我有一台运行 debian 8.11 和 apache 2.4.10 的服务器,配置为服务 2 个网站。一个是用 wordpress 构建的网站(example.com),另一个是用 NodeBB 构建的论坛(forum.example.com,完全没有问题)。
该网站应以 example.com 的形式提供,如下所示www.example.com,甚至输入 IP 地址。所有 http 请求都应重定向到 https。第一种和最后一种情况有效,但是当我输入www.example.com(使用 www,无论使用 http 还是 https 都没关系)我最终在浏览器中出现以下错误:
Error 543
The origin web server is not available
如果我打开 apache 日志,我会在 access.log 中找到以下内容:
"-" 408 137 "-" "-"
这是 HTTP 的 myvhost 文件:
<VirtualHost *:80>
DocumentRoot /var/www/wordpress
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory /var/www/wordpress>
Options FollowSymLinks
AllowOverride All
</Directory>
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
<Directory "/usr/lib/cgi-bin">
AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
<VirtualHost *:80>
ServerName forum.example.com
Redirect / https://forum.example.com/
</VirtualHost>
这是针对 HTTPS 的:
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerAdmin [email protected]
DocumentRoot /var/www/wordpress
Redirect permanent /phpmyadmin https://example.com/phpmyadmin
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory /var/www/wordpress>
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
</Directory>
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
<Directory "/usr/lib/cgi-bin">
AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
SSLEngine on
SSLCertificateFile /etc/ssl/certs/www_example_com.crt
SSLCertificateKeyFile /etc/ssl/private/ssl-cert-comodo.key
SSLCertificateChainFile /etc/ssl/certs/COMODORSACertificateBundle.crt
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory /usr/lib/cgi-bin>
SSLOptions +StdEnvVars
</Directory>
# SSL Protocol Adjustments:
BrowserMatch "MSIE [2-6]" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
# MSIE 7 and newer should be able to use keepalive
BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown
SSLProtocol all -SSLv2 -SSLv3 -TLSv1 -TLSv1.1
SSLHonorCipherOrder on
SSLCipherSuite "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH+aRSA+RC4 EECDH EDH+aRSA RC4 !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS !RC4"
</VirtualHost>
<VirtualHost *:443>
ServerName forum.example.com
ServerAdmin [email protected]
SSLEngine on
SSLCertificateFile /etc/ssl/certs/forum_example_com.crt
SSLCertificateKeyFile /etc/ssl/private/ssl-cert-forum-comodo.key
SSLCertificateChainFile /etc/ssl/certs/COMODORSAForumCertificateBundle.crt
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory /usr/lib/cgi-bin>
SSLOptions +StdEnvVars
</Directory>
BrowserMatch "MSIE [2-6]" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
# MSIE 7 and newer should be able to use keepalive
BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown
ProxyRequests off
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
RequestHeader set X-Forwarded-Proto "https"
RewriteEngine On
RewriteCond %{REQUEST_URI} ^/socket.io [NC]
RewriteCond %{QUERY_STRING} transport=websocket [NC]
RewriteRule /(.*) ws://127.0.0.1:4567/$1 [P,L]
ProxyPass / http://127.0.0.1:4567/
ProxyPassReverse / http://127.0.0.1:4567/
ErrorDocument 503 http://status.example.com
</VirtualHost>
</IfModule>
...这是我在 wordpress 网站中使用的 htaccess:
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://example.com/$1 [R,L]
</IfModule>
# BEGIN WordPress
# The directives (lines) between "BEGIN WordPress" and "END WordPress" are
# dynamically generated, and should only be modified via WordPress filters.
# Any changes to the directives between these markers will be overwritten.
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress
我找到的所有关于 403 错误的资源都涵盖了不同的情况,所以我真的不知道该怎么做了。谢谢大家!