code review by fei.hong: do add login support https modify nginx config

@@ -428,6 +428,14 @@ server
 #    add_header  X-Frame-Options  deny;
 #    add_header  X-Content-Type-Options  nosniff;
 
+    location = / {
+        return 301 http://m.yohobuy.com;
+    }
+
+    location = /error.html {
+        return 301 http://m.yohobuy.com/error.html;
+    }
+    
     location / {
         proxy_redirect off;
         proxy_pass http://yohobuy;
@@ -456,10 +464,4 @@ server
     location =/crossdomain.xml {
         expires    30d;
     }
-    location =/sitemap.xml {
-        expires    1d;
-    }
-    location =/robots.txt {
-        expires    1d;
-    }
 }

@@ -26,28 +26,34 @@ server
 
     # 账户相关
     location = /reg.html {
-        proxy_redirect off;
-        proxy_pass http://yohobuy;
-        proxy_set_header   Host   $host;
-        proxy_set_header   X-Real-IP  $remote_addr;
-        proxy_set_header   X-Forwarded-For $proxy_add_x_forwarded_for;
-        proxy_set_header   Accept-Encoding "gzip";
+        return 301 https://$server_name$request_uri;
+
+#        proxy_redirect off;
+#        proxy_pass http://yohobuy;
+#        proxy_set_header   Host   $host;
+#        proxy_set_header   X-Real-IP  $remote_addr;
+#        proxy_set_header   X-Forwarded-For $proxy_add_x_forwarded_for;
+#        proxy_set_header   Accept-Encoding "gzip";
     }
     location = /signin.html {
-        proxy_redirect off;
-        proxy_pass http://yohobuy;
-        proxy_set_header   Host   $host;
-        proxy_set_header   X-Real-IP  $remote_addr;
-        proxy_set_header   X-Forwarded-For $proxy_add_x_forwarded_for;
-        proxy_set_header   Accept-Encoding "gzip";
+        return 301 https://$server_name$request_uri;
+
+#        proxy_redirect off;
+#        proxy_pass http://yohobuy;
+#        proxy_set_header   Host   $host;
+#        proxy_set_header   X-Real-IP  $remote_addr;
+#        proxy_set_header   X-Forwarded-For $proxy_add_x_forwarded_for;
+#        proxy_set_header   Accept-Encoding "gzip";
     }
     location = /login.html {
-        proxy_redirect off;
-        proxy_pass http://yohobuy;
-        proxy_set_header   Host   $host;
-        proxy_set_header   X-Real-IP  $remote_addr;
-        proxy_set_header   X-Forwarded-For $proxy_add_x_forwarded_for;
-        proxy_set_header   Accept-Encoding "gzip";
+        return 301 https://$server_name$request_uri;
+
+#        proxy_redirect off;
+#        proxy_pass http://yohobuy;
+#        proxy_set_header   Host   $host;
+#        proxy_set_header   X-Real-IP  $remote_addr;
+#        proxy_set_header   X-Forwarded-For $proxy_add_x_forwarded_for;
+#        proxy_set_header   Accept-Encoding "gzip";
     }
     location = /emailback.html {
         proxy_redirect off;
@@ -466,12 +472,32 @@ server
 
 server
 {
-     listen       443;
-     server_name  login.m.yohobuy.com cart.m.yohobuy.com;
-     ssl on;
-     ssl_certificate     /Data/local/nginx-1.8.0/ssl/server.crt;
-     ssl_certificate_key  /Data/local/nginx-1.8.0/ssl/server.key;
-     root  /Data/PE/yohobuy/yohobuy/m.yohobuy.com/public;
+    listen       443 ssl;
+    server_name  login.m.yohobuy.com;
+    root  /Data/PE/yohobuy_H5/yohobuy/m.yohobuy.com/public;
+
+    ssl_certificate      /home/hf/ssl/server.crt;
+    ssl_certificate_key  /home/hf/ssl/server.key;
+    ssl_dhparam          /home/hf/ssl/dhparams.pem;
+
+    ssl_prefer_server_ciphers  on;
+    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
+    ssl_ciphers "ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:AES128-GCM-SHA256:AES256-GCM-SHA384:DES-CBC3-SHA";
+    ssl_session_tickets off;
+    ssl_session_cache shared:SSL:10m;
+
+#    add_header  Strict-Transport-Security  "max-age=31536000";
+#    add_header  X-Frame-Options  deny;
+#    add_header  X-Content-Type-Options  nosniff;
+
+    #
+    location = / {
+        return 301 http://m.yohobuy.com;
+    }
+
+    location = /error.html {
+        return 301 http://m.yohobuy.com/error.html;
+    }
     
     location / {
         proxy_redirect off;
@@ -482,16 +508,23 @@ server
         proxy_set_header   Accept-Encoding "gzip";
     }
 
+    location ^~ /dist/ {
+        proxy_redirect off;
+        proxy_set_header   X-Real-IP  $remote_addr;
+        proxy_pass http://cdn.yoho.cn/;
+    }
+
+    location = /Passport/session/index {
+        proxy_redirect off;
+        proxy_set_header   X-Real-IP  $remote_addr;
+        proxy_set_header   X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_pass http://mapi.yohobuy.com;
+    }
+
     location ~* \.(ico|woff|svg|eot|ttf|otf)$ {
         expires    30d;
     }
     location =/crossdomain.xml {
         expires    30d;
     }
-    location =/sitemap.xml {
-        expires    1d;
-    }
-    location =/robots.txt {
-        expires    1d;
-    }
 }