我有一个使用通配符子域名的服务器。我使用的是 nuxtjs、nginx,它在端口 3000 上的反向代理上运行。每个用户都应该能够在网站上创建一个子域名,例如,subdomain.learnbot.tk
这将指向learnbot.tk/school/{subdomain-name}
。每个用户都应该能够创建一个指向他们自己的 的 cname subdomain.learnbot.tk
。
但是,当我使用域名创建以主机为@
、以目标为的CNAME 记录时,它返回 404。subdomain.learnbot.tk
https://creatorbrandedsite.tk/
这是我的通配符子域名的配置文件:
server {
listen 80;
server_name *.learnbot.tk;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl http2 default_server;
listen [::]:443 ssl http2 default_server;
#include snippets/ssl-example.com.conf;
#include snippets/ssl-params.conf;
ssl_certificate /etc/letsencrypt/live/learnbot.tk/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/learnbot.tk/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
root /home/subdomain/learnbot.tk/public/current;
index index.php index.html index.htm index.nginx-debian.html;
server_name *.learnbot.tk;
location / {
proxy_pass http://localhost:3000;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
location /blog {
try_files $uri $uri/ /index.php$is_args$args;
}
# For Lets Encrypt certbot
location ~ /.well-known {
allow all;
}
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/run/php/php7.0-fpm.sock;
}
location ~ /\.ht {
deny all;
}
location /favicon.ico { alias /var/www/html/example/favicon.ico; }
location = /favicon.ico { log_not_found off; access_log off; }
location = /robots.txt { log_not_found off; access_log off; allow all; }
}
主域名的 nuxtjs conf 文件
server {
index index.html;
server_name learnbot.tk www.learnbot.tk;
location / {
# WARNING: https in proxy_pass does NOT WORK!! I spent half a day debugging this.
#proxy_pass https://localhost:4001;
proxy_pass http://localhost:3000;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
error_page 404 /custom_404.html;
location = /custom_404.html {
root /etc/nginx/sites-available/custom_nginx_error_pages;
internal;
}
listen [::]:443 ssl http2; # managed by Certbot, modified by Kunal to add http2
listen 443 ssl http2; # managed by Certbot, modified by Kunal to add http2
#Install SSL certificates and configure https:// on a per-domain-basis by running:
#sudo certbot --nginx
#(when prompted, be sure to select the option to set up redirects from http to https and effectively "disable" http)
ssl_certificate /etc/letsencrypt/live/learnbot.tk/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/learnbot.tk/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
server_name learnbot.tk;
if ($host = learnbot.tk) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
listen [::]:80;
return 404; # managed by Certbot
}
答案1
当您请求时https://creatorbrandedsite.tk/
,会发生以下事件:
- 浏览器查询 DNS 信息
creatorbrandedsite.tk
- 它收到 CNAME 响应,并继续查找
subdomain.learnbot.tk
A 记录。 - 它连接到 的 IP 地址
subdomain.learnbot.tk
。 creatorbrandedsite.tk
它从你的 nginx 服务器请求域名。
然后,您的服务器的默认虚拟主机配置将对请求返回 404 未找到。
DNS CNAME 记录仅用于解析目标 IP 地址。它不用于选择浏览器实际连接的虚拟主机。
您需要重新考虑处理这个问题的方法。