Nginx + PHP-FPM 返回二进制文件而不是在 FireFox / 移动浏览器中提供网页

Nginx + PHP-FPM is returning binary file instead of serving the web page in FireFox / Mobile browsers

我在 Ubuntu 20.04 VPS 运行 的 LEMP 堆栈上部署了一个 laravel 应用程序,我注意到该站点在 chrome 中加载正常,但是在 FireFox / 移动浏览器中 - 它似乎正在返回一个包含以下内容的文件 (application/octet-stream):

0000 1204 0000 0000 0000 0300 0000 8000
0400 0100 0000 0500 ffff ff00 0004 0800
0000 0000 7fff 0000 0000 0807 0000 0000
0000 0000 0000 0000 01

这是我的设置。

/etc/nginx/nginx.conf

user www;
worker_processes auto;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;

events {
    worker_connections 768;
    use epoll;
    multi_accept on;
}

http {

    include /etc/nginx/mime.types;
    default_type application/octet-stream;
    server_tokens off;

    ssl_protocols TLSv1.2; # Requires nginx >= 1.13.0 else use TLSv1.2
    ssl_prefer_server_ciphers on;
    ssl_dhparam /etc/nginx/dhparam.pem; # openssl dhparam -out /etc/nginx/dhparam.pem 4096
    ssl_ciphers "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH+aRSA+RC4 EECDH EDH+aRSA HIGH !RC4 !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS";
    ssl_ecdh_curve secp384r1; # Requires nginx >= 1.1.0
    ssl_session_timeout 10m;
    ssl_session_cache shared:SSL:10m;
    ssl_session_tickets off; # Requires nginx >= 1.5.9
    ssl_stapling on; # Requires nginx >= 1.3.7
    ssl_stapling_verify on; # Requires nginx => 1.3.7
    resolver 8.8.8.8 8.8.4.4 valid=300s;
    resolver_timeout 5s;
    add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload";
    add_header X-Frame-Options DENY;
    add_header X-Content-Type-Options nosniff;
    add_header X-XSS-Protection "1; mode=block";

    access_log off;
    log_not_found off;
    error_log /var/log/nginx/error.log crit;

    open_file_cache max=2000 inactive=20s;
    open_file_cache_valid 60s;
    open_file_cache_min_uses 5;
    open_file_cache_errors off;

    server_names_hash_bucket_size 100;
    client_header_buffer_size 1k;
    large_client_header_buffers 4 16k;
    client_max_body_size 50m;
    client_body_buffer_size 1m;
    client_body_timeout 15;
    client_header_timeout 15;
    keepalive_timeout 75;
    send_timeout 15;
    sendfile on;
    tcp_nopush on;
    tcp_nodelay on;

    gzip on;
    gzip_disable "msie6";
    gzip_vary on;
    gzip_proxied any;
    gzip_comp_level 6;
    gzip_min_length 1100;
    gzip_buffers 16 8k;
    gzip_http_version 1.1;
    gzip_types application/javascript application/rss+xml application/vnd.ms-fontobject application/x-font application/x-font-opentype application/x-font-otf application/x-font-truetype application/x-font-ttf application/x-javascript application/xhtml+xml application/xml font/opentype font/otf font/ttf image/svg+xml image/x-icon text/css text/javascript text/plain text/xml;

    include /etc/nginx/conf.d/*.conf;
    include /etc/nginx/sites-enabled/*;
}

/etc/nginx/sites-enabled/www.domain.com.conf

server {

    root /home/www/www.domain.com/application/public;

    add_header X-Frame-Options "SAMEORIGIN";
    add_header X-XSS-Protection "1; mode=block";
    add_header X-Content-Type-Options "nosniff";
    add_header Strict-Transport-Security "max-age=31536000; includeSubdomains; preload";

    index index.html index.htm index.php;

    charset utf-8;

    server_name domain.com www.domain.com;

    location / {
        try_files $uri $uri/ /index.php?$query_string;
    }

    error_page 404 /index.php;

