https 上的 301 永久重定向,但 http 工作正常
301 Permanent Redirect on https but http works fine
当我运行
curl -I http://myapp.com/
curl -I https://myapp.com/
http
returns
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 05 Mar 2019 17:46:29 GMT
Content-Type: text/html
Content-Length: 612
Last-Modified: Tue, 31 Jan 2017 15:01:11 GMT
Connection: keep-alive
ETag: "5890a6b7-264"
Accept-Ranges: bytes
而 https
returns
HTTP/1.1 301 Moved Permanently
Server: nginx/1.10.3 (Ubuntu)
Date: Tue, 05 Mar 2019 17:50:29 GMT
Content-Type: text/html
Content-Length: 194
Connection: keep-alive
Location: https://www.myapp.com/
curl: (47) Maximum (50) redirects followed
我显然无法访问域,我收到错误 ERR_TOO_MANY_REDIRECTS
因为 Let's Encrypt 设置为将任何 http 请求重定向到 https。
我看到两个选项,停用 https
并通过 http
访问该站点,或者找出 https
上发生 301 Permanent Redirect
的原因。
我最初通过删除行
摆脱了 http
上的 301 Permanent Redirect
return 301 https://$server_name$request_uri;
我的 nginx 配置文件
server {
listen 80;
servername myapp.com www.myapp.com;
servertokens off;
}
server {
listen 443 ssl; # managed by Certbot
server_name myapp.com www.myapp.com;
ssl_certificate /etc/letsencrypt/live/myapp.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/myapp.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
root /home/me/myapp/src/myapp;
location = /favicon.ico { access_log off; log_not_found off; }
location /static/ {
root /home/me/myapp/src/myapp;
}
location /media/ {
root /home/me/myapp/src/myapp;
}
location / {
try_files $uri/ @python_django;
}
location @python_django {
proxy_pass http://127.0.0.1:8001;
proxy_pass_request_headers on;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_redirect off;
}
}
我非常需要帮助,拜托!!!
您可以采用这种替代方法。我发现处理重定向更简单一些。
server {
listen 80;
#listen [::]:80 ipv6only=on;
server_name your.server.com;
access_log /etc/nginx/access.log;
root /var/www/html/someroot;
location / {
#autoindex on;
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
# try_files $uri =404;
#proxy_set_header X-Real-IP $remote_addr;
#proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
#proxy_set_header Host $http_host;
#proxy_set_header X-NginX-Proxy true;
#proxy_pass http://127.0.0.1:8080/;
#proxy_redirect off;
#proxy_http_version 1.1;
#proxy_set_header Upgrade $http_upgrade;
#proxy_set_header Connection "upgrade";
#proxy_redirect off;
#proxy_set_header X-Forwarded-Proto $scheme;
#proxy_cache one;
#proxy_cache_key sfs$request_uri$scheme;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/some/fullchain.pem;
# managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/some/privkey.pem;
# managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
if ($scheme != "https") {
return 301 https://$host$request_uri;
}
}
注意最后一个 if 子句。这就是所有重定向发生的地方。基本上,您只使用一个服务器块并监听所有通过端口 80 和 443 的流量。当有人访问端口 80 时,请求被重定向到 443。对我来说效果很好。让我知道它是否也适合你。
当我运行
curl -I http://myapp.com/
curl -I https://myapp.com/
http
returns
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 05 Mar 2019 17:46:29 GMT
Content-Type: text/html
Content-Length: 612
Last-Modified: Tue, 31 Jan 2017 15:01:11 GMT
Connection: keep-alive
ETag: "5890a6b7-264"
Accept-Ranges: bytes
而 https
returns
HTTP/1.1 301 Moved Permanently
Server: nginx/1.10.3 (Ubuntu)
Date: Tue, 05 Mar 2019 17:50:29 GMT
Content-Type: text/html
Content-Length: 194
Connection: keep-alive
Location: https://www.myapp.com/
curl: (47) Maximum (50) redirects followed
我显然无法访问域,我收到错误 ERR_TOO_MANY_REDIRECTS
因为 Let's Encrypt 设置为将任何 http 请求重定向到 https。
我看到两个选项,停用 https
并通过 http
访问该站点,或者找出 https
上发生 301 Permanent Redirect
的原因。
我最初通过删除行
摆脱了http
上的 301 Permanent Redirect
return 301 https://$server_name$request_uri;
我的 nginx 配置文件
server {
listen 80;
servername myapp.com www.myapp.com;
servertokens off;
}
server {
listen 443 ssl; # managed by Certbot
server_name myapp.com www.myapp.com;
ssl_certificate /etc/letsencrypt/live/myapp.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/myapp.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
root /home/me/myapp/src/myapp;
location = /favicon.ico { access_log off; log_not_found off; }
location /static/ {
root /home/me/myapp/src/myapp;
}
location /media/ {
root /home/me/myapp/src/myapp;
}
location / {
try_files $uri/ @python_django;
}
location @python_django {
proxy_pass http://127.0.0.1:8001;
proxy_pass_request_headers on;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_redirect off;
}
}
我非常需要帮助,拜托!!!
您可以采用这种替代方法。我发现处理重定向更简单一些。
server {
listen 80;
#listen [::]:80 ipv6only=on;
server_name your.server.com;
access_log /etc/nginx/access.log;
root /var/www/html/someroot;
location / {
#autoindex on;
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
# try_files $uri =404;
#proxy_set_header X-Real-IP $remote_addr;
#proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
#proxy_set_header Host $http_host;
#proxy_set_header X-NginX-Proxy true;
#proxy_pass http://127.0.0.1:8080/;
#proxy_redirect off;
#proxy_http_version 1.1;
#proxy_set_header Upgrade $http_upgrade;
#proxy_set_header Connection "upgrade";
#proxy_redirect off;
#proxy_set_header X-Forwarded-Proto $scheme;
#proxy_cache one;
#proxy_cache_key sfs$request_uri$scheme;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/some/fullchain.pem;
# managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/some/privkey.pem;
# managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
if ($scheme != "https") {
return 301 https://$host$request_uri;
}
}
注意最后一个 if 子句。这就是所有重定向发生的地方。基本上,您只使用一个服务器块并监听所有通过端口 80 和 443 的流量。当有人访问端口 80 时,请求被重定向到 443。对我来说效果很好。让我知道它是否也适合你。