2016-08-22 98 views
0

因此,我有一個網站託管在數字海洋上,使用Nginx Web服務器v.1.2.1並使用Wordpress CMS。之後我決定使用Cloudflare服務。 Cloudflare提供免費的靈活SSL,我想用它來做我的網站。實施SSL(數字海洋+ Nginx + Cloudflare)

這是我的網站nginx的配置:

server { 
     listen 80; 
     #listen [::]:80 ipv6only=on default_server; 
     server_name pasangbatu.com www.pasangbatu.com; 
     root /srv/www/pasangbatu.com/public_html; 
     access_log /srv/www/pasangbatu.com/logs/access.log; 
     error_log /srv/www/pasangbatu.com/logs/error.log; 

     if ($http_host != "www.pasangbatu.com") { 
       rewrite^http://www.pasangbatu.com$request_uri permanent; 
     } 


     index index.php index.html; 
     location = /favicon.ico { 
       log_not_found off; 
       access_log off; 
     } 
     location = /robots.txt { 
       allow all; 
       log_not_found off; 
       access_log off; 
     } 

    # Use gzip compression 
    # gzip_static on; # Uncomment if you compiled Nginx using --with-http_gzip_static_module 
    gzip on; 
    gzip_disable "msie6"; 
    gzip_vary on; 
    gzip_proxied any; 
    gzip_comp_level 5; 
    gzip_buffers 16 8k; 
    gzip_http_version 1.0; 
    gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript image/png image/gif image/jpeg; 

     #location ~ ^/wp-content/cache/minify/[^/]+/(.*)$ { 
     #  try_files $uri /wp-content/plugins/w3-total-cache/pub/minify.php?file=$1; 
     #} 

    #location ~ ^/wp-content/plugins/wp-minify/min/[^/]+/(.*)$ { 
    # try_files $uri /wp-content/plugins/w3-total-cache/pub/minify.php?file=$1; 
    # wp-minify/cache 
    #} 

    # Don't cache uris containing the following segments 
    if ($request_uri ~* "(\/wp-admin\/|\/xmlrpc.php|\/wp-(app|cron|login|register|mail)\.php|wp-.*\.php|index\.php|wp\-comments\-popup\.php|wp\-links\-opml\.php|wp\-locations\.php)") { 
     set $cache_uri "no cache"; 
    } 

    # Don't use the cache for logged in users or recent commenters 
    if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+|wp\-postpass|wordpress_logged_in") { 
     set $cache_uri 'no cache'; 
    } 



    # Deny all attempts to access hidden files such as .htaccess, .htpasswd, .DS_Store (Mac). 
     location ~ /\. { 
       deny all; 
       access_log off; 
       log_not_found off; 
     } 
     location/{ 
       try_files $uri $uri/ /index.php?$args; 
     } 

     # Add trailing slash to */wp-admin requests. 
     rewrite /wp-admin$ $scheme:http://$host$uri/ permanent; 

    # Cache static files for as long as possible - removed xml as an extension to avoid problems with Yoast WordPress SEO plugin which uses WP rewrite API. 
    location ~* \.(ogg|ogv|svg|svgz|eot|otf|woff|mp4|ttf|css|rss|atom|js|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf)$ { 
     try_files $uri =404; 
     expires max; 
     access_log off; 
    } 

    # Pass PHP scripts on to PHP-FPM 
    location ~* \.php$ { 
     fastcgi_split_path_info ^(.+\.php)(/.+)$; 
     try_files $uri /index.php; 
     fastcgi_index index.php; 
     fastcgi_pass unix:/var/run/php5-fpm.sock; 
     #fastcgi_pass 127.0.0.1:9000; 
     include fastcgi_params; 
     fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; 
     fastcgi_param SCRIPT_NAME $fastcgi_script_name; 
     } 
} 

我曾試圖改變if ($http_host !="www.pasangbatu.com") {到這樣的事情:

if ($http_host != "www.pasangbatu.com") { 
        rewrite^https://www.pasangbatu.com$request_uri permanent; 
      } 

我重啓nginx的,並刷新我的網絡,我得到了支持SSL在主頁上。但如果我轉到另一頁/單擊文章鏈接,則返回到http協議的頁面不是https。

如果我禁用if condition block,只是這樣寫:

rewrite^https://www.pasangbatu.com$request_uri permanent; 

我的網站迴歸「多重定向唧唧歪歪」。

如何對我的所有頁面啓用https?需要你的幫助,

謝謝。

回答

1

所以,基本上這個問題歸結爲您的web服務器在使用Flexible SSL時(通過HTTPS從源到瀏覽器的連接)看到HTTP連接的事實。

爲了解決這個問題,你需要在你的Nginx配置文件中掛接X-Forwarded-Proto頭文件。

類似CloudFlare Flexible SSL plugin的插件也可能對您有用。

通過使用CloudFlare's Page Rules您可以有效地redirect HTTP to HTTPS traffic

+0

嗨,謝謝。它給了我一個線索:) –