无限重定向-nginx
Infinite redirect - nginx
我似乎遇到了 nginx 无限重定向的问题。这半个小时左右让我发疯,因为我无法确定无限重定向发生的位置。
虚拟主机:
Server ID : SuperUser Shell : sites-available/ > # cat example.com-ssl
server {
listen 80;
server_name www.example.com example.com;
return 301 https://www.example.com$request_uri;
}
server {
listen 443 ssl;
server_name example.com;
return 301 https://www.example.com$request_uri;
# This is for troubleshooting
access_log /var/log/nginx/www.example.com/access.log;
error_log /var/log/nginx/www.example.com/error.log debug;
}
server {
listen 443 default_server ssl;
server_name www.example.com;
ssl on;
ssl_certificate /etc/ssl/certs/www.example.com/2017/www.example.com.crt;
ssl_certificate_key /etc/ssl/certs/www.example.com/2017/www.example.com.key;
ssl_trusted_certificate /etc/ssl/certs/www.example.com/2017/www.example.com.ca-bundle;
ssl_protocols TLSv1.1 TLSv1.2;
ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:10m;
ssl_dhparam /etc/ssl/certs/www.example.com/2017/dhparam.pem;
add_header Strict-Transport-Security "max-age=63072000; includeSubexamples; ";
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $http_host;
proxy_pass http://127.0.0.1:2368;
}
access_log /var/log/nginx/www.example.com/access.log;
error_log /var/log/nginx/www.example.com/error.log;
}
Server ID : SuperUser Shell : sites-available/ > #
附加信息:
我还应该指出,这是一个幽灵博客服务器,我已经更新 config.js 以反映 https 而不是 http:
Server ID : SuperUser Shell : ghost/ > # cat config.js
// # Ghost Configuration
// Setup your Ghost install for various [environments](http://support.ghost.org/config/#about-environments).
// Ghost runs in `development` mode by default. Full documentation can be found at http://support.ghost.org/config/
var path = require('path'),
config;
config = {
// ### Production
production: {
url: 'https://www.example.com',
mail: {},
database: {
client: 'sqlite3',
connection: {
filename: path.join(__dirname, '/content/data/ghost.db')
},
debug: false
},
server: {
host: '0.0.0.0',
port: '2368'
}
},
// ### Development **(default)**
development: {
url: 'https://www.example.com',
database: {
client: 'sqlite3',
connection: {
filename: path.join(__dirname, '/content/data/ghost-dev.db')
},
debug: false
},
},
...
Server ID : SuperUser Shell : ghost/ > #
我还使用 pm2 重新启动了这个 java 进程(我用来保持 ghost 运行 的)。我什至停止了进程并重新启动它
cURL 输出:
... Same thing as below for 49 times
* Ignoring the response-body
* Connection #0 to host www.example.com left intact
* Issue another request to this URL: 'https://www.example.com/'
* Found bundle for host www.example.com: 0x263b920
* Re-using existing connection! (#0) with host www.example.com
* Connected to www.example.com (123.45.67.89) port 443 (#0)
> GET / HTTP/1.1
> User-Agent: curl/7.35.0
> Host: www.example.com
> Accept: */*
>
< HTTP/1.1 301 Moved Permanently
* Server nginx/1.4.6 (Ubuntu) is not blacklisted
< Server: nginx/1.4.6 (Ubuntu)
< Date: Sat, 26 Nov 2016 08:56:23 GMT
< Content-Type: text/plain; charset=utf-8
< Content-Length: 63
< Connection: keep-alive
< X-Powered-By: Express
< Location: https://www.example.com/
< Vary: Accept, Accept-Encoding
< Strict-Transport-Security: max-age=63072000; includeSubdomains;
<
* Ignoring the response-body
* Connection #0 to host www.bestredflags.com left intact
* Maximum (50) redirects followed
问题:
- 有没有人看出我在哪里犯了错误?
- 我将我的 nginx 配置从我的 RHEL 7.3 服务器 运行
nginx version: nginx/1.10.2(没有问题)复制到我的 Ubuntu 14.04 运行 nginx version: nginx/1.4.6 (Ubuntu)这可能是我问题的一部分吗?
- 在推送 vHost 配置更改之前,我没有收到来自
nginx -t 的错误。
- 这让我认为我的 vHost 没有问题,但 vHost 配置错误似乎也是合乎逻辑的选择。
- 我之前想知道的是,这在 nginx 中似乎比在 apache 中重定向
null 到 www 到 https://www 要长得多。 我这样做是否适合 nginx?
