我希望有人能帮助我解决这个奇怪的问题。 在“干净的”服务器安装,我有以下“website.com”和nginxconfiguration,但如果您尝试去www.website.com的http版本,它呈现默认的 nginx页面,而不是转发到https版本就像它configuration的那样。 该网站正在使用AWS Linux ami,并在elb后面(因此是elb-check的指令)。
在我的/sites-available (和# ls -lah /sites-enabled d到/sites-enabled )中,我所拥有的(即使是在执行# ls -lah )是: default_server website.com elb-check
configuration(以及nginx.conf如下)。
先谢谢你! 请让我知道,如果有更多的信息/configuration你需要。
website.com:
# Send http www. to https www. server { listen 80; server_name www.website.com; return 301 $scheme://www.website.com$request_uri; server_tokens off; } # Send http non www. to https www. server { listen 80; server_name website.com; return 301 $scheme://www.website.com$request_uri; server_tokens off; } # Send https non www. to https www. server { listen 443 ssl; server_name website.com; return 301 $scheme://www.website.com$request_uri; server_tokens off; ssl_certificate "/path.to.crt"; ssl_certificate_key "/path.to.key"; ssl_dhparam "/etc/pki/nginx/dhparams.pem"; ssl_session_cache shared:SSL:1m; ssl_session_timeout 10m; ssl_protocols TLSv1.2; ssl_ciphers ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:!RC4:HIGH:!MD5:!aNULL:!EDH; ssl_prefer_server_ciphers on; } # Answer https and www. requests server { listen 443 ssl; server_name www.website.com; index index.html index.php; root /home/website/html; access_log /var/log/website/access.log; error_log /var/log/website/error.log; server_tokens off; ssl_certificate "/path.to.crt"; ssl_certificate_key "/path.to.key"; ssl_dhparam "/etc/pki/nginx/dhparams.pem"; ssl_session_cache shared:SSL:1m; ssl_session_timeout 10m; ssl_protocols TLSv1.2; ssl_ciphers ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:!RC4:HIGH:!MD5:!aNULL:!EDH; ssl_prefer_server_ciphers on; location / { root /home/website/html; try_files $uri $uri/ /index.php?$uri&$args; } location ~ /private\.php$ { auth_basic "Restricted Area"; auth_basic_user_file /home/website/.htpasswd; fastcgi_pass 127.0.0.1:9000; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; include fastcgi_params; } location ~ \.php$ { fastcgi_pass 127.0.0.1:9000; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; include fastcgi_params; } }
nginx.conf:
# nginx config user nginx; worker_processes auto; error_log /var/log/nginx/error.log; pid /var/run/nginx.pid; events { worker_connections 1024; } http { log_format main '$remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; access_log /var/log/nginx/access.log main; sendfile on; tcp_nopush on; tcp_nodelay on; keepalive_timeout 65; types_hash_max_size 2048; include /etc/nginx/mime.types; default_type application/octet-stream; # Load modular configuration files from the /etc/nginx/conf.d directory. # See http://nginx.org/en/docs/ngx_core_module.html#include # for more information. include /etc/nginx/conf.d/*.conf; # Load Virtual Sites include /etc/nginx/sites-enabled/*; include /etc/nginx/sites-available/*; index index.php index.html index.htm; server_tokens off; }
default_server:
# To black-hole all other subdomain requests server { listen 80; server_name _; return 444; }
ELB检查:
# So the ELB sees the instance as still being alive server { location /home/elb-check { access_log off; return 200; add_header Content-Type text/plain; } }
如果没有专门定义默认服务器,Nginx会selectconfiguration中的第一台服务器。 安装虚拟默认服务器。
# This just prevents Nginx picking a random default server if it doesn't know which # server block to send a request to server { listen 80 default_server; server_name _; return 444; access_log off; log_not_found off; }
您也可能需要定义一个默认的https服务器,尽pipe如果它不在特定的域上,它可能会生成证书警告。 我不打扰。