Authored by hf

code review by fei.hong: do add login support https modify nginx config

... ... @@ -428,6 +428,14 @@ server
# add_header X-Frame-Options deny;
# add_header X-Content-Type-Options nosniff;
location = / {
return 301 http://m.yohobuy.com;
}
location = /error.html {
return 301 http://m.yohobuy.com/error.html;
}
location / {
proxy_redirect off;
proxy_pass http://yohobuy;
... ... @@ -456,10 +464,4 @@ server
location =/crossdomain.xml {
expires 30d;
}
location =/sitemap.xml {
expires 1d;
}
location =/robots.txt {
expires 1d;
}
}
... ...
... ... @@ -26,28 +26,34 @@ server
# 账户相关
location = /reg.html {
proxy_redirect off;
proxy_pass http://yohobuy;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Accept-Encoding "gzip";
return 301 https://$server_name$request_uri;
# proxy_redirect off;
# proxy_pass http://yohobuy;
# proxy_set_header Host $host;
# proxy_set_header X-Real-IP $remote_addr;
# proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# proxy_set_header Accept-Encoding "gzip";
}
location = /signin.html {
proxy_redirect off;
proxy_pass http://yohobuy;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Accept-Encoding "gzip";
return 301 https://$server_name$request_uri;
# proxy_redirect off;
# proxy_pass http://yohobuy;
# proxy_set_header Host $host;
# proxy_set_header X-Real-IP $remote_addr;
# proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# proxy_set_header Accept-Encoding "gzip";
}
location = /login.html {
proxy_redirect off;
proxy_pass http://yohobuy;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Accept-Encoding "gzip";
return 301 https://$server_name$request_uri;
# proxy_redirect off;
# proxy_pass http://yohobuy;
# proxy_set_header Host $host;
# proxy_set_header X-Real-IP $remote_addr;
# proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# proxy_set_header Accept-Encoding "gzip";
}
location = /emailback.html {
proxy_redirect off;
... ... @@ -466,14 +472,34 @@ server
server
{
listen 443;
server_name login.m.yohobuy.com cart.m.yohobuy.com;
ssl on;
ssl_certificate /Data/local/nginx-1.8.0/ssl/server.crt;
ssl_certificate_key /Data/local/nginx-1.8.0/ssl/server.key;
root /Data/PE/yohobuy/yohobuy/m.yohobuy.com/public;
listen 443 ssl;
server_name login.m.yohobuy.com;
root /Data/PE/yohobuy_H5/yohobuy/m.yohobuy.com/public;
location / {
ssl_certificate /home/hf/ssl/server.crt;
ssl_certificate_key /home/hf/ssl/server.key;
ssl_dhparam /home/hf/ssl/dhparams.pem;
ssl_prefer_server_ciphers on;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers "ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:AES128-GCM-SHA256:AES256-GCM-SHA384:DES-CBC3-SHA";
ssl_session_tickets off;
ssl_session_cache shared:SSL:10m;
# add_header Strict-Transport-Security "max-age=31536000";
# add_header X-Frame-Options deny;
# add_header X-Content-Type-Options nosniff;
#
location = / {
return 301 http://m.yohobuy.com;
}
location = /error.html {
return 301 http://m.yohobuy.com/error.html;
}
location / {
proxy_redirect off;
proxy_pass http://yohobuy;
proxy_set_header Host $host;
... ... @@ -482,16 +508,23 @@ server
proxy_set_header Accept-Encoding "gzip";
}
location ^~ /dist/ {
proxy_redirect off;
proxy_set_header X-Real-IP $remote_addr;
proxy_pass http://cdn.yoho.cn/;
}
location = /Passport/session/index {
proxy_redirect off;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://mapi.yohobuy.com;
}
location ~* \.(ico|woff|svg|eot|ttf|otf)$ {
expires 30d;
}
location =/crossdomain.xml {
expires 30d;
}
location =/sitemap.xml {
expires 1d;
}
location =/robots.txt {
expires 1d;
}
}
... ...