nginx增加https ssl 及判断手机浏览器


#user  nobody;
worker_processes  4;

#error_log  logs/error.log;
#error_log  logs/error.log  notice;
#error_log  logs/error.log  info;

#pid        logs/nginx.pid;


events {
    worker_connections  1024;
}


http {
    include       mime.types;
    default_type  application/octet-stream;
    server_tokens off;
    fastcgi_intercept_errors on;
    error_page 502 = /index.html;
    log_format  main  '$remote_addr $cookie_logCookie $cookie_loginId [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for" '
                      '$request_time $upstream_response_time';
 
    access_log  logs/access.log  main;

    sendfile        on;
    #tcp_nopush     on;

    keepalive_timeout  65;

    gzip  on;
    gzip_min_length 1K;
    gzip_buffers 4 16k;
    gzip_http_version 1.1;
    gzip_comp_level 2;
    gzip_types text/plain application/x-javascript text/css application/xml;
    gzip_vary on;
    proxy_set_header X-Nginx-Scheme $scheme;   
    client_max_body_size 300m;
    proxy_headers_hash_bucket_size 1024;
    proxy_headers_hash_max_size 512;
   

    server
    {
        listen 80;
        server_name s.test.com;
        rewrite ^(.*)$  https://s.test.com permanent;
#        charset utf-8,gbk;
#        location /
#        {
#            index index.html index.htm index.jsp;
#           proxy_pass         http://;
#            proxy_redirect off;
#        }
    }
   
    server
    {
        listen 80;
        server_name en.test.com;
        rewrite ^(.*)$  https://en.test.com permanent;
#        charset utf-8,gbk;
#        location /
#        {
#            index index.html index.htm index.jsp;
#           proxy_pass         http://;
#            proxy_redirect off;
#        }
    }
   
    server
    {
        listen 80;
        server_name mall.test.com;
        rewrite ^(.*)$  https://mall.test.com$1 permanent;
#        charset utf-8,gbk;
#        location /
#        {
#            index index.html index.htm index.jsp;
#           proxy_pass         http://;
#            proxy_redirect off;
#        }
    }
   
    server
    {
        listen 80;
        server_name cn.test.com;
        rewrite ^(.*)$  https://mall.test.com permanent;
#        charset utf-8,gbk;
#        location /
#        {
#            index index.html index.htm index.jsp;
#           proxy_pass         http://;
#            proxy_redirect off;
#        }
    }
   
    server
    {
        listen 80;
        server_name m.test.com;
        rewrite ^(.*)$  https://mall.test.com permanent;
#        charset utf-8,gbk;
#        location /
#        {
#            index index.html index.htm index.jsp;
#           proxy_pass         http://;
#            proxy_redirect off;
#        }
    }
   
   
    server
    {
        listen 80;
        server_name piwik.test.com;
        rewrite ^(.*)$  https://piwik.test.com permanent;
#        charset utf-8,gbk;
#        location /
#        {
#            index index.html index.htm index.jsp;
#           proxy_pass         http://;
#            proxy_redirect off;
#        }
    }
   
   
    server
    {
        listen 80;
        server_name ~^.*\.test\.com$ www.test.com;
    rewrite ^(.*)$  https://www.test.com$1 permanent;
#        charset utf-8,gbk;
#        location /
#        {
#            index index.html index.htm index.jsp;
#            proxy_pass http://;
#            proxy_redirect off;
#        }
    }
   
    server
    {
        listen      443 ssl;
        server_name s.test.com;
        ssl on;
        ssl_certificate /usr/local/nginx/conf/testcomClass2.crt;
        ssl_certificate_key /usr/local/nginx/conf/testcomClass2.key;
        ssl_session_timeout 5m;
        ssl_protocols SSLv2 SSLv3 TLSv1;
        ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
        ssl_prefer_server_ciphers on;
        charset utf-8,gbk;

    location ^~ /upgrade/
                {
                        index index.html index.htm index.jsp;
                        proxy_pass http://10.1.211.87:8089/;
                        proxy_redirect off;
                }   

