我在Ubuntu 14.04 LTS上,遵循这个着名的指南 。 目前,我在执行以下操作后遇到错误: 1)在/etc/apt/sources.list.d/创buildnginx.list , 2)做sudo wget –q –O– http://nginx.org/keys/nginx_signing.key | sudo apt–key add – sudo wget –q –O– http://nginx.org/keys/nginx_signing.key | sudo apt–key add – 3) sudo apt-get update 错误是: N: Ignoring file 'nginx_signing.key' in directory '/etc/apt/sources.list.d/' as it has an invalid filename extension E: Type 'deb–src' is not known on line 2 […]
我试图为外部世界和我的本地networking服务于同一个网站。 如果从我的本地networking访问,我不希望SSL(以避免添加证书)和附件没有用户login,而从外部世界,我希望authentication和SSL。 我正在考虑这样的事情,不幸的是从我的本地networking访问总是把我redirect到SSL服务器。 server { listen 443 ssl http2 default_server; listen [::]:443 ssl http2 default_server; server_name my.server.com; ssl_certificate /etc/letsencrypt/../fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/../privkey.pem; # managed by Certbot include snippets/ssl-settings.conf; auth_basic "Restricted Content"; auth_basic_user_file /etc/nginx/auth.d/auth.pwd; root /var/www/html; location / { try_files $uri $uri/ =404; } include /etc/nginx/locations-enabled/*.conf; } server { listen 80 http2; listen […]
我正在尝试在Linux上使用nginx作为反向代理来设置主机和端口重新映射 。 到目前为止,我已经有了一个有效的贫民窟解决scheme,使用if指令 ,这是邪恶的 。 有没有更好的解决scheme,而不使用? 我曾尝试过–Nginxconfiguration /etc/nginx/nginx.conf (或者一些/etc/nginx/conf.d/*.conf文件): server { listen 3000; server_name dev.example.com test.example.com prod.example.com location / { if ($http_host ~ dev.example.com) { proxy_pass 127.0.0.1:13000; } if ($http_host ~ test.example.com) { proxy_pass 127.0.0.1:23000; } if ($http_host ~ prod.example.com) { proxy_pass 127.0.0.1:33000; } } } / etc / hosts : 127.0.0.1 dev.example.com 127.0.0.1 test.example.com […]
我正尝试将所有stream量从http自动redirect到https 。 我怎样才能301redirect到我所有的域名和子域名? 这是NGNIXconfiguration文件 upstream app_server { server unix:/run/DigitalOceanOneClick/unicorn.sock fail_timeout=0; } server { listen 80 default_server; listen [::]:80 default_server; server_name sprintsocial.io app.sprintsocial.io admin.sprintsocial.io; # return 301 https://$server_name$request_uri; } server { #listen 80; listen 443; root /home/rails/sprintsocial/public; #server_name _; server_name sprintsocial.io app.sprintsocial.io admin.sprintsocial.io; ssl on; ssl_certificate /home/sprintsocial.io.chained.crt; ssl_certificate_key /home/sprintsocial.io.key; index index.htm index.html; # return 301 https://$server_name$request_uri; […]
163.172.4.153 – – [17/Oct/2017:05:51:37 +0000] "GET / HTTP/1.1" 200 57264 "https://www.mywebsite.com/" "Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0" "-“ <³IäYìmsÛ¶-Çßï§ÐäU3]Rø¬N§ÓöÞm»·Ùf6ÙÍîììd(“O©$的eG}±Y}AJ¶i'pQvÒ4N“EAI I $°Lß3‰ķ†ƒÿúâNÿXÔSjfy3Ì\òÅÿûßÉ«THTH 〜2½ÊSVDk6Çùä×÷ÒN‰I ^ Ml <LHàN^¯&¯'ääIM]Óš|³ÈÓ“ªãy¾>üËËMUÄKVN©i}7ùöª®<Ùtz{ ¸œrÚÁ¤-5 !! ITH,°|é¶ú3™FË4Îú] A:¤þ×¼\ 3†Ç±œÿF7%… A'/§*Ò-bÉc¼¹Œñ0l@£\ FU(ôB8ìápp89Š= H% 9ZŒ±Š4ÂApeã9bCH2TWy±OES€6%S2 -Q:* AU7 ZZ}Ô|K¶F'XCÁ“»-2ÆçhæB0.À; I(…一个$ ~j [] S_¢SSI°A-C¢@ ½+-ØØB B«</s> </s> </s> </s> </s> </s> </s> </s> </s> </s> </s> </s> […]
我已经了解到,您可以testing一个configuration,而无需通过以下部署: sudo nginx -t -c /home/ubuntu/test/example.conf 但是如果我在一个不可写的文件系统上呢? 有没有什么办法nginx可以在configuration中通过命令行上的string? 或者,有没有其他的程序或帮手脚本可以做到这一点?
我有一个运行nginx的libvirt vm,在nginx虚拟机上安装了一个共享文件系统,我想在这个安装目录中公开一个目录。 nginx似乎运行良好,我可以访问/ usr / share / nginx / html中的基本本地文件和子目录。 我有一个从挂载到默认nginx位置的符号链接,通过 ln -sf /mnt/h_drive/ss4/ /usr/share/nginx/html/ ..我可以看到从浏览器的ss4目录,但是当我点击它,我得到的“403禁止”,并在我的/var/log/nginx/error.log 2017/10/18 17:52:16 [error] 30806#0: *1 opendir() "/usr/share/nginx/html/ss4" failed (13: Permission denied), client: xxx.xxx.xxx.xxx, server: _, request: "GET /opt/ss4/ HTTP/1.1", host: "example.com" 如果我禁用与setenforce 0 selinux我可以访问的一切。 我需要做什么才能访问这个挂载?
我将我的网站完全转移到SSL,到目前为止,我已经移动了移动版本。 我遇到的问题是,它的要求相当慢: 之前: 后: 例如最初的HTML页面(31.html),从5ms开始,达到高达303ms:/ 我假设这与我们现在使用SSL的事实有关。 我的SSL设置很简单,在我的域configuration文件中: ssl on; ssl_certificate /home/chambres/conf/web/ssl.chambresdhotes.org.pem; ssl_certificate_key /home/chambres/conf/web/ssl.chambresdhotes.org.key; 还有什么其他的技巧可以用来帮助加速吗? 我们首先在移动版本上推出,以了解它会如何影响速度 – 我只是担心,如果我们将其移动到桌面版本(更重),它会使速度变慢。 谢谢!
我已经设置了一个nginx的反向代理来服务我的前端通过端口80,然后被redirect到443 ssl https和我的api后端节点 – expression在端口5000 over / api上。 到目前为止的基本工作,除了我不能通过json-web-token进行身份validation。 我总是得到一个“未经授权的”。 尝试通过邮递员和access_token是100%正确的。 对不起,如果这个问题之前已经被问过了(已经search了几天),但是这个话题对我来说是非常新的,我不想在涉及安全问题时做一些事情。 我的nginxconfiguration看起来像这样 server { listen 80 default_server; listen [::]:80 default_server ipv6only=on; return 301 https://$host$request_uri; } # HTTPS — proxy all requests to the Node app server { # Enable HTTP/2 listen 443 ssl http2 default_server; listen [::]:443 ssl http2 default_server; server_name example.com; root /var/www/example.com/html; […]
我需要将URLredirect到位于文件系统上的html文件。 这是我迄今为止所尝试的: location /this/some/url { alias /path/to/the/file.html } 当我运行这个redirect工作,但浏览器试图下载HTML文件。 相反,我期望它在浏览器中呈现html页面。