Nginx 服务器阻止不重定向

Nginx 服务器阻止不重定向

我正在做一个项目https://modernamedia.no/ 我正在尝试做很多事情

最后一个可以工作。但是前两个不起作用。你可以自己测试一下,方法是:https://www.modernamedia.no/

我也很难通过 API 调用访问我的本地主机,但这可能是与代码相关的问题。

https://stackoverflow.com/questions/71374284/angular-api-request-to-net-5-api-neterr-connection-refuse

配置文件

server {
    if ($host = www.modernamedia.no) {
        return 301 https://modernamedia.no$request_uri;
    } # managed by Certbot

    if ($host = modernamedia.no) {
        return 301 https://$host$request_uri;
    } # managed by Certbot

    # Redirect to the correct place, if needed
    set $https_redirect 0;
    if ($server_port = 80) { set $https_redirect 1; }
    if ($host ~ '^www\.') { set $https_redirect 1; }
    if ($https_redirect = 1) {
        return 301 https://modernamedia.no$request_uri;
    }

    listen 80;
    server_name modernamedia.no;
    return 404; # managed by Certbot
}


server {
    listen [::]:443 ssl http2 ipv6only=on;
    listen 443 ssl http2; # managed by Certbot
    server_name modernamedia.no;
    location / {
        proxy_pass http://localhost:4000;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection 'upgrade';
        proxy_set_header Host $host;
        proxy_cache_bypass $http_upgrade;
    }
    ssl_certificate /etc/letsencrypt/live/modernamedia.no/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/modernamedia.no/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    # ssl_ciphers EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}


server {
    listen   80;
    server_name  www.modernamedia.no;

    return 301 https://modernamedia.no$request_uri;
}

server {
    listen        81;
    server_name   api.modernamedia.no;
    root /var/www/ModernaMedia/DotNet;
    location / {
        proxy_pass         http://localhost:5000;
        proxy_http_version 1.1;
        proxy_set_header   Upgrade $http_upgrade;
        proxy_set_header   Connection keep-alive;
        proxy_set_header   Host $host;
        proxy_cache_bypass $http_upgrade;
        proxy_set_header   X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header   X-Forwarded-Proto $scheme;
    }
}


站点可用/默认

server {
    listen        81;
    server_name   api.modernamedia.no;
    root /var/www/ModernaMedia/DotNet;
    location / {
        proxy_pass         http://localhost:5000;
        proxy_http_version 1.1;
        proxy_set_header   Upgrade $http_upgrade;
        proxy_set_header   Connection keep-alive;
        proxy_set_header   Host $host;
        proxy_cache_bypass $http_upgrade;
        proxy_set_header   X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header   X-Forwarded-Proto $scheme;
    }
}

modernamedia.service

[Unit]
Description=ModernaMedia Net5 service
[Service]
WorkingDirectory=/var/www/ModernaMedia/DotNet
ExecStart=/usr/bin/dotnet /var/www/ModernaMedia/DotNet/ModernaMediaDotNet.dll
Restart=always
# Restart service after 10 seconds if the dotnet service crashes:
RestartSec=10
KillSignal=SIGINT
SyslogIdentifier=ModernaMedia-dotnet
User=www-data
Environment=ASPNETCORE_ENVIRONMENT=Production
Environment=DOTNET_PRINT_TELEMETRY_MESSAGE=false
[Install]
WantedBy=multi-user.target

我可以通过 curl 访问我的 .NET 服务器

答案1

您应该确保 Certbot 不会触碰您的 nginx 配置文件。它使用一种有问题且脆弱的方法来配置事物。

请改用以下方法:

# Redirect HTTP requests to HTTPS
server {
    listen 80;
    server_name modernamedia.no www.modernamedia.no;

    # Allow serving of Letsencrypt HTTP auth challenges

    location /.well-known {
        try_files $uri $uri/ =404;
    }

    # Do redirect to https
    location / {
        return 301 https://modernamedia.no$request_uri;
    }
}

# Redirect https://www.modernamedia.no to https://modernamedia.no
server {
    listen 443 ssl http2;
    server_name www.modernamedia.no;

    ssl_certificate /path/to/ssl_cert;
    ssl_certificate_key /path/to/ssl_key;

    return 301 https://modernamedia.no$request_uri;
}

# https://modernamedia.no
server {
    listen 443 ssl http2;
    server_name modernamedia.no;

    ssl_certificate /path/to/ssl_cert;
    ssl_certificate_key /path/to/ssl_key;

    # Actual web site configuration here
}

相关内容