我有两个域名托管在同一台服务器上。在 DNS 记录中,我为两个域名都设置了通配符 (*) A 记录,它们都指向该服务器。
因此我希望xyz.domain1.com解决domain1.com
并xyz.domain2.com解决domain2.com。
但是目前除www子域名之外的所有内容domain2.com都重定向到domain1.com。
这两个域的 nginx 配置相同,所以我不明白是什么原因造成的。我的 nginx 配置如下:
user nginx;
worker_processes 1;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /dev/stdout main;
sendfile on;
keepalive_timeout 65;
# Listen for non-HTTPS requests and redirect them to HTTPS
server {
server_name www.domain1.com domain1.com;
return 301 https://domain1.com$request_uri;
}
# Listen for www requests with HTTPS and redirect them to non www site
server {
listen 443 ssl;
server_name www.domain1.com;
ssl_certificate /etc/letsencrypt/live/www.domain1.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/www.domain1.com/privkey.pem;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
return 301 https://domain1.com$request_uri;
}
# Listen for non-www HTTPS requests and serve the app
server {
listen 443 ssl;
#add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
server_name domain1.com api.domain1.com;
ssl_certificate /etc/letsencrypt/live/www.domain1.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/www.domain1.com/privkey.pem;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
location ^~ /.well-known/ {
root /usr/share/nginx/html;
allow all;
}
location / {
root /var/www/domain1;
}
}
# Listen for non-HTTPS requests and redirect them to HTTPS
server {
server_name www.domain2.com domain2.com;
return 301 https://domain2.com$request_uri;
}
# Listen for www requests with HTTPS and redirect them to non www site
server {
listen 443 ssl;
server_name www.domain2.com;
ssl_certificate /etc/letsencrypt/live/www.domain2.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/www.domain2.com/privkey.pem;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
return 301 https://domain2.com$request_uri;
}
# Listen for non-www HTTPS requests and serve the app
server {
listen 443 ssl;
#add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
server_name domain2.com;
ssl_certificate /etc/letsencrypt/live/www.domain2.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/www.domain2.com/privkey.pem;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
location ^~ /.well-known/ {
root /usr/share/nginx/html;
allow all;
}
location / {
root /var/www/domain2;
}
}
}
我如何才能保持域名分离,以便每个子域名重定向到正确的域名?
答案1
您必须为每个域添加一个通配符 server_name 条目,以选择要重定向到哪个域。否则,未知的 server_name 将被分派到第一个条目(在本例中,重定向到 domain1.com)。
添加*.domain2.com到行中server_name www.domain2.com,它应该正确分离 domain2.com 子域。