Nginx + PHP-FPM 返回二进制文件而不是在 FireFox / 移动浏览器中提供网页
Nginx + PHP-FPM is returning binary file instead of serving the web page in FireFox / Mobile browsers
我在 Ubuntu 20.04 VPS 运行 的 LEMP 堆栈上部署了一个 laravel 应用程序,我注意到该站点在 chrome 中加载正常,但是在 FireFox / 移动浏览器中 - 它似乎正在返回一个包含以下内容的文件 (application/octet-stream):
0000 1204 0000 0000 0000 0300 0000 8000
0400 0100 0000 0500 ffff ff00 0004 0800
0000 0000 7fff 0000 0000 0807 0000 0000
0000 0000 0000 0000 01
这是我的设置。
/etc/nginx/nginx.conf
user www;
worker_processes auto;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;
events {
worker_connections 768;
use epoll;
multi_accept on;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
server_tokens off;
ssl_protocols TLSv1.2; # Requires nginx >= 1.13.0 else use TLSv1.2
ssl_prefer_server_ciphers on;
ssl_dhparam /etc/nginx/dhparam.pem; # openssl dhparam -out /etc/nginx/dhparam.pem 4096
ssl_ciphers "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH+aRSA+RC4 EECDH EDH+aRSA HIGH !RC4 !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS";
ssl_ecdh_curve secp384r1; # Requires nginx >= 1.1.0
ssl_session_timeout 10m;
ssl_session_cache shared:SSL:10m;
ssl_session_tickets off; # Requires nginx >= 1.5.9
ssl_stapling on; # Requires nginx >= 1.3.7
ssl_stapling_verify on; # Requires nginx => 1.3.7
resolver 8.8.8.8 8.8.4.4 valid=300s;
resolver_timeout 5s;
add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload";
add_header X-Frame-Options DENY;
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";
access_log off;
log_not_found off;
error_log /var/log/nginx/error.log crit;
open_file_cache max=2000 inactive=20s;
open_file_cache_valid 60s;
open_file_cache_min_uses 5;
open_file_cache_errors off;
server_names_hash_bucket_size 100;
client_header_buffer_size 1k;
large_client_header_buffers 4 16k;
client_max_body_size 50m;
client_body_buffer_size 1m;
client_body_timeout 15;
client_header_timeout 15;
keepalive_timeout 75;
send_timeout 15;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
gzip on;
gzip_disable "msie6";
gzip_vary on;
gzip_proxied any;
gzip_comp_level 6;
gzip_min_length 1100;
gzip_buffers 16 8k;
gzip_http_version 1.1;
gzip_types application/javascript application/rss+xml application/vnd.ms-fontobject application/x-font application/x-font-opentype application/x-font-otf application/x-font-truetype application/x-font-ttf application/x-javascript application/xhtml+xml application/xml font/opentype font/otf font/ttf image/svg+xml image/x-icon text/css text/javascript text/plain text/xml;
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}
/etc/nginx/sites-enabled/www.domain.com.conf
server {
root /home/www/www.domain.com/application/public;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Content-Type-Options "nosniff";
add_header Strict-Transport-Security "max-age=31536000; includeSubdomains; preload";
index index.html index.htm index.php;
charset utf-8;
server_name domain.com www.domain.com;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
error_page 404 /index.php;
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
fastcgi_pass unix:/run/php/php7.3-fpm.sock;
}
location ~ /\.(?!well-known).* {
deny all;
}
listen 443 ssl http2; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/domain.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/domain.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
ssl_stapling on;
ssl_stapling_verify on;
ssl_trusted_certificate /etc/letsencrypt/live/domain.com/fullchain.pem;
}
server {
if ($host = www.domain.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
if ($host = domain.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80 default_server http2;
server_name domain.com www.domain.com;
return 404; # managed by Certbot
}
/etc/php/7.3/fpm/pool.d/global.conf
[global]
emergency_restart_threshold = 10
emergency_restart_interval = 1m
process_control_timeout = 10s
/etc/php/7.3/fpm/pool.d/www.conf
[www]
user = www
group = www
listen = /run/php/php7.3-fpm.sock
listen.owner = www
listen.group = www
listen.mode = 0660
pm = static
pm.max_children = 5
pm.start_servers = 2
pm.min_spare_servers = 1
pm.max_spare_servers = 3
pm.process_idle_timeout = 10s;
