使用 Gunicorn 的 Nginx 反向代理以不同方式处理站点名称
Nginx Reverse Proxy with Gunicorn Treats Site Names Differently
我们有一个 Django 项目,使用 Nginx 和 Gunicorn 反向代理设置在生产环境中提供服务。除了一个小细节外,一切似乎都正常。不知何故,浏览器将以下地址“视为”不同的会话。
假设我使用 example.com 地址登录站点。
然后,如果我访问https://www.example.com,浏览器看不到用户已经登录。
当我访问 www.example.com 时,我在浏览器中收到来自 Nginx 的 404 错误。
我怀疑这与 Nginx 或 Gunicorn 的设置方式有关。感谢任何有关如何解决此差异的帮助。
Nginx 配置:
server {
root /home/example/mysite;
# Add index.php to the list if you are using PHP
index index.html index.htm;
server_name example.com www.example.com;
client_max_body_size 512M;
location /static/ {
alias /home/example/mysite/static/;
expires 30d;
add_header Vary Accept-Encoding;
access_log off;
}
location /media {
alias /home/example/mysite/media/;
expires 30d;
add_header Vary Accept-Encoding;
access_log off;
}
location / {
# try_files $uri $uri/ =404;
proxy_pass http://127.0.0.1:8080;
proxy_set_header Host $server_name;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Protocol $scheme;
proxy_connect_timeout 6000;
proxy_send_timeout 6000;
proxy_read_timeout 6000;
send_timeout 6000;
}
listen [::]:443 ssl ipv6only=on; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /home/ubuntu/ssl/example_com_chain.crt;
ssl_certificate_key /home/ubuntu/ssl/server.key;
#include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
#ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = example.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80 default_server;
listen [::]:80 default_server;
server_name example.com www.example.com;
return 404; # managed by Certbot
}
重定向
http://www.example.com
http://example.com
https://www.example.com
到
https://example.com
您需要像这样更改 nginx vhost 配置文件:
# Resirect 'http www' and 'http non-www' traffic to 'https non-www'
server {
listen 80;
server_name example.com www.example.com;
return 301 https://example.com$request_uri;
}
# Resirect 'https www' traffic to 'https non-www'
server {
listen 443 ssl;
server_name www.example.com;
return 301 https://example.com$request_uri;
}
# https://example.com
server {
listen [::]:443 ssl ipv6only=on; # managed by Certbot
listen 443 ssl; # managed by Certbot
server_name example.com;
root /home/example/mysite;
# Add index.php to the list if you are using PHP
index index.html index.htm;
client_max_body_size 512M;
location /static/ {
alias /home/example/mysite/static/;
expires 30d;
add_header Vary Accept-Encoding;
access_log off;
}
location /media {
alias /home/example/mysite/media/;
expires 30d;
add_header Vary Accept-Encoding;
access_log off;
}
location / {
# try_files $uri $uri/ =404;
proxy_pass http://127.0.0.1:8080; # HERE review this line it should be the server IP not localhost
proxy_set_header Host $server_name;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Protocol $scheme;
proxy_connect_timeout 6000;
proxy_send_timeout 6000;
proxy_read_timeout 6000;
send_timeout 6000;
}
ssl_certificate /home/ubuntu/ssl/example_com_chain.crt;
ssl_certificate_key /home/ubuntu/ssl/server.key;
# include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
# ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
这个帖子可能对你有帮助https://www.digitalocean.com/community/questions/redirecting-https-www-domain-to-non-www-domain-with-nginx(我的回答是基于)
在你的 settings.py:
ALLOWED_HOSTS = [
'example.com', # https non-www
]
# SESSION_COOKIE_SECURE = True
# CSRF_COOKIE_SECURE = True
有关详细信息,请参阅
我们有一个 Django 项目,使用 Nginx 和 Gunicorn 反向代理设置在生产环境中提供服务。除了一个小细节外,一切似乎都正常。不知何故,浏览器将以下地址“视为”不同的会话。
假设我使用 example.com 地址登录站点。
然后,如果我访问https://www.example.com,浏览器看不到用户已经登录。
当我访问 www.example.com 时,我在浏览器中收到来自 Nginx 的 404 错误。
我怀疑这与 Nginx 或 Gunicorn 的设置方式有关。感谢任何有关如何解决此差异的帮助。
Nginx 配置:
server {
root /home/example/mysite;
# Add index.php to the list if you are using PHP
index index.html index.htm;
server_name example.com www.example.com;
client_max_body_size 512M;
location /static/ {
alias /home/example/mysite/static/;
expires 30d;
add_header Vary Accept-Encoding;
access_log off;
}
location /media {
alias /home/example/mysite/media/;
expires 30d;
add_header Vary Accept-Encoding;
access_log off;
}
location / {
# try_files $uri $uri/ =404;
proxy_pass http://127.0.0.1:8080;
proxy_set_header Host $server_name;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Protocol $scheme;
proxy_connect_timeout 6000;
proxy_send_timeout 6000;
proxy_read_timeout 6000;
send_timeout 6000;
}
listen [::]:443 ssl ipv6only=on; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /home/ubuntu/ssl/example_com_chain.crt;
ssl_certificate_key /home/ubuntu/ssl/server.key;
#include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
#ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = example.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80 default_server;
listen [::]:80 default_server;
server_name example.com www.example.com;
return 404; # managed by Certbot
}
重定向
http://www.example.com
http://example.com
https://www.example.com
到
https://example.com
您需要像这样更改 nginx vhost 配置文件:
# Resirect 'http www' and 'http non-www' traffic to 'https non-www'
server {
listen 80;
server_name example.com www.example.com;
return 301 https://example.com$request_uri;
}
# Resirect 'https www' traffic to 'https non-www'
server {
listen 443 ssl;
server_name www.example.com;
return 301 https://example.com$request_uri;
}
# https://example.com
server {
listen [::]:443 ssl ipv6only=on; # managed by Certbot
listen 443 ssl; # managed by Certbot
server_name example.com;
root /home/example/mysite;
# Add index.php to the list if you are using PHP
index index.html index.htm;
client_max_body_size 512M;
location /static/ {
alias /home/example/mysite/static/;
expires 30d;
add_header Vary Accept-Encoding;
access_log off;
}
location /media {
alias /home/example/mysite/media/;
expires 30d;
add_header Vary Accept-Encoding;
access_log off;
}
location / {
# try_files $uri $uri/ =404;
proxy_pass http://127.0.0.1:8080; # HERE review this line it should be the server IP not localhost
proxy_set_header Host $server_name;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Protocol $scheme;
proxy_connect_timeout 6000;
proxy_send_timeout 6000;
proxy_read_timeout 6000;
send_timeout 6000;
}
ssl_certificate /home/ubuntu/ssl/example_com_chain.crt;
ssl_certificate_key /home/ubuntu/ssl/server.key;
# include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
# ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
这个帖子可能对你有帮助https://www.digitalocean.com/community/questions/redirecting-https-www-domain-to-non-www-domain-with-nginx(我的回答是基于)
在你的 settings.py:
ALLOWED_HOSTS = [
'example.com', # https non-www
]
# SESSION_COOKIE_SECURE = True
# CSRF_COOKIE_SECURE = True
有关详细信息,请参阅