安装 letsencrypt 后如何修复路由器上的 404 nginx 错误
How to fix 404 nginx error on routers after letsencrypt installation
我正在 vestaCP+NGINX+php-fpm 和 laravel 后端设置新服务器 运行,在安装 letsencrypt 之后,我遇到了 404 错误我的路由器除了主页。 laravel.env 没问题,我的 nginx conf 如下,另外,控制面板为 ssl 创建了另一个 nginx conf 文件。该网站在 http 协议上没有任何问题。
server {
listen xx.xxx.xxx.xx:443;
server_name example.com www.example.com;
root /home/admin/web/example.com/public_html;
index index.php index.html index.htm;
access_log /var/log/nginx/domains/example.com.log combined;
access_log /var/log/nginx/domains/example.com.bytes bytes;
error_log /var/log/nginx/domains/example.com.error.log error;
ssl on;
ssl_certificate /home/admin/conf/web/ssl.example.com.pem;
ssl_certificate_key /home/admin/conf/web/ssl.example.com.key;
location / {
try_files $uri $uri/ /index.php$is_args$args;
location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
expires max;
}
location ~ [^/]\.php(/|$) {
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
if (!-f $document_root$fastcgi_script_name) {
fastcgi_pass 127.0.0.1:9001;
fastcgi_index index.php;
include /etc/nginx/fastcgi_params;
}
}
error_page 403 /error/404.html;
error_page 404 /error/404.html;
error_page 500 502 503 504 /error/50x.html;
location /error/ {
alias /home/admin/web/example.com/document_errors/;
}
location ~* "/\.(htaccess|htpasswd)$" {
deny all;
return 404;
}
location /vstats/ {
alias /home/admin/web/example.com/stats/;
include /home/admin/conf/web/example.com.auth*;
}
include /etc/nginx/conf.d/phpmyadmin.inc*;
include /etc/nginx/conf.d/phppgadmin.inc*;
include /etc/nginx/conf.d/webmail.inc*;
include /home/admin/conf/web/nginx.example.com.conf*;
}
问题
我不是 Nginx 专家,但在我看来所有 location 指令都应该在 server 指令中,而目前它们不是。您还嵌套了 location 指令,我认为它们不是必需的...
首先尝试用这个来解决这个问题:
server {
listen xx.xxx.xxx.xx:443;
server_name example.com www.example.com;
root /home/admin/web/example.com/public_html;
index index.php index.html index.htm;
access_log /var/log/nginx/domains/example.com.log combined;
access_log /var/log/nginx/domains/example.com.bytes bytes;
error_log /var/log/nginx/domains/example.com.error.log error;
ssl on;
ssl_certificate /home/admin/conf/web/ssl.example.com.pem;
ssl_certificate_key /home/admin/conf/web/ssl.example.com.key;
location / {
try_files $uri $uri/ /index.php$is_args$args;
}
location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
expires max;
}
location ~ \.php$ {
# https://nealpoole.com/blog/2011/04/setting-up-php-fastcgi-and-nginx-dont-trust-the-tutorials-check-your-configuration/
#try_files $uri =404;
#try index.php =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
#fastcgi_pass php:9000;
fastcgi_pass 127.0.0.1:9001;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_intercept_errors off;
fastcgi_buffer_size 16k;
fastcgi_buffers 4 16k;
}
error_page 403 /error/404.html;
error_page 404 /error/404.html;
error_page 500 502 503 504 /error/50x.html;
location /error/ {
alias /home/admin/web/example.com/document_errors/;
}
location ~* "/\.(htaccess|htpasswd)$" {
deny all;
return 404;
}
location /vstats/ {
alias /home/admin/web/example.com/stats/;
include /home/admin/conf/web/example.com.auth*;
}
include /etc/nginx/conf.d/phpmyadmin.inc*;
include /etc/nginx/conf.d/phppgadmin.inc*;
include /etc/nginx/conf.d/webmail.inc*;
include /home/admin/conf/web/nginx.example.com.conf*;
}
NOTE: This isn't tested, thus try it in development and if you fix any syntax in the file or an error please let me know so that I can update the answer. If you can't fix please let us know what went wrong so that we can try further help.
可能的改进
使用 Laravel 后,您可以尝试遵循开箱即用的 Nginx 配置 Php Docker Stack Laravel。
您需要复制以替换 Nginx conf server{} 指令中的当前位是这个位:
# In Laravel we only need serve index.php
location @proxyphp {
rewrite (.*) /index.php;
