#------------- SSL --------------

   server 
	{
		listen 80;
		#填写绑定证书的域名
		server_name www.xxxxx.com xxxx.com;
		#把http的域名请求转成https
		return 301 https://www.xxxxx.com$request_uri;
		#return 301 https://www.xxxxx.cn;
	}		
#------------- SSL ---------------
server
	{  
           #-----HTTPS template start------------
         listen 443 ssl;
         server_name www.xxxxx.com xxxxx.com;
         ssl_certificate      /usr/local/nginx/conf/ssl/xxxxx.crt;
         ssl_certificate_key /usr/local/nginx/conf/ssl/xxxxx.key;
         ssl_session_timeout 5m;
         ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
         ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;
         ssl_prefer_server_ciphers on;
         root  /home/wwwroot/default;
         index index.html index.htm index.php;
           #-----HTTPS template start------------
        #error_page   404   /404.html;

        # Deny access to PHP files in specific directory
        #location ~ /(wp-content|uploads|wp-includes|images)/.*\.php$ { deny all; }

        include enable-php.conf;

        location /nginx_status
        {
            stub_status on;
            access_log   off;
        }

        location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
        {
            expires      30d;
        }

        location ~ .*\.(js|css)?$
        {
            expires      12h;
        }

        location ~ /.well-known {
            allow all;
        }

        location ~ /\.
        {
            deny all;
        }

        access_log  /home/wwwlogs/access.log;
	}