HTTPS访问配置方案
# HTTPS server # server { listen 443 ssl; server_name www.zj***.com zj***.com; ssl_certificate /usr/local/nginx/sslkey/zj***.com_bundle.crt; ssl_certificate_key /usr/local/nginx/sslkey/zj***.com.key; ssl_session_cache shared:SSL:1m; ssl_session_timeout 5m; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers ECDH:AESGCM:HIGH:!RC4:!DH:!MD5:!aNULL:!eNULL; ssl_prefer_server_ciphers on; location / { root html; index index.html index.htm; if ($http_user_agent ~* "java|python|perl|ruby|curl|bash|echo|uname|base64|decode|md5sum|select|concat|httprequest|nmap|scan" ) { return 403; } # proxy_pass http://localhost:8080; proxy_pass http://mydomain.com; proxy_buffer_size 128k; proxy_buffers 32 128k; proxy_busy_buffers_size 128k; proxy_temp_file_write_size 64m; } }