在Amazon Linux上的Apache上安装https和www重定向Rails Passenger和WordPress安装

Question

我希望http://www.example.com，http://example.com重定向到https://example.com。

https://example.com托管的应用程序是Rails Passenger应用程序。

我在/var/www/html/blog安装了一个WordPress，并且/blog已将/var/www/html/blog设为Mixed Content: The page at 'https://example.com/blog/' was loaded over HTTPS, but requested an insecure script 'http://xx.xx.xxx.xxx/blog/wp-includes/js/wp-emoji-release.min.js?ver=4.6.1'. This request has been blocked; the content must be served over HTTPS. e @ (index):23，以便https://example.com/blog运行WordPress博客。

然而，并非一切都按我的意愿运作：

现在：

1. http://www.example.com将https://example.com，这很好。
2. http://example.com不会https://example.com。
3. https://www.example.com不会https://example.com
4. https://example.com/blog在控制台中抛出异常，如下所示：/etc/httpd/conf/httpd.conf
5. http://example.com/blog运行正常，但我需要将其重定向到https://example.com/blog **
6. http://www.example.com/blog重定向到http://example.com/blog **

**第5和第6点，这可能是因为我已将WordPress网址设置为http://example.com。如果我将它设置为https://example.com，我会进入无限循环。

我可以获得有关如何修改apache配置的建议吗？

LoadModule passenger_module /usr/local/rvm/gems/ruby-2.3.3/gems/passenger-5.1.0/buildout/apache2/mod_passenger.so <IfModule mod_passenger.c> PassengerRoot /usr/local/rvm/gems/ruby-2.3.3/gems/passenger-5.1.0 PassengerDefaultRuby /usr/local/rvm/gems/ruby-2.3.3/wrappers/ruby </IfModule> <VirtualHost *:80> ProxyPreserveHost On # Tell Apache and Passenger where your app's 'public' directory is DocumentRoot /var/www/example/public # Redirect / https://example.com PassengerRuby /usr/local/rvm/gems/ruby-2.3.3/wrappers/ruby PassengerFriendlyErrorpages on # JkMount /tc* node1 # JkMount /intro* node1 # Relax Apache security settings <Directory /var/www/example/public> RailsEnv production Allow from all Options -MultiViews # Uncomment this if you're on Apache >= 2.4: # Require all granted RewriteEngine On RewriteBase / RewriteCond %{HTTP_HOST} ^www\.(.*)$ [NC] OR RewriteRule ^(.*)$ https://%1/$1 [R=301,L] </Directory> <Directory /var/www/html/blog> PassengerEnabled off # Makes Wordpress's .htaccess file work AllowOverride all </Directory> </VirtualHost> Alias /blog /var/www/html/blog Alias /.well-known/acme-challenge/ /var/www/example/.well-known/acme-challenge/ `

/etc/httpd/conf.d/ssl.conf

LoadModule ssl_module modules/mod_ssl.so Listen 443 SSLPassPhraseDialog builtin SSLSessionCache shmcb:/var/cache/mod_ssl/scache(512000) SSLSessionCacheTimeout 300 SSLMutex default SSLRandomSeed startup file:/dev/urandom 256 SSLRandomSeed connect builtin SSLCryptoDevice builtin <VirtualHost _default_:443> ErrorLog logs/ssl_error_log TransferLog logs/ssl_access_log LogLevel warn SSLProxyProtocol all -SSLv3 SSLEngine on SSLCertificateFile /etc/letsencrypt/live/example.com/cert.pem SSLCertificateKeyFile /etc/letsencrypt/live/example.com/privkey.pem SSLCertificateChainFile /etc/letsencrypt/live/example.com/chain.pem SSLProtocol All -SSLv2 -SSLv3 SSLHonorCipherOrder on SSLCipherSuite "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH+aRSA+RC4 EECDH EDH+aRSA !RC4 !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS" <Files ~ "\.(cgi|shtml|phtml|php3?)$"> SSLOptions +StdEnvVars </Files> <Directory "/var/www/cgi-bin"> SSLOptions +StdEnvVars </Directory> SetEnvIf User-Agent ".*MSIE.*" \ nokeepalive ssl-unclean-shutdown \ downgrade-1.0 force-response-1.0 CustomLog logs/ssl_request_log \ "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b" # to run in dev mode RailsEnv production # Be sure to point to 'public'! DocumentRoot /var/www/example/public # define server details ServerName example.com #ServerAlias www.example.com # rails needs the header for its own processing RequestHeader set X_FORWARDED_PROTO 'https' # this is just passing a proxy to a localhost server # ProxyRequests Off # ProxyPreserveHost On # <Proxy *> # Order deny,allow # Allow from all # </Proxy> # ProxyPass / http://localhost/ # ProxyPassReverse / http://localhost/ #<Directory /var/www/html/blog> # Options Indexes FollowSymLinks MultiViews # AllowOverride All # allow from all # Require all granted #</Directory> </VirtualHost>

