NGINX 反向代理混合内容可能是配置错误

tag-icon tag-icon nginx reverse-proxy
NGINX 反向代理混合内容可能是配置错误

我在用着服务器 A(NGINX 作为 WordPress 的 Web 服务器)服务器 B(NGINX 作为反向代理)并在使用 Certbot 从 Let's Encrypt 获取 SSL 证书后服务器 B我收到

Mixed Content: The page at 'https://example.net/' was loaded over 
 HTTPS, but requested an insecure script 
'http://xx.xx.xx.xx/wp-includes/js/wp-emoji-release.min.js?ver=5.8'. 
This request has been blocked; the content must be served over HTTPS.

并且页面加载时没有任何 JPG 或 CSS。
服务器 A 配置

server {
            listen 80;
            root /var/www/wordpress;
            index index.php index.html;

            access_log /var/log/nginx/example.access.log;
            error_log /var/log/nginx/example.error.log;

            location / {
                        try_files $uri $uri/ =404;
            }

            location ~ \.php$ {
                         include snippets/fastcgi-php.conf;
                         fastcgi_pass unix:/run/php/php7.4-fpm.sock;
            }

            location ~ /\.ht {
                         deny all;
            }

            location = /favicon.ico {
                         log_not_found off;
                         access_log off;
            }

            location = /robots.txt {
                         allow all;
                         log_not_found off;
                         access_log off;
           }

            location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
                         expires max;
                         log_not_found off;
           }

            location /wp-admin/ {
                index index.php
            try_files $uri $uri /index.php?$args;
    }
}

服务器 B 配置

server {
    if ($host = example.net) {
        return 301 https://example.net$request_uri;
    }

    if ($host = www.example.net) {
        return 301 https://example.net$request_uri;
    }

   server_name example.net www.example.net;
    listen 80;
    return 404;

}
server {
        listen 0.0.0.0:443 ssl http2;

        server_name example.net www.example.net;

         ssl_certificate      /etc/letsencrypt/live/example.net/fullchain.pem;
         ssl_certificate_key  /etc/letsencrypt/live/example.net/privkey.pem;

        location ~ /.well-known/acme-challenge {
                allow all;
        }

    location / {

    proxy_pass            http://xx.xx.xx.xx/;
    proxy_read_timeout    90;
    proxy_connect_timeout 90;
    proxy_redirect        off;
    proxy_set_header X-Forwarded-Host $host;
    proxy_set_header X-Forwarded-Server $host;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto $scheme;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header Host $host;
    proxy_ssl_server_name on;

    }
}

服务器 A托管于 WordPress。有人能帮我吗,因为我的配置文件可能乱了……提前谢谢了。

解决方案:在 Nginx cfg 中添加:

add_header 'Content-Security-Policy' 'upgrade-insecure-requests';

在 WordPress 中也更改了 WordPress 地址(URL)和站点地址(URL)。

相关内容