我想将所有 HTTP 流量重定向到 HTTPS,但有一个例外。URL/preview/中的所有内容都应通过 HTTP 提供。
我已尝试以下配置,但它一直告诉我有一个重定向循环。
server {
listen 80;
server_name example.com;
root /var/www/html/example.com/public;
index index.php index.html;
location /preview {
try_files $uri $uri/ /index.php?$query_string;
}
location / {
# we are in http server, but want https for normal
# requests - redirect to https
return 301 https://$server_name$request_uri;
}
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
# NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini
# With php5-cgi alone:
#fastcgi_pass 127.0.0.1:9000;
# With php5-fpm:
fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
server {
listen 443;
server_name example.com;
ssl on;
ssl_certificate /etc/nginx/ssl/cert_chain.crt;
ssl_certificate_key /etc/nginx/ssl/server.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
add_header Strict-Transport-Security max-age=31536000;
access_log /var/log/nginx/example.com/access.log;
error_log /var/log/nginx/example.com/error.log;
charset utf-8;
root /var/www/html/example.com/public;
index index.php index.html;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location /preview {
# we are in http server, but want https for normal
# requests - redirect to https
return 301 http://$server_name$request_uri;
}
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
# NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini
# With php5-cgi alone:
#fastcgi_pass 127.0.0.1:9000;
# With php5-fpm:
fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
答案1
根据这个相关问题:
https://stackoverflow.com/questions/11493325/nginx-redirect-all-directories-except-one
您需要了解 nginx 处理位置块的顺序。这也让我很困惑,但看起来如果您在 :80 服务器块中交换“location /preview”和“location /”,您将获得所需的结果。
与此处(重复的问题)相同:
如果将预览位置设为正则表达式,则可能有助于强制处理顺序。
另请参阅:http://nginx.org/en/docs/http/request_processing.html
nginx 首先搜索由文字字符串给出的最具体的前缀位置,而不考虑列出的顺序。在上面的配置中,唯一的前缀位置是“/”,由于它与任何请求匹配,因此它将被用作最后的手段。然后 nginx 按照配置文件中列出的顺序检查由正则表达式给出的位置。第一个匹配的表达式将停止搜索,nginx 将使用此位置。如果没有正则表达式与请求匹配,则 nginx 将使用先前找到的最具体的前缀位置。
答案2
每次测试前尝试清理浏览器缓存。看起来你的配置有效。我使用以下链接进行了测试:
https:// example.com/preview/any.html -(301)-> http:// example.com/preview/any.html
http:// example.com/preview/any.html - no redirects
https:// example.com/any.html - no redirects
http:// example.com/any.html -(301)-> https:// example.com/any.html
https:// example.com/preview/any.php - no redirects
http:// example.com/preview/any.php - no redirects
https:// example.com/any.php - no redirects
http:// example.com/any.php - no redirects
一切配置完毕。请解释一下你从哪里得到这些循环。