=$1&action=lastpost; 
     rewrite ^/forum/thread-([0-9]+)-nextnewest\.html$ /forum/showthread.php?tid=$1&action=nextnewest; 
     rewrite ^/forum/thread-([0-9]+)-nextoldest\.html$ /forum/showthread.php?tid=$1&action=nextoldest; 
     rewrite ^/forum/thread-([0-9]+)-newpost\.html$ /forum/showthread.php?tid=$1&action=newpost; 
     rewrite ^/forum/thread-([0-9]+)-post-([0-9]+)\.html$ /forum/showthread.php?tid=$1&pid=$2; 
     rewrite ^/forum/post-([0-9]+)\.html$ /forum/showthread.php?pid=$1; 
     rewrite ^/forum/announcement-([0-9]+)\.html$ /forum/announcements.php?aid=$1; 
     rewrite ^/forum/user-([0-9]+)\.html$ /forum/member.php?action=profile&uid=$1; 
     rewrite ^/forum/calendar-([0-9]+)\.html$ /forum/calendar.php?calendar=$1; 
     rewrite ^/forum/calendar-([0-9]+)-year-([0-9]+)\.html$ /forum/calendar.php?action=yearview&calendar=$1&year=$2; 
     rewrite ^/forum/calendar-([0-9]+)-year-([0-9]+)-month-([0-9]+)\.html$ /forum/calendar.php?calendar=$1&year=$2&month=$3; 
     rewrite ^/forum/calendar-([0-9]+)-year-([0-9]+)-month-([0-9]+)-day-([0-9]+)\.html$ /forum/calendar.php?action=dayview&calendar=$1&year=$2&month=$3&day=$4; 
     rewrite ^/forum/calendar-([0-9]+)-week-(n?[0-9]+)\.html$ /forum/calendar.php?action=weekview&calendar=$1&week=$2; 
     rewrite ^/forum/event-([0-9]+)\.html$ /forum/calendar.php?action=event&eid=$1; 
     rewrite ^/forum/archive/index\.php/forum-([0-9]+)\.html$ /forum/archive/index.php?forum-$1.html; 
     rewrite ^/forum/archive/index\.php/thread-([0-9]+)\.html$ /forum/archive/index.php?thread-$1.html; 
    } 

    location ~ /forum/(inc) { 
     deny all; 
    } 
} 

我試圖重寫規則是這樣的，但我仍然得到交手這些規則是如何工作的：

rewrite ^https://pyronexus.com/forum/pages\.php(.*)$ http://pyronexus.com/forum/pages.php$1; 

Answer 1

1. 爲您的網站打開的配置，我的是/etc/nginx/sites-enabled/pyronexus.com。 添加以下服務器的指令，調節變量需要：

   server { 
       server_name 
        www.your-site.com 
       ; 
   
       listen 80; 
       listen 443 ssl; 
   
       ssl_certificate ssl/your-certificate.crt; 
       ssl_certificate_key ssl/your-certificate.key; 
   
       return 301 https://your-site.com$request_uri; 
   } 
   

   該指令將迫使任何WWW連接，無論是通過SSL或者非SSL，以非www。

2. 添加另一條指令。儘管在此指令中您可以添加任何不想啓用SSL的頁面的排除項。位置〜/ {}指令之前添加它們（我已經包括在有一個實例，其不包括從http://your-site.com/forum/pages.php HTTPS連接）：

   server { 
       server_name 
        your-site.com 
       ; 
   
       listen 80 default; 
   
       root /your/site/root; 
   
       access_log /your/logs/location/access.log; 
       error_log /your/logs/location/error.log; 
   
       include global.conf; 
   
       # This excludes forum/pages.php from being forced through HTTPS 
       location ~ ^/forum/pages\.php$ { 
        include php.conf; 
       } 
   
       # This will force any http:// connections through https:// 
       location ~/{ 
        return 301 https://your-site.com$request_uri; 
       } 
   } 
   

3. 添加第三和最終指令。這是處理所有SSL連接的指令。你需要把你在這裏也把上述任何排除，並重定向人們HTTP連接：

   server { 
       server_name 
        your-site.com 
       ; 
   
       listen 443 default ssl; 
   
       ssl_certificate ssl/your-site.crt; 
       ssl_certificate_key ssl/your-site.key; 
   
       root /your/site/root; 
   
       access_log /your/logs/location/access.log; 
       error_log /your/logs/location/error.log; 
   
       include global.conf; 
   
       # This will force forum/pages.php through http:// 
       location ~ ^/forum/pages\.php$ { 
        return 301 http://your-site.com$request_uri; 
       } 
   
       include php.conf; 
   } 
   

這就是它！測試你的配置！

如果你想知道什麼是我的global.conf和php.conf，那麼在這裏，他們是：

global.conf：

# Tries to access the file directly before handing over to index.php 
location/{ 
    try_files $uri $uri/ /index.php?$args; 
} 

# Exclude common static file formats from logging and cache as long as possible 
location ~* ^.+\.(ogg|ogv|svg|svgz|eot|otf|woff|mp4|ttf|rss|atom|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf|txt)$ { 
    access_log off; 
    log_not_found off; 
    expires max; 
} 

# Deny access to files that start with a dot, such as .htaccess 
location ~ /\. { 
    deny all; 
} 

# Deny access to php files in folders named uploads and files (this is to prevent people uploading php files and executing them) 
location ~* /(?:uploads|files)/.*\.php$ { 
    deny all; 
} 

php.conf：

# Pass all php files to php5-fpm 
location ~ \.php$ { 
    try_files $uri =404; 

    include fastcgi_params; 

    fastcgi_pass unix:/var/run/php5-fpm.sock; 
    fastcgi_index index.php; 
} 

來源：https://pyronexus.com/blog/2015/01/11/nginx-remove-www-and-force-ssl-connections/