Nginx 不通过 HTTPS 提供静态文件

tag-icon tag-icon apache-2.2 nginx ssl reverse-proxy
Nginx 不通过 HTTPS 提供静态文件

我正在尝试在 Apache 前面设置 Nginx 作为反向代理并提供静态文件。我将 301 http 转换为 https,并在 https 部分提供指令以通过别名提供静态文件夹。但是,出于某种奇怪的原因,文件通过 http 提供。

这是我的 Nginx 网站配置:

    server {
            listen   80; 
            listen   [::]:80;
            access_log off;
            server_name site.com www.site.com;
            return 301 https://$server_name$request_uri;

        }

    server {
            listen   443;
            ssl on;

            ssl_certificate /usr/local/sslcert/my.crt;
            ssl_certificate_key /usr/local/sslcert/my.key;

            access_log off;
            server_name site.com www.site.com;


            location /public/ {
            alias /var/www/public/;
            expires max;
            add_header Pragma public;
            add_header Cache-Control "public";
            }


            location / {

            root /var/www/;
            index index.php

            client_max_body_size    10m;
            client_body_buffer_size 128k;

            proxy_send_timeout   90;
            proxy_read_timeout   90;
            proxy_buffer_size    128k;
            proxy_buffers     4 256k;
            proxy_busy_buffers_size 256k;
            proxy_temp_file_write_size 256k;
            proxy_connect_timeout 30s;

            proxy_redirect  off;

            proxy_pass   http://127.0.0.1:3333/;

            proxy_set_header   Host   $host;
            proxy_set_header   X-Real-IP  $remote_addr;
            proxy_set_header   X-Forwarded-For $proxy_add_x_forwarded_for;
            }



            location /push {
            root /var/www/;
            rewrite /push(.*) /$1 break;
            proxy_pass https://127.0.0.1:8332/push/;
            proxy_redirect off;
            proxy_set_header Host $host;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            }

             location ~ /\.ht {
                    deny all;
            }
    }

我错过了什么?

答案1

所以问题实际上出在 Zend Framework Ba​​seUrl 设置上。我已将其删除,现在一切正常。

答案2

这可能不是问题的真正原因,但无论如何它都会造成困难。

您正在使用root内部位置块,但通常效果不太好。

尝试以下配置:

server {
        listen   80; 
        listen   [::]:80;
        access_log off;
        server_name site.com www.site.com;
        return 301 https://$server_name$request_uri;
}

server {
        listen 443 ssl;
        listen [::]:443 ssl;

        ssl_certificate /usr/local/sslcert/my.crt;
        ssl_certificate_key /usr/local/sslcert/my.key;

        access_log off;
        server_name site.com www.site.com;

        root /var/www;

        location /public/ {
            expires max;
            add_header Pragma public;
            add_header Cache-Control "public";
        }

        location / {
            index index.php

            client_max_body_size    10m;
            client_body_buffer_size 128k;

            proxy_send_timeout   90;
            proxy_read_timeout   90;
            proxy_buffer_size    128k;
            proxy_buffers     4 256k;
            proxy_busy_buffers_size 256k;
            proxy_temp_file_write_size 256k;
            proxy_connect_timeout 30s;

            proxy_redirect  off;

            proxy_pass   http://127.0.0.1:3333/;

            proxy_set_header   Host   $host;
            proxy_set_header   X-Real-IP  $remote_addr;
            proxy_set_header   X-Forwarded-For $proxy_add_x_forwarded_for;
        }

        location /push {
            rewrite ^/push(.*) /$1 break;
            proxy_pass https://127.0.0.1:8332/push/;
            proxy_redirect off;
            proxy_set_header Host $host;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        }

         location ~ /\.ht {
                deny all;
        }
}

变化:

  • 将 SSL 定义移至 listen 行
  • 将 IPv6 添加到 SSL 部分
  • root指令移至服务器级别
  • 从位置块中删除了不需要的alias定义root,服务器级别root指令涵盖了这些
  • ^在推送规则中添加了行首rewrite

相关内容