wangshusheng / YOHOBUYPC · Commits

Go to a project

Authored by hf
Commit 8ef8d119640c6b7a0dc9fc400bfaabc9c74bd686 1 parent 915a13d3

code review by fei.hong: do add login support https modify nginx config

Inline Side-by-side
Showing 2 changed files with 71 additions and 36 deletions
@@ -428,6 +428,14 @@ server @@ -428,6 +428,14 @@ server
428 # add_header X-Frame-Options deny; 428 # add_header X-Frame-Options deny;
429 # add_header X-Content-Type-Options nosniff; 429 # add_header X-Content-Type-Options nosniff;
430 430
  431 + location = / {
  432 + return 301 http://m.yohobuy.com;
  433 + }
  434 +
  435 + location = /error.html {
  436 + return 301 http://m.yohobuy.com/error.html;
  437 + }
  438 +
431 location / { 439 location / {
432 proxy_redirect off; 440 proxy_redirect off;
433 proxy_pass http://yohobuy; 441 proxy_pass http://yohobuy;
@@ -456,10 +464,4 @@ server @@ -456,10 +464,4 @@ server
456 location =/crossdomain.xml { 464 location =/crossdomain.xml {
457 expires 30d; 465 expires 30d;
458 } 466 }
459 - location =/sitemap.xml {  
460 - expires 1d;  
461 - }  
462 - location =/robots.txt {  
463 - expires 1d;  
464 - }  
465 } 467 }
@@ -26,28 +26,34 @@ server @@ -26,28 +26,34 @@ server
26 26
27 # 账户相关 27 # 账户相关
28 location = /reg.html { 28 location = /reg.html {
29 - proxy_redirect off;  
30 - proxy_pass http://yohobuy;  
31 - proxy_set_header Host $host;  
32 - proxy_set_header X-Real-IP $remote_addr;  
33 - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;  
34 - proxy_set_header Accept-Encoding "gzip"; 29 + return 301 https://$server_name$request_uri;
  30 +
  31 +# proxy_redirect off;
  32 +# proxy_pass http://yohobuy;
  33 +# proxy_set_header Host $host;
  34 +# proxy_set_header X-Real-IP $remote_addr;
  35 +# proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  36 +# proxy_set_header Accept-Encoding "gzip";
35 } 37 }
36 location = /signin.html { 38 location = /signin.html {
37 - proxy_redirect off;  
38 - proxy_pass http://yohobuy;  
39 - proxy_set_header Host $host;  
40 - proxy_set_header X-Real-IP $remote_addr;  
41 - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;  
42 - proxy_set_header Accept-Encoding "gzip"; 39 + return 301 https://$server_name$request_uri;
  40 +
  41 +# proxy_redirect off;
  42 +# proxy_pass http://yohobuy;
  43 +# proxy_set_header Host $host;
  44 +# proxy_set_header X-Real-IP $remote_addr;
  45 +# proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  46 +# proxy_set_header Accept-Encoding "gzip";
43 } 47 }
44 location = /login.html { 48 location = /login.html {
45 - proxy_redirect off;  
46 - proxy_pass http://yohobuy;  
47 - proxy_set_header Host $host;  
48 - proxy_set_header X-Real-IP $remote_addr;  
49 - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;  
50 - proxy_set_header Accept-Encoding "gzip"; 49 + return 301 https://$server_name$request_uri;
  50 +
  51 +# proxy_redirect off;
  52 +# proxy_pass http://yohobuy;
  53 +# proxy_set_header Host $host;
  54 +# proxy_set_header X-Real-IP $remote_addr;
  55 +# proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  56 +# proxy_set_header Accept-Encoding "gzip";
51 } 57 }
52 location = /emailback.html { 58 location = /emailback.html {
53 proxy_redirect off; 59 proxy_redirect off;
@@ -466,12 +472,32 @@ server @@ -466,12 +472,32 @@ server
466 472
467 server 473 server
468 { 474 {
469 - listen 443;  
470 - server_name login.m.yohobuy.com cart.m.yohobuy.com;  
471 - ssl on;  
472 - ssl_certificate /Data/local/nginx-1.8.0/ssl/server.crt;  
473 - ssl_certificate_key /Data/local/nginx-1.8.0/ssl/server.key;  
474 - root /Data/PE/yohobuy/yohobuy/m.yohobuy.com/public; 475 + listen 443 ssl;
  476 + server_name login.m.yohobuy.com;
  477 + root /Data/PE/yohobuy_H5/yohobuy/m.yohobuy.com/public;
  478 +
  479 + ssl_certificate /home/hf/ssl/server.crt;
  480 + ssl_certificate_key /home/hf/ssl/server.key;
  481 + ssl_dhparam /home/hf/ssl/dhparams.pem;
  482 +
  483 + ssl_prefer_server_ciphers on;
  484 + ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
  485 + ssl_ciphers "ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:AES128-GCM-SHA256:AES256-GCM-SHA384:DES-CBC3-SHA";
  486 + ssl_session_tickets off;
  487 + ssl_session_cache shared:SSL:10m;
  488 +
  489 +# add_header Strict-Transport-Security "max-age=31536000";
  490 +# add_header X-Frame-Options deny;
  491 +# add_header X-Content-Type-Options nosniff;
  492 +
  493 + #
  494 + location = / {
  495 + return 301 http://m.yohobuy.com;
  496 + }
  497 +
  498 + location = /error.html {
  499 + return 301 http://m.yohobuy.com/error.html;
  500 + }
475 501
476 location / { 502 location / {
477 proxy_redirect off; 503 proxy_redirect off;
@@ -482,16 +508,23 @@ server @@ -482,16 +508,23 @@ server
482 proxy_set_header Accept-Encoding "gzip"; 508 proxy_set_header Accept-Encoding "gzip";
483 } 509 }
484 510
  511 + location ^~ /dist/ {
  512 + proxy_redirect off;
  513 + proxy_set_header X-Real-IP $remote_addr;
  514 + proxy_pass http://cdn.yoho.cn/;
  515 + }
  516 +
  517 + location = /Passport/session/index {
  518 + proxy_redirect off;
  519 + proxy_set_header X-Real-IP $remote_addr;
  520 + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  521 + proxy_pass http://mapi.yohobuy.com;
  522 + }
  523 +
485 location ~* \.(ico|woff|svg|eot|ttf|otf)$ { 524 location ~* \.(ico|woff|svg|eot|ttf|otf)$ {
486 expires 30d; 525 expires 30d;
487 } 526 }
488 location =/crossdomain.xml { 527 location =/crossdomain.xml {
489 expires 30d; 528 expires 30d;
490 } 529 }
491 - location =/sitemap.xml {  
492 - expires 1d;  
493 - }  
494 - location =/robots.txt {  
495 - expires 1d;  
496 - }  
497 } 530 }