VPS侦探论坛
标题:
求帮忙 关于HSTS没用
[打印本页]
作者:
wang3623246
时间:
2016-1-14 21:15
标题:
求帮忙 关于HSTS没用
我用军哥的hsts强制从http跳转到https无法自动跳转,nginx域名配置文件如下,求帮忙看看谢谢各位大神
server
{
listen 80;
#listen [::]:80;
server_name 777m777.com www.777m777.com;
index index.html index.htm index.php default.html default.htm default.php;
root /home/wwwroot/777m777.com;
include 22.conf;
#error_page 404 /404.html;
location ~ [^/]\.php(/|$)
{
# comment try_files $uri =404; to enable pathinfo
try_files $uri =404;
fastcgi_pass unix:/tmp/php-cgi.sock;
fastcgi_index index.php;
include fastcgi.conf;
#include pathinfo.conf;
}
location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
{
expires 30d;
}
location ~ .*\.(js|css)?$
{
expires 12h;
}
access_log off;
}
server
{
listen 443 ssl;
server_name 777m777.com www.777m777.com;
index index.html index.htm index.php default.html default.htm default.php;
root /home/wwwroot/777m777.com;
ssl_certificate /etc/letsencrypt/live/777m777.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/777m777.com/privkey.pem;
ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH";
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:10m;
add_header Strict-Transport-Security "max-age=63072000; includeSubdomains; preload";
include 22.conf;
#error_page 404 /404.html;
location ~ [^/]\.php(/|$)
{
# comment try_files $uri =404; to enable pathinfo
try_files $uri =404;
fastcgi_pass unix:/tmp/php-cgi.sock;
fastcgi_index index.php;
include fastcgi.conf;
#include pathinfo.conf;
}
location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
{
expires 30d;
}
location ~ .*\.(js|css)?$
{
expires 12h;
}
access_log off;
}
作者:
licess
时间:
2016-1-15 10:18
HSTS必须是再访问过该https网站后才会生效的,首次访问是不生效的
http的网站server配置里可以加上301或只要访问了任意一个网站里的https连接以后就会强制https
作者:
wang3623246
时间:
2016-1-15 15:31
标题:
回复 2# 的帖子
军哥 在cloudflare里启用HSTS不是比你的301更方便?
直接全部强制到https
作者:
licess
时间:
2016-1-15 15:42
cloudflare后台点一下就启用了
欢迎光临 VPS侦探论坛 (https://bbs.lnmp.com/)
Powered by Discuz! X3.4
直接全部强制到https