We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
关于购买 SSL 证书的介绍:SSL 证书服务,大家用哪家的?、DV免费SSL证书 我在腾讯云申请的免费DV证书,有效期一年 https://console.cloud.tencent.com/ssl
https://console.cloud.tencent.com/ssl
- nginx -t 测试修改后nginx.conf文件 - nginx -s reload nginx重启 - ps -ef|grep nginx 查看nginx 进程 - kill -HUP $id 重启单个nginx进程,$id可以查看进程查看
#设置用户与组 user nginx; #启动子进程数,可以通过ps aux | grep nginx查看 worker_processes auto; #错误日志文件,以及日志级别 error_log /var/log/nginx/error.log; #进程号保存文件 pid /run/nginx.pid; # Load dynamic modules. See /usr/share/nginx/README.dynamic. include /usr/share/nginx/modules/*.conf; events { #每个进程可以处理的连接数,受系统文件句柄的限制 worker_connections 1024; } http { #mime.type为文件类型定义文件 include /etc/nginx/mime.types; #默认文件类型 default_type application/octet-stream; #配置共享会话缓存大小,视站点访问情况设定 ssl_session_cache shared:SSL:10m; #配置会话超时时间 ssl_session_timeout 10m; #使用log_format可以自定义日志格式,名称为main log_format main '$remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; #创建访问日志,格式采用main定义的格式 access_log /var/log/nginx/access.log main; #是否调用sendfile()进行数据复制,sendfile()复制数据是在内核级别完成的,所以会比一般的read、write更高效 sendfile on; #开启后服务器的响应头部信息产生独立的数据包发送,即一个响应头信息一个包 tcp_nopush on; #保持连接的超时时间 keepalive_timeout 65; #是否采用压缩功能,将页面压缩后传输更节省流量 gzip on; tcp_nodelay on; types_hash_max_size 2048; # Load modular configuration files from the /etc/nginx/conf.d directory. # See http://nginx.org/en/docs/ngx_core_module.html#include # for more information. include /etc/nginx/conf.d/*.conf; # Settings server { #服务器监听的端口 listen 443 ssl; #访问域名 server_name www.XXXXX.com; #文件地址 root /usr/local/dist; #编码格式,如果网页编码与此设置不同,则将被自动转码 #charset utf-8; #设置虚拟主机的访问日志 #access_log logs/access.log main; #对URL进行匹配 location / { #设置网页根路径,使用的是相对路径,html指的是处于nginx安装路径下 root html; #首页文件,先找index.html,若没有,再找index.htm index index.html index.htm; } #设置长连接 keepalive_timeout 70; #HSTS策略 add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always; #证书文件 ssl_certificate /etc/nginx/1_www.XXXXX.com_bundle.crt; #私钥文件 ssl_certificate_key /etc/nginx/2_www.XXXXX.com.key; #优先采取服务器算法 ssl_prefer_server_ciphers on; #减少点击劫持 add_header X-Frame-Options DENY; #禁止服务器自动解析资源类型 add_header X-Content-Type-Options nosniff; #防XSS攻擊 add_header X-Xss-Protection 1; ssl_session_timeout 10m; #ssl_session_cache shared:SSL:1m; ssl_ciphers HIGH:!aNULL:!MD5; # Load configuration files for the default server block. include /etc/nginx/default.d/*.conf; #设置错误代码对应的错误页面 #error_page 404 /404.html; #redirect server error pages to the static page /50x.html location = / { try_files /home/index.html /index.html; } error_page 404 /404.html; location = /40x.html { } error_page 500 502 503 504 /50x.html; location = /50x.html { } } }
The text was updated successfully, but these errors were encountered:
No branches or pull requests
ssl证书
基础配置
nginx指令
nginx文件
The text was updated successfully, but these errors were encountered: