Question

我想将子域重定向到https（当请求到达http时），但不是全部。我正在使用FuelPHP，我正在清理网址，以便index.php不可见。我写了这个配置，但是没有按预期工作。 HTTPS请求正在进行，但在请求使用HTTP时，服务器无法发送答案。

    $HTTP["host"] !~ "^(demo|faq|help|forums|mail|www)\.(domain\.com)$" {
    $HTTP["host"] =~ "^(.+\.)?(domain\.com)$" {
    $SERVER["socket"] == ":80" {
        url.redirect = ( "^/(.*)" => "https://%1/$1" )
    }
    $SERVER["socket"] == ":443" {
        ssl.engine = "enable" 
        ssl.pemfile = "/etc/lighttpd/certs/domain.com.pem"
    }
    server.document-root = "/home/domain/beta/public"
    server.errorlog = "/var/log/lighttpd/domain/beta/error.log"
    accesslog.filename = "/var/log/lighttpd/domain/beta/access.log"

    setenv.add-environment = ("FUEL_ENV" => "production")

    url.rewrite-once = (
        "/(.*)\.(.*)" => "$0",
        "/(js|ico|gif|jpg|png|swf|css|html)/" => "$0",
        "^/([^.]+)$" => "/index.php/$1")

    server.error-handler-404 = "/index.php"
  }
}

我对某些子域（demo，faq，...）进行了特定配置，这些子域从头开始过滤。所有未过滤的子域都是由应用程序动态管理的，因此必须仍然可以访问，但只能在SSL下使用。

Answer 1

我无法看到您的所有配置，所以我无法确定这是否能解决您的问题。

Lighttpd应该默认监听端口80，所以我没有指定它。

# Ssl config shouldn't be in a conditional
$SERVER["socket"] == ":443" {
    ssl.engine = "enable" 
    ssl.pemfile = "/etc/lighttpd/certs/domain.com.pem"
}

$HTTP["host"] !~ "^(demo|faq|help|forums|mail|www)\.(domain\.com)$" {
    $HTTP["host"] =~ "^(.+\.)?(domain\.com)$" {
        # Use the doc specified method of detecting http
        $HTTP["scheme"] == "http" {
            # capture vhost name with regex conditiona -> %0 in redirect    pattern
            # must be the most inner block to the redirect rule
            $HTTP["host"] =~ ".*" {
                url.redirect = (".*" => "https://%0$0")
            }
        }
        ....
    }
}

lighttpd http到https

1 个答案: