Nginx 反向代理使用 SSL - 403 错误

tag-icon tag-icon apache-2.2 ubuntu nginx reverse-proxy http-status-code-403
Nginx 反向代理使用 SSL - 403 错误

过去几天,我一直在尝试安装 Nginx 作为反向代理,但无法使其正常工作。每次我加载网站上的页面,甚至加载服务器上的文件时,它都会返回 403 禁止错误。

我一直在关注我在数字海洋,我已经完成了。(在文章的最后,有一张php信息页面显示已加载Apache 处理程序。 我的php信息页面也说了同样的话。

但无论我做什么,都无法消除 403 错误。

服务器规格:

操作系统:温布图

内存:512 MB

Nginx 配置文件

    server {

    ### server port and name ###
    listen          *:443;
    ssl             on;
    server_name     --Server Name--;


    #include global/common.conf;
    #include global/wordpress.conf;
    #include global/multisite.conf;


    ### SSL log files ###
    access_log      --Log Location--;
    error_log       --Log Location--;

    ### SSL cert files ###
    ssl_certificate      --Certificate File--;
    ssl_certificate_key  --Certificate Key File--;

    root /var/www/; 
    allow 127.0.0.1;
    deny all;
    index index.php index.html index.htm;

    server_name --Server Name--; 

    location / {
    try_files $uri $uri/ /index.php;
    }

    location ~ \.php$ {
    try_files $uri =404;
    fastcgi_split_path_info ^(.+\.php)(/.+)$;
    fastcgi_pass unix:/var/run/php5-fpm.sock;
    fastcgi_index index.php;
    include fastcgi_params;
    fastcgi_pass 127.0.0.1:9000;

    proxy_set_header X-Real-IP  $remote_addr;
    proxy_set_header X-Forwarded-For $remote_addr;
    proxy_set_header Host $host;
    proxy_pass http://127.0.0.1:8080;

     }

     location ~ /\.ht {
                deny all;

    }
   }

Apache Ports.conf 文件

   # If you just change the port or add more ports here, you will likely       also
   # have to change the VirtualHost statement in
   # /etc/apache2/sites-enabled/000-default.conf


   #Listen 127.0.0.1:8080
   Listen *:8080
   #Listen 80

   <IfModule ssl_module>
    Listen 444
    #Didn't work on 443 with Nginx as a reverse proxy
   </IfModule>

   <IfModule mod_gnutls.c>
    Listen 444
    #Didn't work on 443 with Nginx as a reverse proxy
   </IfModule>

   # vim: syntax=apache ts=4 sw=4 sts=4 sr noet

Apache 配置文件

<VirtualHost *:8080>


DocumentRoot /var/www/

<Directory />
    Options FollowSymLinks
    AllowOverride All
</Directory>

<Directory /var/www/>
    Options Indexes FollowSymLinks MultiViews
    AllowOverride None
    Order allow,deny
    allow from all
</Directory>

ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
<Directory "/usr/lib/cgi-bin">
    AllowOverride None
    Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
    Order allow,deny
    Allow from all
</Directory>

ErrorLog ${APACHE_LOG_DIR}/error.log

# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn

CustomLog ${APACHE_LOG_DIR}/access.log combined

Alias /doc/ "/usr/share/doc/"
<Directory "/usr/share/doc/">
    Options Indexes MultiViews FollowSymLinks
    AllowOverride None
    Order deny,allow
    Deny from all
    Allow from 127.0.0.0/255.0.0.0 ::1/128
</Directory>

答案1

好的,一切看起来运行顺利。基本上,我更改了 Nginx 服务器块以将 SSL 请求转发到端口445,Apache 在该端口上运行 SSL。

Nginx 服务器块

    proxy_redirect          off;
    proxy_set_header X-Real-IP  $remote_addr;
    proxy_set_header Host $host;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    location / {
    proxy_pass https://127.0.0.1:445;

Apache 虚拟主机文件

    <VirtualHost *:445>

    (Apache Config options w/ SSL)

    </VirtualHost>

这篇文章让我走上了正确的道路。 多站点 Nginx 反向代理路由到 Apache

相关内容