pm.max_requests = 500
request_terminate_timeout = 15s
rlimit_files = 65536
rlimit_core = 0
catch_workers_output = yes
env[HOSTNAME] = $HOSTNAME
env[TMP] = /tmp
env[TMPDIR] = /tmp
env[TEMP] = /tmp
php_admin_value[error_log] = /var/log/php-fpm-www-errors.log
php_admin_flag[log_errors] = On
php_admin_flag[display_errors] = Off
php_value[error_reporting] = E_ALL & ~E_DEPRECATED
php_value[memory_limit] = 128M
php_value[max_execution_time] = 10
php_value[max_input_time] = 10
php_value[max_input_vars] = 2500
php_value[post_max_size] = 30M
php_value[upload_max_filesize] = 30M
php_value[default_socket_timeout] = 10
php_value[realpath_cache_size] = 128k
php_value[realpath_cache_ttl] = 86400
php_value[expose_php] = 0
很抱歉 post,但我尝试 post 我配置的所有与问题相关的配置。
任何想法可能是错误的?感谢任何帮助 - 第一次遇到这个问题。
在 /etc/nginx/nginx.conf 在 http
有
default_type application/octet-stream;
改为plain/text或plain/html
我已经解决了这个问题,这是由于在我的虚拟主机 /etc/nginx/sites-enabled/www.domain.com.conf 服务器块中使用 http2 造成的:
listen 443 ssl http2;
listen 80 default_server http2;
固定配置:
# Default server configuration
server {
root /home/www/www.domain.com/application/public;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Content-Type-Options "nosniff";
add_header Strict-Transport-Security "max-age=31536000; includeSubdomains; preload";
index index.html index.htm index.php;
charset utf-8;
server_name domain.com www.domain.com;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
error_page 404 /index.php;
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
fastcgi_pass unix:/run/php/php7.3-fpm.sock;
}
location ~ /\.(?!well-known).* {
deny all;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/domain.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/domain.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
ssl_stapling on;
ssl_stapling_verify on;
ssl_trusted_certificate /etc/letsencrypt/live/domain.com/fullchain.pem;
}
# HTTPS redirect
server {
if ($host = www.domain.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
if ($host = domain.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80 default_server;
server_name domain.com www.domain.com;
return 404; # managed by Certbot
}
我在 Ubuntu 20.04 VPS 运行 的 LEMP 堆栈上部署了一个 laravel 应用程序,我注意到该站点在 chrome 中加载正常,但是在 FireFox / 移动浏览器中 - 它似乎正在返回一个包含以下内容的文件 (application/octet-stream):
0000 1204 0000 0000 0000 0300 0000 8000
0400 0100 0000 0500 ffff ff00 0004 0800
0000 0000 7fff 0000 0000 0807 0000 0000
0000 0000 0000 0000 01
这是我的设置。
/etc/nginx/nginx.conf
user www;
worker_processes auto;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;
events {
worker_connections 768;
use epoll;
multi_accept on;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
server_tokens off;
ssl_protocols TLSv1.2; # Requires nginx >= 1.13.0 else use TLSv1.2
ssl_prefer_server_ciphers on;
ssl_dhparam /etc/nginx/dhparam.pem; # openssl dhparam -out /etc/nginx/dhparam.pem 4096
ssl_ciphers "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH+aRSA+RC4 EECDH EDH+aRSA HIGH !RC4 !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS";
ssl_ecdh_curve secp384r1; # Requires nginx >= 1.1.0
ssl_session_timeout 10m;
ssl_session_cache shared:SSL:10m;
ssl_session_tickets off; # Requires nginx >= 1.5.9
ssl_stapling on; # Requires nginx >= 1.3.7
ssl_stapling_verify on; # Requires nginx => 1.3.7
resolver 8.8.8.8 8.8.4.4 valid=300s;
resolver_timeout 5s;
add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload";
add_header X-Frame-Options DENY;
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";
access_log off;
log_not_found off;
error_log /var/log/nginx/error.log crit;
open_file_cache max=2000 inactive=20s;
open_file_cache_valid 60s;
open_file_cache_min_uses 5;
open_file_cache_errors off;
server_names_hash_bucket_size 100;
client_header_buffer_size 1k;
large_client_header_buffers 4 16k;
client_max_body_size 50m;
client_body_buffer_size 1m;
client_body_timeout 15;
client_header_timeout 15;
keepalive_timeout 75;
send_timeout 15;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
gzip on;
gzip_disable "msie6";
gzip_vary on;
gzip_proxied any;
gzip_comp_level 6;
gzip_min_length 1100;
gzip_buffers 16 8k;
gzip_http_version 1.1;
