1.虚拟主机vhost
在服务器上创建虚拟主机(PC端)配置文件www.domain.com.conf
,建议放置在目录/usr/local/nginx/conf/vhost
server{
listen 80;
server_name www.domain.com domain.com;
index index.html index.htm index.php;
root /alidata1/web/www.domain.com;
access_log off;
error_page 404 /404.html;
#error_page 403 /403.html;
if ($scheme = http ) {
return 301 https://$host$request_uri;
}
}
server {
listen 443 ssl http2;
server_name www.domain.com domain.com;
access_log /alidata1/logs/www.domain.com_nginx.log analytics;
index index.html index.php;
root /alidata1/web/www.hzshuangmei.com;
#include /usr/local/nginx/conf/spider_pc_2_mobile.conf;
#include /usr/local/nginx/conf/pc_503.conf;
# nginx push
http2_push /serviceworker.js;
http2_push /manifest.json;
# 跨域配置
include /usr/local/nginx/conf/plugin/cors.conf;
# include /usr/local/nginx/conf/503.conf;
include /usr/local/nginx/conf/rewrite/none.conf;
include /usr/local/nginx/conf/rewrite/www.hzshuangmei.com.rewrite.conf;
include /usr/local/nginx/conf/guard_dedecms.conf;
# 屏蔽非法蜘蛛
include /usr/local/nginx/conf/plugin/anti_spam_bots.conf;
#include /usr/local/nginx/conf/http2_push/www.hzshuangmei.com.http2_push.conf;
# 禁止缓存文件
include /usr/local/nginx/conf/plugin/nocached.conf;
#pagespeed 配置
include /usr/local/nginx/conf/plugin/www.domain.com.pagespeed.conf;
#pc2mobile
include /usr/local/nginx/conf/plugin/pc2mobile.conf;
error_page 404 /404.html;
#error_page 502 /502.html;
# SSL 配置
ssl_stapling on;
ssl_certificate /etc/letsencrypt/acme/fullchain.cer;
ssl_certificate_key /etc/letsencrypt/acme/hzshuangmei.com.key;
ssl_session_timeout 15m;
ssl_session_cache shared:SSL:50m;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4:!DH:!DHE;
ssl_prefer_server_ciphers on;
## Only requests to our Host are allowed
#if ($host !~* ^(www.hzshuangmei.com|m.hzshuangmei.com|hzshuangmei.com)$ ) {
# return 444;
#}
location ~ [^/]\.php(/|$) {
#fastcgi_pass remote_php_ip:9000;
fastcgi_pass unix:/dev/shm/php-cgi.sock;
fastcgi_index index.php;
include fastcgi.conf;
}
location ~ .*\.(webm|webp|gif|jpg|jpeg|png|bmp|swf|flv|mp4|ico|html)$ {
expires 360d;
access_log off;
log_not_found off;
}
location ~ .*\.(js|css)?$ {
expires 360d;
access_log off;
log_not_found off;
}
location ~ .*\.(html)$ {
expires 1d;
add_header Cache-Control max-age=86400;
}
location ~ /.well-known {
allow all;
}
location ~ /(\.user\.ini|\.ht|\.git|\.svn|\.project|LICENSE|README\.md) {
deny all;
}
location ~* favicon.ico {
log_not_found off;
access_log off;
expires 360d;
}
#网站日志
location /logs {
# logs dir
alias /alidata1/logs;
#open the function
autoindex on;
autoindex_exact_size off;
autoindex_localtime on;
add_header Cache-Control no-store;
}
location ~* \.(eot|ttf|woff|woff2|svg|webm)$ {
add_header Access-Control-Allow-Origin *;
add_header Access-Control-Allow-Methods GET,POST,OPTIONS;
}
}
然后再在虚拟主机配置文件(vhost/www.domain.com.conf
)文件中引入这个文件
include /usr/local/nginx/conf/pugin/antiSpamBots.conf;
移动端的配置文件酌情单独另行配置