unichr

Answer 1

我有以下工作将所有内容重定向到https://example.com，但我无法让https为/ blog工作：

httpd.conf

LoadModule passenger_module /usr/local/rvm/gems/ruby-2.3.3/gems/passenger-5.1.0/buildout/apache2/mod_passenger.so
<IfModule mod_passenger.c>
 PassengerRoot /usr/local/rvm/gems/ruby-2.3.3/gems/passenger-5.1.0
 PassengerDefaultRuby /usr/local/rvm/gems/ruby-2.3.3/wrappers/ruby
</IfModule>

<VirtualHost *:80>
    ServerName example.com
    ServerAlias www.example.com
    ProxyPreserveHost On
    # Tell Apache and Passenger where your app's 'public' directory is
    DocumentRoot /var/www/example/public

    PassengerRuby /usr/local/rvm/gems/ruby-2.3.3/wrappers/ruby
    PassengerFriendlyErrorpages on

    # Relax Apache security settings
    <Directory /var/www/example/public>
        RailsEnv production
        Allow from all
        Options -MultiViews
        # Uncomment this if you're on Apache >= 2.4:
        # Require all granted

        RewriteEngine On
        RewriteCond %{SERVER_NAME} =www.adintern.com
        RewriteRule  ^(.*)$        https://adintern.com/$1 [L,R=301]

        RewriteCond %{HTTPS} off
        RewriteRule (.*)           https://adintern.com/$1

        RewriteCond %{HTTP_HOST} ^www\.(.*)$ [NC]
        RewriteRule ^(.*)$ https://%1/$1 [R=301,L]
    </Directory>

    <Directory /var/www/html/blog>
        PassengerEnabled off
        # Makes Wordpress's .htaccess file work
        AllowOverride all
        Order allow,deny
        Allow from all
    </Directory>
</VirtualHost>

Alias /blog /var/www/html/blog
Alias /.well-known/acme-challenge/ /var/www/example/.well-known/acme-challenge/

ssl.conf

LoadModule ssl_module modules/mod_ssl.so

Listen 443

SSLPassPhraseDialog  builtin

SSLSessionCache         shmcb:/var/cache/mod_ssl/scache(512000)
SSLSessionCacheTimeout  300

SSLMutex default

SSLRandomSeed startup file:/dev/urandom  256
SSLRandomSeed connect builtin

SSLCryptoDevice builtin

<VirtualHost _default_:443>

ErrorLog logs/ssl_error_log
TransferLog logs/ssl_access_log
LogLevel warn

SSLProxyProtocol all -SSLv3

SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/www.example.com/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/www.example.com/privkey.pem
SSLProtocol All -SSLv2 -SSLv3
SSLHonorCipherOrder on
SSLCipherSuite "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH+aRSA+RC4 EECDH EDH+aRSA !RC4 !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS"

<Files ~ "\.(cgi|shtml|phtml|php3?)$">
    SSLOptions +StdEnvVars
</Files>
<Directory "/var/www/cgi-bin">
    SSLOptions +StdEnvVars
</Directory>

SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0

CustomLog logs/ssl_request_log "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"

# to run in dev mode
RailsEnv production

# Be sure to point to 'public'!
DocumentRoot /var/www/example/public

# define server details
ServerName example.com

# rails needs the header for its own processing
RequestHeader set X_FORWARDED_PROTO 'https'

# this is just passing a proxy to a localhost server
# ProxyRequests Off
# ProxyPreserveHost On
# <Proxy *>
# Order deny,allow
# Allow from all
# </Proxy>
# ProxyPass / http://localhost/
# ProxyPassReverse / http://localhost/

SSLCertificateChainFile /etc/letsencrypt/live/www.example.com/chain.pem

</VirtualHost>

对于WordPress，请将HOME和SITEURL设置为：

define('WP_HOME','https://example.com/blog');
define('WP_SITEURL','https://example.com/blog');