gzip_types application/javascript application/rss+xml application/vnd.ms-fontobject application/x-font application/x-font-opentype application/x-font-otf application/x-font-truetype application/x-font-ttf application/x-javascript application/xhtml+xml application/xml font/opentype font/otf font/ttf image/svg+xml image/x-icon text/css text/javascript text/plain text/xml;
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}
/etc/nginx/sites-enabled/www.domain.com.conf
server {
root /home/www/www.domain.com/application/public;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Content-Type-Options "nosniff";
add_header Strict-Transport-Security "max-age=31536000; includeSubdomains; preload";
index index.html index.htm index.php;
charset utf-8;
server_name domain.com www.domain.com;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
error_page 404 /index.php;
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
fastcgi_pass unix:/run/php/php7.3-fpm.sock;
}
location ~ /\.(?!well-known).* {
deny all;
}
listen 443 ssl http2; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/domain.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/domain.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
ssl_stapling on;
ssl_stapling_verify on;
ssl_trusted_certificate /etc/letsencrypt/live/domain.com/fullchain.pem;
}
server {
if ($host = www.domain.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
if ($host = domain.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80 default_server http2;
server_name domain.com www.domain.com;
return 404; # managed by Certbot
}
/etc/php/7.3/fpm/pool.d/global.conf
[global]
emergency_restart_threshold = 10
emergency_restart_interval = 1m
process_control_timeout = 10s
/etc/php/7.3/fpm/pool.d/www.conf
[www]
user = www
group = www
listen = /run/php/php7.3-fpm.sock
listen.owner = www
listen.group = www
listen.mode = 0660
pm = static
pm.max_children = 5
pm.start_servers = 2
pm.min_spare_servers = 1
pm.max_spare_servers = 3
pm.process_idle_timeout = 10s;
pm.max_requests = 500
request_terminate_timeout = 15s
rlimit_files = 65536
rlimit_core = 0
catch_workers_output = yes
env[HOSTNAME] = $HOSTNAME
env[TMP] = /tmp
env[TMPDIR] = /tmp
env[TEMP] = /tmp
php_admin_value[error_log] = /var/log/php-fpm-www-errors.log
php_admin_flag[log_errors] = On
php_admin_flag[display_errors] = Off
php_value[error_reporting] = E_ALL & ~E_DEPRECATED
php_value[memory_limit] = 128M
php_value[max_execution_time] = 10
php_value[max_input_time] = 10
php_value[max_input_vars] = 2500
php_value[post_max_size] = 30M
php_value[upload_max_filesize] = 30M
php_value[default_socket_timeout] = 10
php_value[realpath_cache_size] = 128k
php_value[realpath_cache_ttl] = 86400
php_value[expose_php] = 0
很抱歉 post,但我尝试 post 我配置的所有与问题相关的配置。
任何想法可能是错误的?感谢任何帮助 - 第一次遇到这个问题。
在 /etc/nginx/nginx.conf 在 http
有
default_type application/octet-stream;
改为plain/text或plain/html
我已经解决了这个问题,这是由于在我的虚拟主机 /etc/nginx/sites-enabled/www.domain.com.conf 服务器块中使用 http2 造成的:
listen 443 ssl http2;
listen 80 default_server http2;
固定配置:
# Default server configuration
server {
root /home/www/www.domain.com/application/public;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Content-Type-Options "nosniff";
add_header Strict-Transport-Security "max-age=31536000; includeSubdomains; preload";
index index.html index.htm index.php;
charset utf-8;
server_name domain.com www.domain.com;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
error_page 404 /index.php;
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
fastcgi_pass unix:/run/php/php7.3-fpm.sock;
}
location ~ /\.(?!well-known).* {
deny all;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/domain.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/domain.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
ssl_stapling on;
ssl_stapling_verify on;
ssl_trusted_certificate /etc/letsencrypt/live/domain.com/fullchain.pem;
}
# HTTPS redirect
server {
if ($host = www.domain.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
if ($host = domain.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80 default_server;
server_name domain.com www.domain.com;
return 404; # managed by Certbot
}