Apache 虚拟主机根、www 和子域设置,包括 http 到 https
Apache virtualhost root, www and sub-domain setup including http to https
我很困惑。非常感谢您的帮助。
AWS EC2 上的两个网站(wordpress 和另一个 php 工具)Ubuntu
18.04 实例 运行 LAMP 堆栈。
我的意图是实现:
http://www.example.comhttp://example.comhttps://www.example.com
至:https://example.com.
和
http://app.example.com
至:https://app.example.com.
我配置了虚拟主机并按预期工作,然后我通过 letsencrypt 创建了 https 证书,它设置了 HTTP 到 HTTPS 的重定向……但是……出了点问题:
HTTP 全部重定向到 HTTPS。
https://app.example.com 解析到目标网站 - website1。
https://example.com 没有解析到 website2 - 它解析到 website1 - 请注意它没有重定向到应用程序。但在 https://example.com.
上显示 website1
我有两个虚拟主机配置文件,每个站点一个。两者都包含每个站点 80 和 443 配置,它们在下面。
SSL 证书的通用名称为 example.com,并列出了 app.example.com、www.example.com 和 example.com 的备用名称。
DNS 有 example.com A 到服务器 IP,www. 和 app. 是 CNAME 到 example.com。
app.example.com.conf - 网站 1
<VirtualHost *:80>
ServerAdmin jimmy@example.com
DocumentRoot /var/www/website1/
ServerName example.com
ServerAlias app.example.com
<Directory /var/www/website1/>
Options FollowSymlinks
AllowOverride All
Require all granted
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
RewriteEngine on
RewriteCond %{SERVER_NAME} =app.example.com [OR]
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerAdmin jimmy@example.com
DocumentRoot /var/www/website1
ServerName example.com
ServerAlias app.example.com
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
<Directory /var/www/website1/>
Options FollowSymlinks
AllowOverride All
Require all granted
</Directory>
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/example.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/example.com/privkey.pem
</VirtualHost>
</IfModule>
example.com.conf - 网站 2
<VirtualHost *:80>
ServerAdmin jim@example.com
ServerName example.com
ServerAlias example.com
DocumentRoot /var/www/website2
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
<Directory /var/www/website2/>
AllowOverride All
</Directory>
RewriteEngine on
RewriteCond %{SERVER_NAME} =example.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
<VirtualHost *:80>
ServerAdmin jim@example.com
ServerName example.com
ServerAlias www.example.com
DocumentRoot /var/www/website2
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
<Directory /var/www/website2/>
AllowOverride All
</Directory>
RewriteEngine on
RewriteCond %{SERVER_NAME} =www.example.com [OR]
RewriteCond %{SERVER_NAME} =example.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerAdmin jim@example.com
ServerName example.com
ServerAlias example.com
DocumentRoot /var/www/website2
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
<Directory /var/www/website2/>
AllowOverride All
</Directory>
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/example.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/example.com/privkey.pem
</VirtualHost>
</IfModule>
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerAdmin jim@example.com
ServerName example.com
ServerAlias www.example.com
DocumentRoot /var/www/website2
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
<Directory /var/www/website2/>
AllowOverride All
</Directory>
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/example.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/example.com/privkey.pem
</VirtualHost>
</IfModule>
非常感谢任何帮助、建议和任何其他想法!
https://example.com doesn't resolve to website2 - it resolves to website1 - note it's not redirecting to app. but showing website1 on https://example.com
是的,因为您所有的 vHost 都将 example.com 定义为 ServerName,我希望 website1 在配置中首先出现。
对于 app.example.com.conf(网站 1),您应该设置 ServerName app.example.com 并为 vhost:80 和 vhost:443 个容器。
vhost:80 容器中的 HTTP 到 HTTPS 重定向:
RewriteEngine on
RewriteCond %{SERVER_NAME} =app.example.com [OR]
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
可以简化为单个 mod_alias Redirect 指令:
Redirect 301 / https://app.example.com/
对于 example.com.conf(网站 2),您复制了 vhost:80 和 vhost:443 容器并定义了相同的 ServerName example.com在每个 - 这是一个错误。完全有可能有 4 个这样的容器(并使用 mod_alias Redirect 指令),但是您需要为每个 vHost 设置唯一的 ServerName 指令并减少重复。
从您的角度来看,最简单的方法可能只是删除第二个(重复的)vhost:80 和 vhost:443 容器,并在 vhost:80 和 vhost:443 剩余的容器。
ServerName example.com
ServerAlias www.example.com
I then created the https cert through letsencrypt which setup the HTTP to HTTPS redirects
使用 LetsEncrypt 创建 SSL 证书不应该 "setup the HTTP to HTTPS redirects"?