}
# serving only index.php increases the security in your application.
location ~ /index\.php$ {
# https://nealpoole.com/blog/2011/04/setting-up-php-fastcgi-and-nginx-dont-trust-the-tutorials-check-your-configuration/
#try_files $uri =404;
#try index.php =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass php:9000;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_intercept_errors off;
fastcgi_buffer_size 16k;
fastcgi_buffers 4 16k;
}
# Deny access to all php files that are not index.php
location ~ \.php$ {
deny all;
}
安全改进
在 Laravel 中,我们只需要服务 index.php 并且这样做可以提高应用程序的安全性,一旦它只有 1 个 public 入口点,而不是被访问Laravel 应用的 public 文件夹中的任何 *.php。
我正在 vestaCP+NGINX+php-fpm 和 laravel 后端设置新服务器 运行,在安装 letsencrypt 之后,我遇到了 404 错误我的路由器除了主页。 laravel.env 没问题,我的 nginx conf 如下,另外,控制面板为 ssl 创建了另一个 nginx conf 文件。该网站在 http 协议上没有任何问题。
server {
listen xx.xxx.xxx.xx:443;
server_name example.com www.example.com;
root /home/admin/web/example.com/public_html;
index index.php index.html index.htm;
access_log /var/log/nginx/domains/example.com.log combined;
access_log /var/log/nginx/domains/example.com.bytes bytes;
error_log /var/log/nginx/domains/example.com.error.log error;
ssl on;
ssl_certificate /home/admin/conf/web/ssl.example.com.pem;
ssl_certificate_key /home/admin/conf/web/ssl.example.com.key;
location / {
try_files $uri $uri/ /index.php$is_args$args;
location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
expires max;
}
location ~ [^/]\.php(/|$) {
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
if (!-f $document_root$fastcgi_script_name) {
fastcgi_pass 127.0.0.1:9001;
fastcgi_index index.php;
include /etc/nginx/fastcgi_params;
}
}
error_page 403 /error/404.html;
error_page 404 /error/404.html;
error_page 500 502 503 504 /error/50x.html;
location /error/ {
alias /home/admin/web/example.com/document_errors/;
}
location ~* "/\.(htaccess|htpasswd)$" {
deny all;
return 404;
}
location /vstats/ {
alias /home/admin/web/example.com/stats/;
include /home/admin/conf/web/example.com.auth*;
}
include /etc/nginx/conf.d/phpmyadmin.inc*;
include /etc/nginx/conf.d/phppgadmin.inc*;
include /etc/nginx/conf.d/webmail.inc*;
include /home/admin/conf/web/nginx.example.com.conf*;
}
问题
我不是 Nginx 专家,但在我看来所有 location 指令都应该在 server 指令中,而目前它们不是。您还嵌套了 location 指令,我认为它们不是必需的...
首先尝试用这个来解决这个问题:
server {
listen xx.xxx.xxx.xx:443;
server_name example.com www.example.com;
root /home/admin/web/example.com/public_html;
index index.php index.html index.htm;
access_log /var/log/nginx/domains/example.com.log combined;
access_log /var/log/nginx/domains/example.com.bytes bytes;
error_log /var/log/nginx/domains/example.com.error.log error;
ssl on;
ssl_certificate /home/admin/conf/web/ssl.example.com.pem;
ssl_certificate_key /home/admin/conf/web/ssl.example.com.key;
location / {
try_files $uri $uri/ /index.php$is_args$args;
}
location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
expires max;
}
location ~ \.php$ {
# https://nealpoole.com/blog/2011/04/setting-up-php-fastcgi-and-nginx-dont-trust-the-tutorials-check-your-configuration/
#try_files $uri =404;
#try index.php =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
#fastcgi_pass php:9000;
fastcgi_pass 127.0.0.1:9001;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_intercept_errors off;
fastcgi_buffer_size 16k;
fastcgi_buffers 4 16k;
}
error_page 403 /error/404.html;
error_page 404 /error/404.html;
error_page 500 502 503 504 /error/50x.html;
location /error/ {
alias /home/admin/web/example.com/document_errors/;
}
location ~* "/\.(htaccess|htpasswd)$" {
deny all;
return 404;
}
location /vstats/ {
alias /home/admin/web/example.com/stats/;
include /home/admin/conf/web/example.com.auth*;
}
include /etc/nginx/conf.d/phpmyadmin.inc*;
include /etc/nginx/conf.d/phppgadmin.inc*;
include /etc/nginx/conf.d/webmail.inc*;
include /home/admin/conf/web/nginx.example.com.conf*;
}
NOTE: This isn't tested, thus try it in development and if you fix any syntax in the file or an error please let me know so that I can update the answer. If you can't fix please let us know what went wrong so that we can try further help.
可能的改进
使用 Laravel 后,您可以尝试遵循开箱即用的 Nginx 配置 Php Docker Stack Laravel。
您需要复制以替换 Nginx conf server{} 指令中的当前位是这个位:
# In Laravel we only need serve index.php
location @proxyphp {
rewrite (.*) /index.php;
}
# serving only index.php increases the security in your application.
location ~ /index\.php$ {
# https://nealpoole.com/blog/2011/04/setting-up-php-fastcgi-and-nginx-dont-trust-the-tutorials-check-your-configuration/
#try_files $uri =404;
#try index.php =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass php:9000;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_intercept_errors off;
fastcgi_buffer_size 16k;
fastcgi_buffers 4 16k;
}
# Deny access to all php files that are not index.php
location ~ \.php$ {
deny all;
}
安全改进
在 Laravel 中,我们只需要服务 index.php 并且这样做可以提高应用程序的安全性,一旦它只有 1 个 public 入口点,而不是被访问Laravel 应用的 public 文件夹中的任何 *.php。