nginx

安装

安装依赖

yum install gcc;
yum install pcre-devel;
yum install zlib zlib-devel;
yum install openssl openssl-devel;

下载最新稳定版并解压

wget https://nginx.org/download/nginx-1.16.1.tar.gz
tar -zxvf nginx-1.16.1.tar.gz

编译 安装

cd nginx-1.16.1/
#生成makefile，设置安装目录并配置ssl模块
./configure --prefix=/usr/local/nginx --user=www --group=www --with-http_stub_status_module --with-http_ssl_module
#编译安装
make && make install

启动 停止

cd /usr/local/nginx/sbin/
./nginx     #启动
pkill -9 nginx    #关闭

配置https，域名统一跳转至www域名

修改nginx配置文件路径/usr/local/nginx/conf/nginx.conf

vim /usr/local/nginx/conf/nginx.conf

笔者配置如下，将80和443不带www域名全部301永久重定向到https://www.kserver.club

server {
     listen 443; #监听443端口（https默认端口）
     server_name kserver.club;
     add_header Strict-Transport-Security "max-age=31536000";
     return 301 https://www.kserver.club$request_uri;
}

server {
     listen 443 default_server ssl; #监听443端口（https默认端口）
     server_name www.kserver.club;
     add_header Strict-Transport-Security "max-age=31536000";
     ssl_certificate /usr/local/nginx/mykey/kserver.club.pem; #填写你的证书所在的位置
     ssl_certificate_key /usr/local/nginx/mykey/kserver.club.key; #填写你的key所在的位置
     ssl_session_timeout 5m;
     ssl_ciphers EECDH+CHACHA20:EECDH+CHACHA20-draft:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256::!MD5;
     ssl_protocols TLSv1.3 TLSv1.1 TLSv1.2;
     ssl_prefer_server_ciphers on;
     location / {
             proxy_pass http://127.0.0.1:8081;
     }
}
 server {
     listen       80;
     server_name  kserver.club,www.kserver.club;
     return 301 https://www.kserver.club$request_uri;
 }

百度https，站长工具9分通过