鍍金池/ 問答/Linux/ Nginx https配置的問題

Nginx https配置的問題

現(xiàn)在我把80端口的訪問全部轉(zhuǎn)到443端口了。沒有經(jīng)驗,想請教一下,這樣配置安全嗎?不會在跳轉(zhuǎn)到443端口之前被抓到明文通信的包吧?

 server {
        listen 80;
        server_name www.mine.com;
        rewrite ^(.*)$ https://www.mine.com;
    }
 server {
       listen       443 ssl http2 default_server;
       listen       [::]:443 ssl http2 default_server;
       server_name  www.mine.com;
       root         /www;
回答
編輯回答
咕嚕嚕

如果是需要實現(xiàn)強制跳轉(zhuǎn)https的話,建議采用301返回,這被認為是從http升級到https的最佳實踐.

 server {
    listen 80;
    server_name www.mine.com;
    //rewrite ^(.*)$ https://www.mine.com;
    return 301    https://www.mine.com;
}

具體參考wiki
https://en.wikipedia.org/wiki...

2018年3月20日 07:11