我很困惑。非常感谢您的帮助。
AWS EC2 上的两个网站(wordpress 和另一个 php 工具)Ubuntu 18.04 实例 运行 LAMP 堆栈。
我的意图是实现:
http://www.example.comhttp://example.comhttps://www.example.com
至:https://example.com.
和
http://app.example.com
至:https://app.example.com.
我配置了虚拟主机并按预期工作,然后我通过 letsencrypt 创建了 https 证书,它设置了 HTTP 到 HTTPS 的重定向……但是……出了点问题:
HTTP 全部重定向到 HTTPS。
https://app.example.com 解析到目标网站 - website1。
https://example.com 没有解析到 website2 - 它解析到 website1 - 请注意它没有重定向到应用程序。但在 https://example.com.
我有两个虚拟主机配置文件,每个站点一个。两者都包含每个站点 80 和 443 配置,它们在下面。
SSL 证书的通用名称为 example.com,并列出了 app.example.com、www.example.com 和 example.com 的备用名称。
DNS 有 example.com A 到服务器 IP,www. 和 app. 是 CNAME 到 example.com。
app.example.com.conf - 网站 1
<VirtualHost *:80>
ServerAdmin jimmy@example.com
DocumentRoot /var/www/website1/
ServerName example.com
ServerAlias app.example.com
<Directory /var/www/website1/>
Options FollowSymlinks
AllowOverride All
Require all granted
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
RewriteEngine on
RewriteCond %{SERVER_NAME} =app.example.com [OR]
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerAdmin jimmy@example.com
DocumentRoot /var/www/website1
ServerName example.com
ServerAlias app.example.com
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
<Directory /var/www/website1/>
Options FollowSymlinks
AllowOverride All
Require all granted
</Directory>
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/example.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/example.com/privkey.pem
</VirtualHost>
</IfModule>
example.com.conf - 网站 2
<VirtualHost *:80>
ServerAdmin jim@example.com
ServerName example.com
ServerAlias example.com
DocumentRoot /var/www/website2
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
<Directory /var/www/website2/>
AllowOverride All
</Directory>
RewriteEngine on
RewriteCond %{SERVER_NAME} =example.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
<VirtualHost *:80>
ServerAdmin jim@example.com
ServerName example.com
ServerAlias www.example.com
DocumentRoot /var/www/website2
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
<Directory /var/www/website2/>
AllowOverride All
</Directory>
RewriteEngine on
RewriteCond %{SERVER_NAME} =www.example.com [OR]
RewriteCond %{SERVER_NAME} =example.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerAdmin jim@example.com
ServerName example.com
ServerAlias example.com
DocumentRoot /var/www/website2
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
<Directory /var/www/website2/>
AllowOverride All
</Directory>
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/example.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/example.com/privkey.pem
</VirtualHost>
</IfModule>
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerAdmin jim@example.com
ServerName example.com
ServerAlias www.example.com
DocumentRoot /var/www/website2
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
<Directory /var/www/website2/>
AllowOverride All
</Directory>
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/example.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/example.com/privkey.pem
</VirtualHost>
</IfModule>
非常感谢任何帮助、建议和任何其他想法!
https://example.comdoesn't resolve to website2 - it resolves to website1 - note it's not redirecting to app. but showing website1 onhttps://example.com
是的,因为您所有的 vHost 都将 example.com 定义为 ServerName,我希望 website1 在配置中首先出现。
对于 app.example.com.conf(网站 1),您应该设置 ServerName app.example.com 并为 vhost:80 和 vhost:443 个容器。
vhost:80 容器中的 HTTP 到 HTTPS 重定向:
RewriteEngine on RewriteCond %{SERVER_NAME} =app.example.com [OR] RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
可以简化为单个 mod_alias Redirect 指令:
Redirect 301 / https://app.example.com/
对于 example.com.conf(网站 2),您复制了 vhost:80 和 vhost:443 容器并定义了相同的 ServerName example.com在每个 - 这是一个错误。完全有可能有 4 个这样的容器(并使用 mod_alias Redirect 指令),但是您需要为每个 vHost 设置唯一的 ServerName 指令并减少重复。
从您的角度来看,最简单的方法可能只是删除第二个(重复的)vhost:80 和 vhost:443 容器,并在 vhost:80 和 vhost:443 剩余的容器。
ServerName example.com
ServerAlias www.example.com
I then created the https cert through letsencrypt which setup the HTTP to HTTPS redirects
使用 LetsEncrypt 创建 SSL 证书不应该 "setup the HTTP to HTTPS redirects"?