码迷,mamicode.com
首页 > 其他好文 > 详细

Nginx配置SSL

时间:2018-02-27 17:48:14      阅读:104      评论:0      收藏:0      [点我收藏+]

标签:out   buffer   can   nmap   undle   base   list   base64   temp   

HTTPS访问配置方案

# HTTPS server
#
server {
    listen       443 ssl;
    server_name www.zj***.com zj***.com;

    ssl_certificate      /usr/local/nginx/sslkey/zj***.com_bundle.crt;
    ssl_certificate_key  /usr/local/nginx/sslkey/zj***.com.key;

    ssl_session_cache shared:SSL:1m;
    ssl_session_timeout  5m;

    ssl_protocols TLSv1 TLSv1.1 TLSv1.2; 
    ssl_ciphers ECDH:AESGCM:HIGH:!RC4:!DH:!MD5:!aNULL:!eNULL;
    ssl_prefer_server_ciphers on;

    location / {
        root html;
        index index.html index.htm;
        if ($http_user_agent ~* "java|python|perl|ruby|curl|bash|echo|uname|base64|decode|md5sum|select|concat|httprequest|nmap|scan" ) {
                return 403;
        }
        # proxy_pass http://localhost:8080;
        proxy_pass http://mydomain.com;
        proxy_buffer_size 128k;
        proxy_buffers   32 128k;
        proxy_busy_buffers_size 128k;
        proxy_temp_file_write_size 64m;
    }
}

 

Nginx配置SSL

标签:out   buffer   can   nmap   undle   base   list   base64   temp   

原文地址:https://www.cnblogs.com/chenjianxiang/p/8479550.html

(0)
(0)
   
举报
评论 一句话评论(0
登录后才能评论!
© 2014 mamicode.com 版权所有  联系我们:gaon5@hotmail.com
迷上了代码!