discuz更新https证书

作者: xahy 分类: 笔记 发布时间: 2019-07-18 16:05

上篇说到了需要迁移下服务器,

看了下 https 证书也快过期了,

就顺便也一起更新了一下。

  • 先去 https://freessl.cn 申请了一张免费证书:操作一波、证书下来后,将证书上传到服务器上。
  • 然后调整服务相关配置代码
server
    {
        listen 80;
        server_name  798wd.com www.798wd.com;
        rewrite ^(.*)$  https://$host$1   permanent;
    }

server
    {
        listen 443;
        server_name  798wd.com www.798wd.com;
        ssl_certificate /data/ssl/wd798.www.com/full_chain.pem;
        ssl_certificate_key /data/ssl/wd798.www.com/private.key;

        root  /data/web/upload;
        index index.html index.htm index.php default.html default.php;
        include /data/conf/rewrite/wd798/798wd.com.rewrite;

        ssl_session_timeout 5m;
        ssl_prefer_server_ciphers on;
        ssl_protocols  TLSv1 TLSv1.1 TLSv1.2;
        ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;


        access_log  /data/wwwlogs/wd798-com-access.log main;
        error_log /data/wwwlogs/wd798-com-error.log;

  
        error_page 403  400 404 /404.html;
        location = /404.html {
            #放错误页面的目录路径。
            root /data/web;
        }

        # Deny access to PHP files in specific directory
        #location ~ /(wp-content|uploads|wp-includes|images)/.*\.php$ { deny all; }

        include enable-php.conf;

        location /nginx_status
        {
            stub_status on;
            access_log   off;
        }


        location = /favicon.ico {
            log_not_found off; access_log off;
        }

        location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
        {
            expires      30d;
        }

        location ~ .*\.(js|css)?$
        {
            expires      12h;
        }

        location ~ /.well-known {
            allow all;
        }

        location ~ /\.
        {
            deny all;
        }

    }

 

  • nginx -t 检查是否存在配置错误
  • nginx -s reload  重启服务

 

 

发表评论

电子邮件地址不会被公开。 必填项已用*标注