Nginx 和 https 重定向

Nginx 和 https 重定向

我尝试重定向http://www& http:// 在 https:// 上,但我有一个重定向循环,你知道为什么吗?当我只输入 server_name www.mywebsite.lol 时,https 重定向是没问题的……

我试过

server {
    server_name     mywebsite.lol;
    rewrite ^(.*)   https://mywebsite.lol$1 permanent;
}

server {
    server_name     mywebsite.lol;
    return          301 https://$server_name$request_uri;
}

我的完整配置

server {
# Port
listen 80;

# Hostname
server_name mywebsite.lol;

# Logs (acces et erreurs)
access_log /var/log/nginx/mywebsite.lol.access.log;
error_log /var/log/nginx/mywebsite.lol.error.log;

# Repertoire
root /home/mywebsite/www;

# Fichier a executer par defaut (en ordre)
index index.html index.php;

pagespeed off;

# Needs to exist and be writable by nginx.  Use tmpfs for best performance.
pagespeed FileCachePath /var/lightpics_ngx_pagespeed_cache;

# Ensure requests for pagespeed optimized resources go to the pagespeed handler
# and no extraneous headers get set.
location ~ "\.pagespeed\.([a-z]\.)?[a-z]{2}\.[^.]{10}\.[^.]+" {
  add_header "" "";
}
location ~ "^/pagespeed_static/" { }
location ~ "^/ngx_pagespeed_beacon$" { }
pagespeed DisableFilters remove_comments;

#Expire Header
location ~* ^.+\.(ogg|ogv|svg|svgz|eot|otf|woff|mp4|ttf|rss|atom|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf)$ {
access_log off; log_not_found off; expires max;
}

location / {
    try_files $uri $uri/ /index.php?$query_string;
}

# pass the PHP scripts to FastCGI server listening on the php-fpm socket
location ~ \.php$ {
        try_files $uri =404;
        fastcgi_pass unix:/var/run/php5-fpm.sock;
        fastcgi_index index.php;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        include fastcgi_params;

}

# Refuse accès httaccess
location ~ /\. {
    deny all;
}

}

答案1

执行 Nginx 重定向的正确方法是使用 HTTP 301,而不是重写。请参阅这里

至于您的服务器设置,请参阅下面的设置。我在端口 80 上定义服务器名称,然后重定向到端口 443 上的 HTTPS。所有内容(SSL 设置、根、索引等...)都应用于此 HTTPS 服务器块下。

server {
        listen 80 default_server;                       #Listen on IPv4
        listen [::]:80;                                 #Listen on IPv6
        server_name loganmarchione.com;
        return 301 https://$host$request_uri;           #Redirect HTTP to HTTPS
}

server {
        listen 443 ssl spdy;                            #Listen on IPv4
        listen [::]:443 ssl spdy;                       #Listen on IPv6

        ssl_certificate /etc/nginx/ssl/unified2.crt;
        ssl_certificate_key /etc/nginx/ssl/my-private-decrypted.key;

        ...

答案2

您之所以会遇到重定向循环,是因为同一个“服务器”指令正在响应 http(端口 80)和 https(端口 443)的请求

您希望为 http 和 https 设置单独的“服务器”块 - http 块应该仅重定向到 https,而 https 块应该包含您的主配置,即“root”等。

server {
  listen 80;
  server_name mywebsite.lol;
  rewrite ^(.*) https://mywebsite.lol$1 permanent;
}

server {
  listen 0.0.0.0:443 ssl;
  server_name mywebsite.lol;

  ssl_certificate      /etc/pki/tls/certs/mywebsite.lol.crt;
  ssl_certificate_key  /etc/pki/tls/certs/mywebsite.lol.key;

  # Repertoire
  root /home/mywebsite/www;

  ...

}

相关内容