nginx 重定向过多(cloudflare 和 https)

tag-icon tag-icon nginx django cloudflare
nginx 重定向过多(cloudflare 和 https)

您好,感谢您的帮助。

我搜索过并发现了类似的问题,但不是我现在遇到的问题。当我尝试配置 nginx 来为我的应用程序提供服务时,我得到了“重定向次数过多”的错误信息。

这是 :80 服务器配置

server{
    listen 80;
    listen [::]:80;
    server_name app.domain.com;

    location /{         
        # This is an acceptable config: If request went trought http, 
        # redirect to https server
        if ($scheme = "http"){
            return 301 https://$host$request_uri;
        }

        # This is what i REALLY want: If request went trought http (this
        # server is listening port 80) and the user agent does not match,
        # then redirect to https, else show a specific html 
        #if ($http_user_agent !~* "SPECIFIC USER AGENT" ) {
        #   return 301 https://$host$request_uri;
        #}
        #if ($http_user_agent = "SPECIFIC USER AGENT" ) {
        #   return 301 https://app.domain.com/specific.html;
        #}
    }

    location /specific.html {
        root /home/htmls/;
        autoindex off;
    }


    # This is required for the acme challenge oof Let's encrypt
    location /.well-known/acme-challenge {
        alias /etc/letsencrypt/webrootauth/.well-known/acme-challenge;
    }

}

这是 https 服务器 :443

server {
    listen 443 ssl;
    listen [::]:443 ssl;
    server_name app.domain.com;

    access_log /var/log/nginx/app-access.log;
    error_log  /var/log/nginx/app-error.log;

    ssl on;
    ssl_certificate /etc/letsencrypt/live/app.domain.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/app.comain.com/privkey.pem;
    ssl_protocols  TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers HIGH:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4;
    ssl_prefer_server_ciphers on;

    charset utf-8;

    location / {
        proxy_redirect off;
        proxy_http_version 1.1;
        proxy_read_timeout 90s;
        proxy_connect_timeout 90s;

        #proxy_set_header Host $http_host;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;

        proxy_pass http://127.0.0.1:8000;
    }
}

我已将我的网络服务器应用配置为添加 SSL 证书。该网站受 Cloudflare 保护(但针对此特定子域已禁用)。我正在使用 let's encrypt certbot。我的应用运行良好,我已多次更新证书,但最后一次出现了“重定向过多”问题。

我几乎尝试了所有方法,包括几种 cloudflare crypt 配置。我可以回答您提出的几乎所有问题。结果总是“重定向次数过多”,或者网站无法访问。

请帮帮我!这让我抓狂了:S

答案1

与其让所有服务器在域上进行重写,为什么不让 Cloudflare 使用其流量规则来执行此操作呢?简单重写 http://* -> https://*

显然,您可以根据需要自定义它,并添加您想要向用户显示的任何错误页面等 - 但在这里实现它要快得多,从而减少了访问原始服务器的流量。

相关内容