        location /
        {
            index index.html index.htm index.jsp;
            if ($request_uri ~* \.(css|js|gif|png|jpg|jpeg))
            {
                add_header Cache-Control "max-age=2592000";
            }
               proxy_pass         http://10.1.210.10:7002;
#           proxy_set_header   Host             $host;
#           proxy_set_header   X-Real-IP        $remote_addr;
#           proxy_set_header   X-Forwarded-For  $proxy_add_x_forwarded_for;
        }
    }
   
    server
    {
        listen      443 ssl;
        server_name en.test.com;
        ssl on;
        ssl_certificate /usr/local/nginx/conf/testcomClass2.crt;
        ssl_certificate_key /usr/local/nginx/conf/testcomClass2.key;
        ssl_session_timeout 5m;
        ssl_protocols SSLv2 SSLv3 TLSv1;
        ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
        ssl_prefer_server_ciphers on;
        charset utf-8,gbk;

        location /
        {
            index index.html index.htm index.jsp;
            if ($request_uri ~* \.(css|js|gif|png|jpg|jpeg))
            {
                add_header Cache-Control "max-age=2592000";
            }
               proxy_pass         http://en.test.com;
#           proxy_set_header   Host             $host;
#           proxy_set_header   X-Real-IP        $remote_addr;
#           proxy_set_header   X-Forwarded-For  $proxy_add_x_forwarded_for;
        }
    }
   
    server
    {
        listen 443 ssl;
        server_name mall.test.com;
        ssl on;
        ssl_certificate /usr/local/nginx/conf/testcomClass2.crt;
        ssl_certificate_key /usr/local/nginx/conf/testcomClass2.key;
        ssl_session_timeout 5m;
        ssl_protocols SSLv2 SSLv3 TLSv1;
        ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
        ssl_prefer_server_ciphers on;
        charset utf-8,gbk;

        location /
        {
            index index.html index.htm index.jsp;
            if ($request_uri ~* \.(css|js|gif|png|jpg|jpeg))
            {
                add_header Cache-Control "max-age=2592000";
            }
               proxy_pass         http://mall.test.com;
#           proxy_set_header   Host             $host;
#           proxy_set_header   X-Real-IP        $remote_addr;
#           proxy_set_header   X-Forwarded-For  $proxy_add_x_forwarded_for;
        }
    }
   
    server
    {
        listen 443 ssl;
        server_name cn.test.com;
        rewrite ^(.*)$  https://mall.test.com permanent;
    }
   
    server
    {
        listen 443 ssl;
        server_name m.test.com;
        rewrite ^(.*)$  https://mall.test.com permanent;
    }
   
    server
    {
        listen      443 ssl;
        server_name piwik.test.com;
        ssl on;
        ssl_certificate /usr/local/nginx/conf/testcomClass2.crt;
        ssl_certificate_key /usr/local/nginx/conf/testcomClass2.key;
        ssl_session_timeout 5m;
        ssl_protocols SSLv2 SSLv3 TLSv1;
        ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
        ssl_prefer_server_ciphers on;
        charset utf-8,gbk;

        location /
        {
            index index.html index.htm index.jsp;
            if ($request_uri ~* \.(css|js|gif|png|jpg|jpeg))
            {
                add_header Cache-Control "max-age=2592000";
            }
               proxy_pass         http://piwik.test.com;
        }
    }
   
    server
    {
        listen      443 ssl;
        server_name ~^.*\.test\.com$ www.test.com;
        ssl on;
        ssl_certificate /usr/local/nginx/conf/testcomClass2.crt;
        ssl_certificate_key /usr/local/nginx/conf/testcomClass2.key;
        ssl_session_timeout 5m;
        ssl_protocols SSLv2 SSLv3 TLSv1;
        ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
        ssl_prefer_server_ciphers on;
        charset utf-8,gbk;

        location /
        {
            index index.html index.htm index.jsp;
            if ($request_uri ~* \.(css|js|gif|png|jpg|jpeg))
            {
                add_header Cache-Control "max-age=2592000";
            }
            if ( $http_user_agent ~* "Mobile" ){
                proxy_pass   http://10.1.210.10:7002;
            }
                proxy_pass   http://www.test.com;
        }
    }
   

}

相关推荐