-
Notifications
You must be signed in to change notification settings - Fork 1
/
nginx.conf
59 lines (48 loc) · 1.64 KB
/
nginx.conf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
server {
listen 80;
listen 443 ssl;
server_name local.es3.com;
#强制 https 访问
if ($scheme = http ) {
return 301 https://$server_name$request_uri;
}
# https 配置
ssl_certificate server.crt;
ssl_certificate_key server.key;
#缓存池,缓存大小设置为20M,大概能放下 80000 个会话
ssl_session_cache shared:SSL:20m;
#缓存时间
ssl_session_timeout 10m;
#只启用 TLS 系列协议
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
#按照这个套件配置
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE:!kEDH;
ssl_prefer_server_ciphers on;
#启用 HSTS 用于通知浏览器强制使用 https 通信
add_header Strict-Transport-Security "max-age=31536000";
resolver 8.8.8.8 8.8.4.4;
#隐藏有关 Web 服务器的信息
server_tokens off;
location / {
root /Users/Neo/projects/ZYallers/easyswoole3/Public;
index index.html;
if (!-e $request_filename) {
proxy_pass http://127.0.0.1:9502;
}
proxy_redirect off;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real_IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection upgrade;
}
error_page 500 501 502 503 504 /50x.html;
location = /50x.html {
root /usr/local/etc/nginx/html/error_page;
}
error_page 400 403 404 405 408 410 412 413 414 415 /40x.html;
location = /40x.html {
root /usr/local/etc/nginx/html/error_page;
}
}