我在使用托管网站时遇到问题。它在本地运行。但自从我添加了 SSL 证书后,我遇到了一个又一个问题。对于最新的这个问题,我似乎无法确定它来自哪里。我尝试从我的应用程序中完全删除服务工作线程,但问题仍然存在。控制台上的具体错误是:1:GEThttps://www.snagmysac.com/static/js/main.e3833e90.js404(未找到)2:脚本资源位于重定向之后,这是不允许的。3:无法加载资源:net::ERR_UNSAFE_REDIRECT
我在网上找不到很多引用这些错误的资源。
server {
listen 80;
server_name snagmysac.com www.snagmysac.com;
return 301 https://$host$request_uri;
}
server {
listen 443 ssl;
server_name snagmysac.com;
ssl_certificate /etc/letsencrypt/live/snagmysac.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/snagmysac.com/privkey.pem;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
root /usr/share/nginx/html;
index index.html index.htm;
location / {
proxy_pass http://127.0.0.1:8080;
proxy_next_upstream error timeout invalid_header http_500 http_502
http_503 http_504;
proxy_redirect off;
proxy_buffering off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
对于托管服务器发生的情况有什么想法吗?
答案1
我尝试了几种不同的方法,终于解决了这个问题。我清除了缓存,这似乎解决了部分问题。但后来我注意到我的重定向没有正常工作,所以我通过条件返回重定向来修复重定向。
server {
listen 80;
listen 443 ssl http2;
server_name snagmysac.com www.snagmysac.com;
if ($scheme = "http") { # Only redirect if not using SSL
return 301 https://$server_name$request_uri;
}
ssl_certificate /etc/letsencrypt/live/snagmysac.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/snagmysac.com/privkey.pem;
ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:AES256+EECDH:AES256+EDH';
location / {
# THESE ARE IMPORTANT
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# This is what tells Connect that your session can be considered
secure,
# even though the protocol node.js sees is only HTTP:
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Host $http_host;
proxy_set_header X-NginX-Proxy true;
proxy_read_timeout 5m;
proxy_connect_timeout 5m;
proxy_redirect off;
root /home/sitedir/;
proxy_pass http://127.0.0.1:8080;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}