我最近将我的 Rails 应用程序从使用 HTTP 请求迁移到 HTTPS。
我的申请网址如下:
https://testmate.persistent.co.in
我已经在 nginx.conf 文件中设置了所有必需的配置
我的 nginx.conf 文件如下:
# start the http module where we config http access.
http {
...
server {
listen 443;
ssl on;
ssl_certificate certificate.pem;
ssl_certificate_key server.key;
ssl_protocols SSLv3;
proxy_set_header X-FORWARDED-PROTO https;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_max_temp_file_size 0;
proxy_set_header X-Forwarded-Ssl on;
# doc root
root /var/www/TestMate/current/public/;
passenger_enabled on;
passenger_use_global_queue on;
rails_env production;
# vhost specific access log
access_log logs/production.access.log main;
client_max_body_size 10M;
if (-f $document_root/maintenance.html){
rewrite ^(.*)$ /maintenance.html last;
break;
}
location ~* ^.+\.(jpg|jpeg|flv|gif|css|png|js|ico|html|swf|favicon\.ico|robots\.txt)$ {
access_log off;
expires 365d;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
server {
# port to listen on. Can also be set to an IP:PORT
listen 80;
# sets the domain[s] that this vhost server requests for
# doc root
root /var/www/TestMate/current/public/;
passenger_enabled on;
passenger_use_global_queue on;
rails_env production;
# vhost specific access log
access_log logs/production.access.log main;
client_max_body_size 10M;
if (-f $document_root/maintenance.html){
rewrite ^(.*)$ /maintenance.html last;
break;
}
location ~* ^.+\.(jpg|jpeg|flv|gif|css|png|js|ico|html|swf|favicon\.ico|robots\.txt)$ {
access_log off;
expires 365d;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
}
如果我访问上述 URL在内部网内一切正常。
但每当我尝试访问它时来自外部网络,它导致重定向请求的无限循环。
如果我完全删除端口 80 的服务器块,它就可以正常工作。但我的应用程序有些部分不需要 HTTPS 检查。
以下是我的 nginx production.access.log 文件输出中的循环:
15/Feb/2012:18:53:02 +05308.301 10.78.0.21 - - 302 "GET / HTTP/1.0" "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:10.0.1) Gecko/20100101 Firefox/10.0.1" "http_x_forwarded_for" 100 "-"
以下是我的应用程序 production.log 文件输出,它也进入循环:
Started GET "/" for 66.249.6.106 at 2012-02-15 18:25:28 +0530
Processing by as */*
Redirected to https://testmate.persistent.co.in/
Completed 302 Found in 1ms
知道为什么会发生这种情况吗?
答案1
添加以下内容proxy_set_header X-Forwarded-Ssl on;
set $https_enabled on;
它可能会有帮助,帮我解决过一次类似的问题。