Typecho Nginx 使用https加密访问实现方式（解决其他页面404问题）

躺平程序员老修

发布于 2023-09-05 15:35:47

4510

发布于 2023-09-05 15:35:47

文章被收录于专栏：躺平程序员老修

typecho nginx

本文假设你已经申请好了证书，并已经配置到服务器

在项目根目录下的配置文件config.inc.php中添加如下代码，让后台访问https资源，不加的话后台登录仍然访问http；

   define('__TYPECHO_SECURE__',true);

nginx配置文件中，在你解析443端口的server中，在localhost中添加如下代码，地址带参数跳转，不加会导致其他页面404；

            try_files $uri $uri/ /index.php?$query_string;
            if (!-e $request_filename){  
                rewrite ^/(.*) /index.php last;  
            }

例如：

    location ~ .*\.php(\/.*)*$ {
        try_files $uri $uri/ /index.php?$query_string;
        if (!-e $request_filename){
            rewrite ^/(.*) /index.php last;
        }
       ...
    }

在项目代码中header.php中加入如下代码，默认访问https（可选）；

    if ($_SERVER["HTTPS"] <> "on")
    {
        $xredir = "https://".$_SERVER["SERVER_NAME"].$_SERVER["REQUEST_URI"];
        header("Location: ".$xredir);
    }

附上 nginx https 的配置文件

server {
        listen       443 ssl http2 default_server;
        listen       [::]:443 ssl http2 default_server;
        server_name  localhost;
        root         /usr/share/nginx/html/YOURWEB;
        index index.html index.php index.htm;

        ssl_certificate "/usr/cert/YOURCERT.pem";
        ssl_certificate_key "/usr/cert/YOURCERT.key";
        ssl_session_cache shared:SSL:1m;
        ssl_session_timeout  10m;
       #ssl_ciphers HIGH:!aNULL:!MD5;
       #下面这句话可以防止某些浏览器出现 ERR_SPDY_INADEQUATE_TRANSPORT_SECURITY 错误
        ssl_ciphers EECDH+AES128:HIGH:!aNULL:!MD5; 
        ssl_prefer_server_ciphers on;

        # Load configuration files for the default server block.
        include /etc/nginx/default.d/*.conf;

        # nginx rewrite
        if (-f $request_filename/index.html){
            rewrite (.*) $1/index.html break;
        }
        if (-f $request_filename/index.php){
            rewrite (.*) $1/index.php;
        }
        if (!-e $request_filename){
            rewrite (.*) /index.php;
        }


        location / {
            index index.html index.htm index.php;
        }

       #location ~ \.php$ {
        location ~ .*\.php(\/.*)*$ {
        # root /usr/share/nginx/html/public_html;

        try_files $uri $uri/ /index.php?$query_string;
        if (!-e $request_filename){
            rewrite ^/(.*) /index.php last;
        }

        #try_files $uri =404;
                fastcgi_pass 127.0.0.1:9000;
                fastcgi_index index.php;
                fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
                include fastcgi_params;
        }

        error_page 404 /404.html;
            location = /40x.html {
        }

        error_page 500 502 503 504 /50x.html;
            location = /50x.html {
        }
    }

本文参与腾讯云自媒体同步曝光计划，分享自作者个人站点/博客。

如有侵权请联系 cloudcommunity@tencent.com 删除

php