nginx wordpress ssl 混合内容

tag-icon tag-icon nginx ssl wordpress
nginx wordpress ssl 混合内容

我有一个 wocommerce 网站,我正在尝试为其结帐页面设置 SSL 证书。该网站的 HTTP 版本是工作文件。在切换到 nginx 之前,apache 上的 SSL 运行良好。

以下是我的 nginx.config 文件

server {
            server_name mysite.co.uk www.mysite.co.uk;
            listen 81.4.121.xxx:443 ssl;

            ssl on;

            root /home/mysite/public_html;
            index index.html index.htm index.php;
            access_log /var/log/virtualmin/mysite.co.uk_access_log;
            error_log /var/log/virtualmin/mysite.co.uk_error_log;

            ssl_certificate /home/mysite/ssl.cert;
            ssl_certificate_key /home/mysite/ssl.key;

            location / {
                    try_files $uri $uri/ /index.php?$args;
            }

            #Pass all .php files onto a php-fpm/php-fcgi server.
            location ~ [^/]\.php(/|$) {
            fastcgi_split_path_info ^(.+?\.php)(/.*)$;
            if (!-f $document_root$fastcgi_script_name) {
                    return 404;
           }
                    include fastcgi.conf;
                    fastcgi_pass 127.0.0.1:9001;
            }


    }

server {
    server_name mysite.co.uk www.mysite.co.uk;
    listen 81.4.121.xxx;               #xxx is just to hide my IP
    root /home/mysite/public_html;
    index index.html index.htm index.php;
    access_log /var/log/virtualmin/mysite.co.uk_access_log;
    error_log /var/log/virtualmin/mysite.co.uk_error_log;
    fastcgi_param GATEWAY_INTERFACE CGI/1.1;
    fastcgi_param SERVER_SOFTWARE nginx;
    fastcgi_param QUERY_STRING $query_string;
    fastcgi_param REQUEST_METHOD $request_method;
    fastcgi_param CONTENT_TYPE $content_type;
    fastcgi_param CONTENT_LENGTH $content_length;
    fastcgi_param SCRIPT_FILENAME        /home/mysite/public_html$fastcgi_script_name;
    fastcgi_param SCRIPT_NAME $fastcgi_script_name;
    fastcgi_param REQUEST_URI $request_uri;
    fastcgi_param DOCUMENT_URI $document_uri;
    fastcgi_param DOCUMENT_ROOT /home/mysite/public_html;
    fastcgi_param SERVER_PROTOCOL $server_protocol;
    fastcgi_param REMOTE_ADDR $remote_addr;
    fastcgi_param REMOTE_PORT $remote_port;
    fastcgi_param SERVER_ADDR $server_addr;
    fastcgi_param SERVER_PORT $server_port;
    fastcgi_param SERVER_NAME $server_name;
    fastcgi_param HTTPS $https;

# WP Super Cache rules.
# Designed to be included from a 'wordpress-ms-...' configuration file.

set $cache_uri $request_uri;

# POST requests and urls with a query string should always go to PHP
if ($request_method = POST) {
        set $cache_uri 'null cache';
}

if ($query_string != "") {
        set $cache_uri 'null cache';
}   

# Don't cache uris containing the following segments
if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php|wp-.*.php|/feed/|index.php|wp-comments-popup.php|wp-links-opml.php|wp-locations.php|sitemap(_index)?.xml|[a-z0-9_-]+-sitemap([0-9]+)?.xml)") {
        set $cache_uri 'null cache';
}   

# Don't use the cache for logged in users or recent commenters
if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+|wp-postpass|wordpress_logged_in") {
        set $cache_uri 'null cache';
}

# Use cached or actual file if they exists, otherwise pass request to WordPress
location / {
        try_files /wp-content/cache/supercache/$http_host/$cache_uri/index.html $uri $uri/ /index.php?$args ;
}    

#Leverage browser caching
location ~*  \.(jpg|jpeg|png|gif|ico|css|js)$ {
        expires 365d;
    }location ~*  \.(pdf)$ {
        expires 30d;
} 


            # Pass all .php files onto a php-fpm/php-fcgi server.
            location ~ [^/]\.php(/|$) {
            fastcgi_split_path_info ^(.+?\.php)(/.*)$;
            if (!-f $document_root$fastcgi_script_name) {
                    return 404;
            }   
                    include fastcgi.conf;
                    fastcgi_pass 127.0.0.1:9001;
            }


}

所有带有查询字符串的 css 文件(即http://example.com/file.css?v1.23) 导致了问题。

大多数 jpg 文件也被强制从网站的非 SSL 版本获取。

以下是我在 chrome 控制台中看到的错误。 (索引):51 混合内容:页面位于'https://www.mysite.co.uk/“已通过 HTTPS 加载,但请求了不安全的样式表”http://www.mysite.co.uk/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=4.4.1'。此请求已被阻止;内容必须通过 HTTPS 提供。

我不知道是什么导致了这个问题?如果有人能帮忙就太好了。

答案1

您需要将 Wordpress 网站完全迁移到 SSL,否则您将继续收到这些消息。Wordpress 和插件仅使用您在配置中设置的 URL,这就是混合协议消息的原因。只需从 http 重定向到 https

# Redirect all variations to https://www domain
server {
  listen 80;
  server_name example.com www.example.com;
  return 301 https://www.example.com$request_uri;
}

你的 SSL 配置看起来很奇怪。你说

server_name mysite.co.uk www.mysite.co.uk;
listen 81.4.121.xxx:443 ssl;
ssl on;

我会用

server_name mysite.co.uk www.mysite.co.uk;
listen 443 ssl http2; # NB http2 requires a recent version of nginx

# Set up preferred protocols and ciphers. TLS1.2 is required for HTTP/2
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers ECDH+AESGCM:ECDH+AES256:ECDH+AES128:DH+3DES:!ADH:!AECDH:!MD5;

# This is a cache for SSL connections
ssl_session_cache shared:SSL:2m;
ssl_session_timeout 60m;

答案2

我的 nginx 或 php-fpm 配置有问题。

我备份了 nginx.config 文件并重新安装了 nginx。然后我将 nginx 配置文件的备份版本重新应用于新安装,现在 SSL 运行正常。

相关内容