    location ~ \.php$ {
        include snippets/fastcgi-php.conf;
        fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
        fastcgi_pass unix:/run/php/php7.3-fpm.sock;
    }

    location ~ /\.(?!well-known).* {
        deny all;
    }

    listen 443 ssl http2; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/domain.com/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/domain.com/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
    ssl_stapling on;
    ssl_stapling_verify on;
    ssl_trusted_certificate /etc/letsencrypt/live/domain.com/fullchain.pem;
}

server {

    if ($host = www.domain.com) {
        return 301 https://$host$request_uri;
    } # managed by Certbot

    if ($host = domain.com) {
        return 301 https://$host$request_uri;
    } # managed by Certbot

    listen 80 default_server http2;

    server_name domain.com www.domain.com;
    return 404; # managed by Certbot

}

/etc/php/7.3/fpm/pool.d/global.conf

[global]

emergency_restart_threshold = 10
emergency_restart_interval = 1m
process_control_timeout = 10s

/etc/php/7.3/fpm/pool.d/www.conf

[www]

user = www
group = www
listen = /run/php/php7.3-fpm.sock
listen.owner = www
listen.group = www
listen.mode = 0660

pm = static
pm.max_children = 5
pm.start_servers = 2
pm.min_spare_servers = 1
pm.max_spare_servers = 3
pm.process_idle_timeout = 10s;
pm.max_requests = 500

request_terminate_timeout = 15s
rlimit_files = 65536
rlimit_core = 0
catch_workers_output = yes

env[HOSTNAME] = $HOSTNAME
env[TMP] = /tmp
env[TMPDIR] = /tmp
env[TEMP] = /tmp

php_admin_value[error_log] = /var/log/php-fpm-www-errors.log
php_admin_flag[log_errors] = On
php_admin_flag[display_errors] = Off
php_value[error_reporting] = E_ALL & ~E_DEPRECATED
php_value[memory_limit] = 128M
php_value[max_execution_time] = 10
php_value[max_input_time] = 10
php_value[max_input_vars] = 2500
php_value[post_max_size] = 30M
php_value[upload_max_filesize] = 30M
php_value[default_socket_timeout] = 10
php_value[realpath_cache_size] = 128k
php_value[realpath_cache_ttl] = 86400
php_value[expose_php] = 0

很抱歉 post,但我尝试 post 我配置的所有与问题相关的配置。

任何想法可能是错误的?感谢任何帮助 - 第一次遇到这个问题。

/etc/nginx/nginx.conf 在 http 有

default_type application/octet-stream;

改为plain/textplain/html

我已经解决了这个问题,这是由于在我的虚拟主机 /etc/nginx/sites-enabled/www.domain.com.conf 服务器块中使用 http2 造成的:

listen 443 ssl http2;

listen 80 default_server http2;

固定配置:

# Default server configuration
server {

    root /home/www/www.domain.com/application/public;

    add_header X-Frame-Options "SAMEORIGIN";
    add_header X-XSS-Protection "1; mode=block";
    add_header X-Content-Type-Options "nosniff";
    add_header Strict-Transport-Security "max-age=31536000; includeSubdomains; preload";

    index index.html index.htm index.php;

    charset utf-8;

    server_name domain.com www.domain.com;

    location / {
        try_files $uri $uri/ /index.php?$query_string;
    }

    error_page 404 /index.php;

    location ~ \.php$ {
        include snippets/fastcgi-php.conf;
        fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
        fastcgi_pass unix:/run/php/php7.3-fpm.sock;
    }

    location ~ /\.(?!well-known).* {
        deny all;
    }

    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/domain.com/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/domain.com/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
    ssl_stapling on;
    ssl_stapling_verify on;
    ssl_trusted_certificate /etc/letsencrypt/live/domain.com/fullchain.pem;
}

# HTTPS redirect
server {

    if ($host = www.domain.com) {
        return 301 https://$host$request_uri;
    } # managed by Certbot

    if ($host = domain.com) {
        return 301 https://$host$request_uri;
    } # managed by Certbot

    listen 80 default_server;

    server_name domain.com www.domain.com;
    return 404; # managed by Certbot

}