Apache 将 https:b-site 访问者定向到 https:a-site (b-site 没有 SSL)

tag-icon tag-icon ubuntu apache-2.4 https
Apache 将 https:b-site 访问者定向到 https:a-site (b-site 没有 SSL)

我的 Apache 系统遇到了问题。它是全新的,我也是。

我现在的问题是,如果有人访问https://123.446.689.0或者https://b-site.com,(没有任何 SSL),那么 a-site 会在 https 上切入吗?

连接怎么会这样跳转?(当然会出现警告,因为 SSL 是用于另一个域的)

我将在 b 站点上获取 SSL,但无法获取 IP 的 SSL。并且所有直接 IP 访问都应重定向到另一个站点。(当前为 000-default)

这些是我的配置文件;

站点.com.conf

<VirtualHost a-site.com:80>
ServerName a-site.com
DocumentRoot /var/www/a-site.com
    <Directory /var/www/a-site.com>
        Options FollowSymLinks
        AllowOverride Limit Options FileInfo
        DirectoryIndex index.html index.php
        Require all granted

    </Directory>
<Directory /var/www/a-site.com/wp-content>
        Options FollowSymLinks
        Require all granted

    </Directory>

ErrorLog ${APACHE_LOG_DIR}/a-site.error.log
CustomLog ${APACHE_LOG_DIR}/a-site.log combined
RewriteEngine on
RewriteCond %{SERVER_NAME} =a-site.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>

a-conf.com-le-ssl.conf

<IfModule mod_ssl.c>
<VirtualHost a-site.com:443>
    ServerName a-site.com
    ServerAdmin arga@localhost
    DocumentRoot /var/www/a-site.com
    ErrorLog ${APACHE_LOG_DIR}/a-site.error.log
    CustomLog ${APACHE_LOG_DIR}/a-site.access.log combined


SSLCertificateFile /etc/letsencrypt/live/a-site.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/a-site.com/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
Header always set Strict-Transport-Security "max-age=31536000"
</VirtualHost>
</IfModule>

000-默认.conf

<VirtualHost 123.456.789.0:80>
        ServerAdmin webmaster@localhost
        DocumentRoot /var/www/00
        ErrorLog ${APACHE_LOG_DIR}/catchall.error.log
        CustomLog ${APACHE_LOG_DIR}/catchall.access.log combined

</VirtualHost>

b-站点.com.conf

<VirtualHost b-site.com:80>
ServerName b-site.com
DocumentRoot /var/www/b-site.com
    <Directory /var/www/b-site.com>
        Options FollowSymLinks
        AllowOverride Limit Options FileInfo
        DirectoryIndex index.html index.php
        Require all granted

    </Directory>
<Directory /var/www/b-site.com/wp-content>
        Options FollowSymLinks
        Require all granted

    </Directory>

ErrorLog ${APACHE_LOG_DIR}/b-site.error.log
CustomLog ${APACHE_LOG_DIR}/b-site.log combined

</VirtualHost>

000-默认-ssl.conf

<IfModule mod_ssl.c>
  
 <VirtualHost _default_:443>
            ServerAdmin webmaster@localhost
            DocumentRoot /var/www/00
            
            ErrorLog ${APACHE_LOG_DIR}/napto.def.error.log
            CustomLog ${APACHE_LOG_DIR}/napto.def.access.log combined
            SSLEngine on

            SSLCertificateFile      /etc/ssl/certs/ssl-cert-snakeoil.pem
            SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
            <FilesMatch "\.(cgi|shtml|phtml|php)$">
                            SSLOptions +StdEnvVars
            </FilesMatch>
            <Directory /usr/lib/cgi-bin>
                            SSLOptions +StdEnvVars
            </Directory>             
        </VirtualHost>
</IfModule>

答案1

您仅a-site.com:443 VirtualHost定义了端口 443(https),因此 Apache 仅显示它能找到的站点。

您需要以与 中相同的方式VirtualHost在端口 443 上定义默认端口(或检查是否有并启用它)。您仍然需要为默认主机提供 TLS/SSL 证书,但您可以创建自签名证书。基于 Debian 的系统已经为您生成了一个证书。<VirtualHost _default_:443>000-default.confdefault-ssl.conf/etc/ssl/certs/ssl-cert-snakeoil.pem

相关内容