案例配置:
server {
listen 443;
server_name *****.com;
ssl on;
ssl_certificate sslkey/****/****.com.pem;
ssl_certificate_key sslkey/****/****.com.key;
ssl_session_timeout 5m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers AESGCM:ALL:!DH:!EXPORT:!RC4:+HIGH:!MEDIUM:!LOW:!aNULL:!eNULL;
ssl_prefer_server_ciphers on;
include ***.conf;
location /***/ {
index index.html index.htm;
alias /*****.com/***/;
try_files $uri $uri/ /****/index.html;
if ($request_filename ~ .*\.(htm|html)$)
{
add_header Cache-Control "no-cache, no-store";
}
location ~ .*\.(js.map)?$ {
set_real_ip_from {your IP};
real_ip_header X-Forwarded-For;
real_ip_recursive on;
proxy_set_header X-Forwarded-For $remote_addr;
if ($remote_addr != your IP) {
return 403;
}
access_log /***/***.log proxy1;
}
}
location = /favicon.ico {
log_not_found off;
}
access_log /data/****/*****.com.log access;
}
server {
listen 80;
server_name *******.com;
return 307 https://$host$request_uri;
}