我是我的服务器上的php-fpm的nginx。 我使用SSL(Let's Encrypt)configuration了nginx,并将HTTPS设置为默认值而不是HTTP。 问题是当通过HTTP访问网页时,php文件被下载,但在HTTPS中,脚本工作。 我重新启动nginx / php清理caching,尝试其他浏览器,chmod和问题依然存在。
我使用ajenti作为控制面板,所以configuration是自动生成的。
client_max_body_size 128m; large_client_header_buffers 4 64k; add_header X-Content-Type-Options "nosniff"; add_header X-Frame-Options "SAMEORIGIN"; add_header X-XSS-Protection "1;mode=block"; add_header X-Content-Security-Policy "allow 'self';"; ssl_prefer_server_ciphers on; ssl_ciphers EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5; ssl_dhparam /etc/ssl/certs/dhparam.pem; ssl_session_timeout 1d; ssl_session_cache shared:SSL:10m; ssl_session_tickets off; ssl_stapling on; ssl_stapling_verify on; ssl_trusted_certificate /etc/letsencrypt/trustchain.pem; resolver 8.8.8.8 8.8.4.4; server { listen *:80 http2; listen *:443 ssl http2 default_server; ssl_certificate /etc/letsencrypt/live/domain.xyz/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/domain.xyz/privkey.pem; server_name domain.xyz; access_log /var/log/nginx/domainxyz.access.log; error_log /var/log/nginx/domainxyz.error.log; root /var/www/domain.xyz; index index.html index.htm index.php; location / { try_files $uri $uri/ /index.php?$args; } rewrite /wp-admin$ $scheme://$host$uri/ permanent; location = /favicon.ico { log_not_found off; access_log off; } location = /robots.txt { allow all; log_not_found off; access_log off; } location ~ /\. { deny all; } location ~* /(?:uploads|files)/.*\.php$ { deny all; } location /wp-admin { auth_basic "Acceso restringido"; auth_basic_user_file /var/www/pass.htpasswd; } location /wp-config.php { deny all; } location /wp-login.php { auth_basic "Acceso restringido"; auth_basic_user_file /var/www/pass.htpasswd; } location ~ /.well-known { allow all; } location ~ [^/]\.php(/|$) { fastcgi_index index.php; include fcgi.conf; fastcgi_pass unix:/var/run/ajenti-v-php7.0-fcgi-domainxyz-php7.0-fcgi-0.sock; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; } } nginx 1.11.1
php-fpm 7.0.8
Debian 8
你有一个奇怪的configuration。 在实践中,http2只能通过https工作。 您应该定义一个转发到https的服务器,而不是一个服务于这两个服务器的服务器。 您应该在每个文件中定义一个服务器
你应该阅读我的Nginx教程 ,但这里是关键部分。
把这个添加到你的nginx.conf中。 我改变了大多数人使用,启用网站启用网站,因为它更容易完成标签。
include /etc/nginx/enabled-sites/*;
主服务器,位于/etc/nginx/enabled-sites/example.com.conf
server { server_name www.example.com; listen 443 ssl http2; ssl_certificate /var/lib/acme/live/fullchain; ssl_certificate_key /var/lib/acme/live/privkey; # Set up preferred protocols and ciphers. TLS1.2 is required for HTTP/2 ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_prefer_server_ciphers on; ssl_ciphers ECDH+AESGCM:ECDH+AES256:ECDH+AES128:DH+3DES:!ADH:!AECDH:!MD5; # This is a cache for SSL connections ssl_session_cache shared:SSL:2m; ssl_session_timeout 60m; root /var/www/pts; // etc }
然后是转发服务器
# Redirect all variations to https://www domain server { listen 80; server_name example.com www.example.com; return 301 https://www.example.com$request_uri; }
我还定义了一个单独的默认服务器。 你可能应该使用更准确的返回码
server { listen 80 default_server; server_name _; access_log off; log_not_found off; return 418; # "I'm a teapot", effectively "go away" https://en.wikipedia.org/wiki/List_of_HTTP_status_codes#4xx_Client_Error
}