微信扫描,分享到朋友圈和群
WordPress启用HTTPS同时支持WindowsLiveWriter配置
一直都习惯使用WindowsLiveWriter发日志,开启HTTPS后发现WindowsLiveWriter用不了,推测是WLW不支持HTTPS的原因。于是重新审视“.httpaccess”文件,最终使用如下配置支持全站HTTPS和WLW继续使用。
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{HTTP_HOST} !(^codefine\.site$)
RewriteRule (.*) https://codefine\.site%{REQUEST_URI} [L,R=301]
RewriteCond %{HTTPS} !^on$ [NC]
RewriteCond %{REQUEST_URI} !/xmlrpc.php
RewriteRule (.*) https://%{SERVER_NAME}%{REQUEST_URI} [L,R=301]
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
WLW使用的是http://codefine.site/xmlrpc.php,将该地址在condition中设置为不重定向即可。
如果是nginx,则使用nginx的location rule来定制Wordpress的配置。
server {
listen 80;
listen 12520;
root /opt/codefine.site/;
index index.php index.html index.htm;
server_name codefine.site www.codefine.site;
client_max_body_size 200m;
set $is_wlm 0;
location / {
if ($http_user_agent ~ "Mozilla/4.0\ \(compatible;\ MSIE\ 9.11;\ Windows\ NT\ 6.2;\ Windows\ Live\ Writer\ 1.0\)") {
set $is_wlm 1;
}
if ( $is_wlm = 0 ) {
rewrite ^/(.*)$ https://codefine.site/$1 permanent;
}
try_files $uri $uri/ /index.php?$args;
}
location ~ \.php$ {
if ($http_user_agent ~ "Mozilla/4.0\ \(compatible;\ MSIE\ 9.11;\ Windows\ NT\ 6.2;\ Windows\ Live\ Writer\ 1.0\)") {
set $is_wlm 1;
}
if ( $is_wlm = 0 ) {
rewrite ^/(.*)$ https://codefine.site/$1 permanent;
}
include fastcgi-php.conf;
fastcgi_pass unix:/var/run/php7.sock/unix.sock;
}
}
server {
listen 443 ssl;
root /opt/codefine.site/;
index index.php index.html index.htm;
server_name codefine.site;
client_max_body_size 200m;
ssl_certificate /etc/nginx/sslcerts/server.pem;
ssl_certificate_key /etc/nginx/sslcerts/private.pem;
ssl_protocols TLSv1.2;
ssl_session_cache shared:SSL:10m;
ssl_stapling on;
ssl_stapling_verify on;
ssl_prefer_server_ciphers on;
#ssl_ciphers 'AES128+EECDH:AES128+EDH:!aNULL';
ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256';
gzip on;
gzip_vary on;
gzip_comp_level 6;
gzip_types text/plain text/xml image/svg+xml # text/html in core already.
application/rss+xml application/atom+xml application/xhtml+xml
text/css application/json application/x-javascript
application/font-otf application/font-ttf;
# Do not allow public access to private cache directory.
if ($uri ~* /wp\-content/cache/comet\-cache/cache(?:/|$)) {
return 403;
}
# Do not allow public access to private cache directory.
if ($uri ~* /wp\-content/cache/comet\-cache/htmlc/private(?:/|$)) {
return 403;
}
if ($host != 'codefine.site' ) {
rewrite ^/(.*)$ https://codefine.site/$1 permanent;
}
location / {
try_files $uri $uri/ /index.php?$args;
}
location ~ \.php$ {
include fastcgi-php.conf;
fastcgi_pass 172.17.0.1:9000;
}
}
另外隐藏php header,在fast-cgi.conf中添加:
# Hide PHP headers
fastcgi_hide_header X-Powered-By;
fastcgi_hide_header X-CF-Powered-By;