在 HTTPS 上将根目录重定向到 www nginx

在 HTTPS 上将根目录重定向到 www nginx

当前状态如下:

尝试了多个配置,结果仍然相同。不确定这是否是配置字段中元素的顺序问题,还是我完全配置错误。

配置文件:

server {
    server_name www.example.com example.com 123.123.123.123;


    root /var/www/wdiu-new/web;
    location / {
        # try to serve file directly, fallback to app.php
        try_files $uri /app.php$is_args$args;
    }
    # DEV
    # This rule should only be placed on your development environment
    # In production, don't include this and don't deploy app_dev.php or config.php
    location ~ ^/(app_dev|config)\.php(/|$) {
        fastcgi_pass unix:/var/run/php/php7.1-fpm.sock;
        fastcgi_split_path_info ^(.+\.php)(/.*)$;
        include fastcgi_params;
        # When you are using symlinks to link the document root to the
        # current version of your application, you should pass the real
        # application path instead of the path to the symlink to PHP
        # FPM.
        # Otherwise, PHP's OPcache may not properly detect changes to
        # your PHP files (see https://github.com/zendtech/ZendOptimizerPlus/issues/126
        # for more information).
        fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
        fastcgi_param DOCUMENT_ROOT $realpath_root;
    }
    # PROD
    location ~ ^/app\.php(/|$) {
        fastcgi_pass unix:/var/run/php/php7.1-fpm.sock;
        fastcgi_split_path_info ^(.+\.php)(/.*)$;
        include fastcgi_params;
        # When you are using symlinks to link the document root to the
        # current version of your application, you should pass the real
        # application path instead of the path to the symlink to PHP
        # FPM.
        # Otherwise, PHP's OPcache may not properly detect changes to
        # your PHP files (see https://github.com/zendtech/ZendOptimizerPlus/issues/126
        # for more information).
        fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
        fastcgi_param DOCUMENT_ROOT $realpath_root;
        # Prevents URIs that include the front controller. This will 404:
        # http://domain.tld/app.php/some-path
        # Remove the internal directive to allow URIs like this
        internal;
    }

    # return 404 for all other php files not matching the front controller
    # this prevents access to other php files you don't want to be accessible.
    location ~ \.php$ {
        return 404;
    }

    error_log /var/log/nginx/project_error.log;
    access_log /var/log/nginx/project_access.log;
 # managed by Certbot

    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/new.example.com/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/new.example.com/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

}

server {
    listen 80;
    server_name example.com;
    return 301 https://www.example.com$request_uri;
}


server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;
    server_name example.com;

    ssl_certificate /etc/letsencrypt/live/new.example.com/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/new.example.com/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

    location / {
        return 301 https://www.example.com$request_uri;
    }
}


 server {

   if ($host = www.example.com) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


    server_name www.example.com 123.123.123.123;
    listen 80;
    return 404; # managed by Certbot
}

答案1

server {
    server_name www.example.com example.com 123.123.123.123;

您的第一个服务器块正在处理 HTTPS 请求example.com

您应该删除该主机名,以便请求能够example.com传递到包含重定向的以下服务器块。

(事实上​​,也删除 IP 并将其移动到重定向主机,尽管如果您实际尝试使用,您可能会收到浏览器 SSL 警告https://<ip>

答案2

我想你希望这个区块 server { listen 80; server_name example.com; return 301 https://www.example.com$request_uri; } 重定向https://example.comhttps://www.example.com

但它不起作用,因为它只监听端口 80。

无论如何,您的服务器 {} 块中确实存在大量冗余。我建议您更好地组织这些冗余,否则您将继续遇到麻烦。

相关内容