我开发了一个Web应用程序,这个应用程序在Apache和Nginx(proxy_pass)上运行。 我的ADSL没问题,当我在移动网络(3G / 4G)上出现问题
我的应用程序运行良好但是当我尝试登录时,它失败了。
如果我将服务器配置为运行SSL(HTTPS),登录过程运行良好,那么我决定检查我的服务器配置,HTTP和HTTPS之间的情况相同。
另外,我检查HTTP Header并看到一个新的HTTP标头:
Via:1.0 proxy (proxy)
X-Cache:MISS from proxy
任何人都知道它是什么?为什么标题被添加,如果标题是问题?
Nginx配置:
server {
listen 80;
server_name *.example.com;
access_log off;
error_log off;
root $app_folder/www/;
location ~ /\. { deny all; }
location ~ ~$ { deny all; }
location ~ \.php$ { deny all; }
location ~ /(cart) {
rewrite ^ https://$http_host$request_uri? permanent;
}
location / {
set $var A;
if ($remote_addr != XXX.XXX.XXX.XXX) {
set $var "${var}B";
}
if ($var = AB) {
#return 503;
}
proxy_pass http://127.0.0.1:8080;
}
include /etc/nginx/proxy.conf;
location ~* .(js|css|png|jpeg)$ {
include /etc/nginx/includes/cdn-header-cache;
}
location ~ /svn {
gzip on;
gzip_http_version 1.0;
gzip_comp_level 2;
gzip_min_length 1100;
gzip_buffers 64 8k;
gzip_proxied any;
gzip_types text/html text/plain text/xml application/xml application/xml+rss text/css text/javascript application/javascript application/json;
gzip_proxied expired no-cache no-store private auth;
gzip_disable msie6;
gzip_vary on;
}
location /nginx_status {
stub_status on;
access_log off;
allow XXX.XXX.XXX.XXX;
deny all;
}
error_page 500 502 504 /50x.html;
error_page 503 /work.html;
location = /work.html {
root /home/website;
}
}
proxy.conf文件
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
client_max_body_size 1024M;
client_body_buffer_size 1024M;
proxy_buffer_size 128k;
proxy_buffers 4 256k;
proxy_busy_buffers_size 256k;
cdn-header-cache file
expires 3M;
log_not_found off;
access_log off;
add_header Cache-Control public;
# don't send cookies
fastcgi_hide_header Set-Cookie;
# CORS config
set $cors "true";
# Determine the HTTP request method used
if ($request_method = 'OPTIONS') {
set $cors "${cors}options";
}
if ($request_method = 'GET') {
set $cors "${cors}get";
}
if ($request_method = 'POST') {
set $cors "${cors}post";
}
if ($cors = "true") {
# Catch all incase there's a request method we're not dealing with properly
add_header 'Access-Control-Allow-Origin' '*';
}
if ($cors = "trueget") {
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Credentials' 'true';
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
add_header 'Access-Control-Allow-Headers' 'DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type';
}
if ($cors = "trueoptions") {
add_header 'Access-Control-Allow-Origin' '*';
# Om nom nom cookies
add_header 'Access-Control-Allow-Credentials' 'true';
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
# Custom headers and headers various browsers *should* be OK with but aren't
add_header 'Access-Control-Allow-Headers' 'DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type';
# Tell client that this pre-flight info is valid for 20 days
add_header 'Access-Control-Max-Age' 1728000;
add_header 'Content-Type' 'text/plain charset=UTF-8';
add_header 'Content-Length' 0;
return 204;
}
if ($cors = "truepost") {
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Credentials' 'true';
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
add_header 'Access-Control-Allow-Headers' 'DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type';
}
Apache虚拟主机
<VirtualHost *:8080>
DocumentRoot "/home/website/www"
ServerAdmin postmaster@example.com
ServerName www.example.com
ServerAlias example.com
setenvIf Request_URI ".(jpg|jpeg|png|css|gif|ico|js)$" dontlog
CustomLog /var/log/apache2/example.com-access.log combined env=!dontlog
ErrorLog /var/log/apache2/example.com-error.log
<Directory /home/website/www/>
allow from all
Options +Indexes
</Directory>
</VirtualHost>
答案 0 :(得分:0)
您正在使用的Apache和Nginx配置可能有所帮助。