##HTTPS server##
server {
listen 443;
server_name www.shabi.com;
ssl on;
index index.php index.html index.htm;
root /opt/shabi/public;
ssl_certificate /usr/cert/214065765590674.pem;
ssl_certificate_key /usr/cert/214068785980674.key;
ssl_session_timeout 15m;
ssl_protocols SSLv2 SSLv3 TLSv1;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_prefer_server_ciphers on;
error_page 404 /404.html;
include enable-php.conf;
# ###ssl加密格式###proxy_set_header X-SSL-Client-Cert $ssl_client_cert;
location /
{
index index.php index.html index.htm;
root /opt/shabi/public;
try_files $uri $uri/ /index.php?$query_string;
}
location /nginx_status
{
stub_status on;
access_log off;
}
location ~ .*.(gif|jpg|jpeg|png|bmp|swf)$
{
expires 30d;
}
location ~ .*.(js|css)?$
{
expires 12h;
}
location ~ /.
{
deny all;
}
access_log /tmp/nginxlog/www/access.log;
}