我希望这不是太多信息。我绝对不想提供太少的信息。
感谢您的帮助/指点。
这真是太尴尬了,但我在比较配置时发现我的生产服务器 ghost 不需要在 config.js 中指定 https。这导致了我的第一个无限重定向循环。
PROD : SuperUser Shell : ghost/ > # grep sitename config.js
url: 'http://www.sitename.com',
url: 'http://www.sitename.com',
PROD : SuperUser Shell : ghost/ > #
其次,我在重新启用 DNS 保护时收到了来自 CloudFlare 的另一个重定向循环
- 要更正此问题,请转到“概述”选项卡 >“设置摘要”> 单击“SSL”并将 SSL 从 "Flexible " 更改为 "Full (Strict)"。
我似乎遇到了 nginx 无限重定向的问题。这半个小时左右让我发疯,因为我无法确定无限重定向发生的位置。
虚拟主机:
Server ID : SuperUser Shell : sites-available/ > # cat example.com-ssl
server {
listen 80;
server_name www.example.com example.com;
return 301 https://www.example.com$request_uri;
}
server {
listen 443 ssl;
server_name example.com;
return 301 https://www.example.com$request_uri;
# This is for troubleshooting
access_log /var/log/nginx/www.example.com/access.log;
error_log /var/log/nginx/www.example.com/error.log debug;
}
server {
listen 443 default_server ssl;
server_name www.example.com;
ssl on;
ssl_certificate /etc/ssl/certs/www.example.com/2017/www.example.com.crt;
ssl_certificate_key /etc/ssl/certs/www.example.com/2017/www.example.com.key;
ssl_trusted_certificate /etc/ssl/certs/www.example.com/2017/www.example.com.ca-bundle;
ssl_protocols TLSv1.1 TLSv1.2;
ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:10m;
ssl_dhparam /etc/ssl/certs/www.example.com/2017/dhparam.pem;
add_header Strict-Transport-Security "max-age=63072000; includeSubexamples; ";
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $http_host;
proxy_pass http://127.0.0.1:2368;
}
access_log /var/log/nginx/www.example.com/access.log;
error_log /var/log/nginx/www.example.com/error.log;
}
Server ID : SuperUser Shell : sites-available/ > #
附加信息:
我还应该指出,这是一个幽灵博客服务器,我已经更新 config.js 以反映 https 而不是 http:
Server ID : SuperUser Shell : ghost/ > # cat config.js
// # Ghost Configuration
// Setup your Ghost install for various [environments](http://support.ghost.org/config/#about-environments).
// Ghost runs in `development` mode by default. Full documentation can be found at http://support.ghost.org/config/
var path = require('path'),
config;
config = {
// ### Production
production: {
url: 'https://www.example.com',
mail: {},
database: {
client: 'sqlite3',
connection: {
filename: path.join(__dirname, '/content/data/ghost.db')
},
debug: false
},
server: {
host: '0.0.0.0',
port: '2368'
}
},
// ### Development **(default)**
development: {
url: 'https://www.example.com',
database: {
client: 'sqlite3',
connection: {
filename: path.join(__dirname, '/content/data/ghost-dev.db')
},
debug: false
},
},
...
Server ID : SuperUser Shell : ghost/ > #
我还使用 pm2 重新启动了这个 java 进程(我用来保持 ghost 运行 的)。我什至停止了进程并重新启动它
cURL 输出:
... Same thing as below for 49 times
* Ignoring the response-body
* Connection #0 to host www.example.com left intact
* Issue another request to this URL: 'https://www.example.com/'
* Found bundle for host www.example.com: 0x263b920
* Re-using existing connection! (#0) with host www.example.com
* Connected to www.example.com (123.45.67.89) port 443 (#0)
> GET / HTTP/1.1
> User-Agent: curl/7.35.0
> Host: www.example.com
> Accept: */*
>
< HTTP/1.1 301 Moved Permanently
* Server nginx/1.4.6 (Ubuntu) is not blacklisted
< Server: nginx/1.4.6 (Ubuntu)
< Date: Sat, 26 Nov 2016 08:56:23 GMT
< Content-Type: text/plain; charset=utf-8
< Content-Length: 63
< Connection: keep-alive
< X-Powered-By: Express
< Location: https://www.example.com/
< Vary: Accept, Accept-Encoding
< Strict-Transport-Security: max-age=63072000; includeSubdomains;
<
* Ignoring the response-body
* Connection #0 to host www.bestredflags.com left intact
* Maximum (50) redirects followed
问题:
- 有没有人看出我在哪里犯了错误?
- 我将我的 nginx 配置从我的 RHEL 7.3 服务器 运行
nginx version: nginx/1.10.2(没有问题)复制到我的 Ubuntu 14.04 运行nginx version: nginx/1.4.6 (Ubuntu)这可能是我问题的一部分吗?- 在推送 vHost 配置更改之前,我没有收到来自
nginx -t的错误。 - 这让我认为我的 vHost 没有问题,但 vHost 配置错误似乎也是合乎逻辑的选择。
- 在推送 vHost 配置更改之前,我没有收到来自
- 我之前想知道的是,这在 nginx 中似乎比在 apache 中重定向
null到www到https://www要长得多。 我这样做是否适合 nginx?
我希望这不是太多信息。我绝对不想提供太少的信息。
感谢您的帮助/指点。
这真是太尴尬了,但我在比较配置时发现我的生产服务器 ghost 不需要在 config.js 中指定 https。这导致了我的第一个无限重定向循环。
PROD : SuperUser Shell : ghost/ > # grep sitename config.js
url: 'http://www.sitename.com',
url: 'http://www.sitename.com',
PROD : SuperUser Shell : ghost/ > #
其次,我在重新启用 DNS 保护时收到了来自 CloudFlare 的另一个重定向循环
- 要更正此问题,请转到“概述”选项卡 >“设置摘要”> 单击“SSL”并将 SSL 从 "Flexible " 更改为 "Full (Strict)"。