.png)
实际上我的 SSL 证书已过期且没有更新,所以有一段时间我希望我的网站能够重定向到 http 而不是 https。
Myconfig文件:
server {
listen 80 ;
listen [::]:80 default_server;
# SSL configuration
#
listen 443 ssl default_server;
listen [::]:443 ssl default_server;
#
# Note: You should disable gzip for SSL traffic.
# See: https://bugs.debian.org/773332
#
# Read up on ssl_ciphers to ensure a secure configuration.
# See: https://bugs.debian.org/765782
# Self signed certs generated by the ssl-cert package
# Don't use them in a production server!
#
# include snippets/snakeoil.conf;
root /var/www/laravel/public;
# Add index.php to the list if you are using PHP
index index.php index.html index.htm index.nginx-debian.html;
server_name aksout.com ;
ssl on;
ssl_certificate /etc/letsencrypt/live/aksout.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/aksout.com/privkey.pem;
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ /index.php?$query_string;
}
location /phpmyadmin {
alias /var/www/laravel/public/;
index index.php index.html index.htm;
}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
# # With php7.0-cgi alone:
# fastcgi_pass 127.0.0.1:9000;
# # With php7.0-fpm:
fastcgi_pass unix:/run/php/php7.0-fpm.sock;
include fastcgi_params;
fastcgi_buffers 8 512k;
fastcgi_buffer_size 256k;
fastcgi_send_timeout 5m;
fastcgi_read_timeout 5m;
fastcgi_connect_timeout 5m;
}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
location ~ /\.ht {
deny all;
}
location ~ /.well-known {
allow all;}
}
# Virtual Host configuration for example.com
#
# You can move that to a different file under sites-available/ and symlink that
# to sites-enabled/ to enable it.
server {
listen 80;
# listen [::]:80;
#
server_name aksout.com;
#
# root /var/www/example.com;
# index index.html;
#
# location / {
# try_files $uri $uri/ =404;
# }
return 301 http://aksout.com$request_uri;
}
答案1
首先,如果没有有效的 SSL 证书,您就无法重定向到 HTTP。用户浏览器将显示 SSL 警告,除非他们添加例外,否则他们永远无法通过 HTTPS 访问您的服务器。
不过,您可以为通过 HTTP 访问的人们提供服务。
在第一个服务器块中:
- 注释掉 listen 443 行
- 注释掉 SSL 证书内容
然后注释掉第二个服务器块,即原来的端口 80。
答案2
您不应该仅仅因为证书已过期就将 https 重定向到 http。您应该续订它,尤其是因为您的配置文件中已经包含了 letsencrypt 所需的一切。
运行以下命令应该可以使您的 https 再次正常工作。
certbot renew
如果出现任何错误,请按照这个简单的指南进行操作在 Debian 上(重新)安装 letsencrypt for nginx。
答案3
我刚刚删除了 443/HTTPS 的内容以及将流量重定向到它的其他块
server {
listen 80 ;
listen [::]:80 default_server;
server_name aksout.com ;
root /var/www/laravel/public;
# Add index.php to the list if you are using PHP
index index.php index.html index.htm index.nginx-debian.html;
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ /index.php?$query_string;
}
location /phpmyadmin {
alias /var/www/laravel/public/;
index index.php index.html index.htm;
}
# pass the PHP scripts to FastCGI server listening on socket
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/run/php/php7.0-fpm.sock;
include fastcgi_params;
fastcgi_buffers 8 512k;
fastcgi_buffer_size 256k;
fastcgi_send_timeout 5m;
fastcgi_read_timeout 5m;
fastcgi_connect_timeout 5m;
}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
location ~ /\.ht {
deny all;
}
location ~ /.well-known {
allow all;
}
}
答案4
尝试 htaccess 重定向:
RewriteCond %{SERVER_PORT} 443 重写规则 ^/?$http://%{服务器名称}/ [R=301,L]