Nginx proxy https site (closed test), nginxhttps
Nginx proxy https site (test)
First of all, I believe that you have completed the nginx normal proxy http site method. The following describes the configuration of the proxy https site and the precautions, at present, most websites need to switch to https, so it is also very important to learn this method. I will not go straight to the topic ..................
Test Environment
NginxNginx/1.6.3
Php 5.5.38
Mysql 5.5.32
Premise: the backend web node can listen to port 80,443 at the same time (the site can access http and https normally through the web node). There are a lot of methods for configuring https on the Internet, you can use Baidu to generate an ssl free certificate to build an https web site. If you parse the ip address of the web machine, you can achieve http and https access respectively. (Note: the web node does not set rewrite rules to automatically redirect http to https) (if you do not need nginx as a web proxy, the web node must configure the rewrite rule in the location field to automatically redirect http to https)
Attach the backend web nginx configuration file (phpadmin.ff.com)
The focus is on
The Nginx proxy has enabled both 80 and 443 and configured the listener to be similar to the backend web node. Here we use the phpadmin.ff.com domain name to test the nginx proxy configuration as follows:
Nginx. conf
To make it easier for my upstream to include only one web node and another one for backup, note that my upstream does not include the following information on the backend: 443.
(Include) Phpadmin. conf configuration (note the Red Arrow section, if you do not add this rule, you must manually enter the https://phpadmin.ff.com to access https, but cannot achieve http to https automatic jump)
The note here is to achieve http access to https automatic switch, if you do not add this rewrite need to manually enter https://phpadmin.ff.com access,
Summary:
1. The default port number of the upstream defined by nginx during http proxy is 80 (so accurately speaking, upstream is not the default port, but 80 is only part of the nginx proxy)
2. When nginx is used as an https proxy, the default upstream is https protocol access port 443.
3. If the web provides https http services externally, configure https and http rewrite on the web.
4. If the nginx proxy provides https http service externally, configure https and http on the nginx proxy for rewrite. The two cannot do rewrite at the same time. Otherwise, the access log will pop up and redirect an endless loop.
Currently, the problem is that there is no incomplete display of phpadmin https content, and images and some webpage design content (only text is displayed) cannot be displayed during discuz and WordPress ), this may be related to the content encrypted by the https protocol. Currently, only Google has used https to process all the content. Generally, https is automatically redirected during login and transaction (nginx rewrite Based on the extension can be used)