将 Laravel 和 Socket IO 部署到 Nginx

tag-icon tag-icon nginx socket laravel socket.io
将 Laravel 和 Socket IO 部署到 Nginx

我已经在 nginx 上使用 socket io 部署了我的 Laravel 项目

这是服务器规格:

NAME="CentOS Linux"
VERSION="7 (Core)"
ID="centos"
ID_LIKE="rhel fedora"
VERSION_ID="7"
PRETTY_NAME="CentOS Linux 7 (Core)"
ANSI_COLOR="0;31"
CPE_NAME="cpe:/o:centos:centos:7"
HOME_URL="https://www.centos.org/"
BUG_REPORT_URL="https://bugs.centos.org/"

CENTOS_MANTISBT_PROJECT="CentOS-7"
CENTOS_MANTISBT_PROJECT_VERSION="7"
REDHAT_SUPPORT_PRODUCT="centos"
REDHAT_SUPPORT_PRODUCT_VERSION="7"

这是我的配置文件:

server {
    listen       443 ssl;
    server_name  website.tld;
    proxy_pass_header Server;
    proxy_buffering off;
    server_tokens off;
    
    ssl_certificate      /etc/nginx/ssl/biz/ssl.crt;
    ssl_certificate_key  /etc/nginx/ssl/biz/ssl.key;

    ssl_session_cache shared:SSL:50m;
    ssl_session_timeout 5m;

    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    add_header X-Frame-Options "SAMEORIGIN";
    add_header X-XSS-Protection "1; mode=block";
    add_header X-Content-Type-Options nosniff;
    proxy_cookie_path / "/; secure;";
    ssl_prefer_server_ciphers   on;
    server_name_in_redirect on;    
    proxy_buffer_size   128m;
    proxy_buffers   4 256m;
    proxy_busy_buffers_size   256m;



    # Load configuration files for the default server block.
    include /etc/nginx/default.d/*.conf;
 
    root /home/laravel/public_html/public;
    index  index.php;

    # Requests for socket.io are passed on to Node on port 3000
    location /socket.io {
      proxy_set_header X-Real-IP $remote_addr;
      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
      proxy_set_header X-Forwarded-Proto  https;
      proxy_set_header X-VerifiedViaNginx yes;
      proxy_set_header Host $http_host;
      proxy_set_header X-NginX-Proxy false;

      proxy_pass http://localhost:3000;
      proxy_redirect off;

      proxy_http_version 1.1;
      proxy_set_header Upgrade $http_upgrade;
      proxy_set_header Connection "upgrade";
    }

    location / {
         try_files $uri $uri/ /index.php?$query_string;
    }

    location ~ \.php$
    {
       # try_files $uri $uri/ /index.php?$args;
        try_files $uri /index.php$request_uri;
        fastcgi_pass 127.0.0.1:9000;
        fastcgi_index index.php;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        include fastcgi_params;
    }
}

但当访问https://网站:3000 浏览器上的输出:

此站点无法提供安全连接 website.tld 发送了无效响应。ERR_SSL_PROTOCOL_ERROR

我的配置有任何错误吗?

答案1

要加载您的网站,您无需指定端口号。只需指定端口号https://website.example即可。原因是您现在有 nginx 在端口 443(默认 https 端口)上为您的网站提供服务。但您尝试绕过 nginx 直接访问 socket.io 服务器(并使用 https,它不使用它)。当您删除端口号时,它将改为连接到端口 443 上的 nginx。

此外,为了安全起见,您应该确保您的 socket.io 服务器只监听本地主机上的连接,以便恶意用户无法绕过 nginx 并直接连接到它。

相关内容