2019年1月

从这里得到的方案https://lala.im/4722.html
我安了盒子https://www.openos.org/post/274/
在/etc/nginx/sites-enabled找到了defuat文件
改为

server {

listen       80;
root /var/www;
index index.html index.php index.htm;
listen       443 ssl http2;
client_max_body_size 100000m;
server_name  yourdomain.com;
if ($server_port !~ 443){
    rewrite ^(/.*)$ https://$host$1 permanent;
}

ssl_certificate    /etc/letsencrypt/live/yourdomain.com/fullchain.pem;
ssl_certificate_key    /etc/letsencrypt/live/yourdomain.com/privkey.pem;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
error_page 497  https://$host$request_uri;
     location @denied {
           return 301 https://$host$request_uri;
    }
    
    location / {
           try_files $uri $uri/ =404;
    }

    location /rutorrent {
           auth_basic "Restricted";
           auth_basic_user_file /etc/nginx/.htpasswd;
           include /etc/nginx/conf.d/php;
           include /etc/nginx/conf.d/cache;
    }

    include /etc/nginx/sites-available/dload-loc;

    location ~ /\.ht {
            deny all;
    }    

}