NGINX cookie免费域名设置问题

时间:2014-10-11 15:46:30

标签: css cookies nginx cookieless

这是我支持SSL的真实域名 - > https://www.wknet.se/
这是我的cookie免费域名 - > http://cdnwknet.com/

我希望我的真实网站看起来像这样 - >设置完成后,wknet.se /?style。

在我的真实网站的<head>我有这个 - &gt; <link rel="stylesheet" href="http://cdnwknet.com/wk-templates/css/bootstrap.3.2.0.min.css" media="all">。如您所见,我将静态css文件指向我的cookie free domain。

我的无cookie域的配置文件如下所示:

server {
   listen 80;
   listen [::]:80;
   server_name www.cdnwknet.com;

   return 301 http://cdnwknet.com$request_uri;
}

server {
   listen 80;
   server_name cdnwknet.com;

   root /var/www/cdnwknet.com/html;
   index index.php index.html index.htm;

   error_page 403 /error/403.html;
   error_page 404 /error/404.html;

   charset utf-8;

   if ( $request_uri ~ ^(/index\.php)$ ) {
      return 301 http://cdnwknet.com;
   }

   location / {
      try_files $uri $uri/ =404;
      expires max;
      add_header Pragma public;
      add_header Cache-Control "public, must-revalidate, proxy-revalidate";
      access_log off;
      log_not_found off;
      fastcgi_hide_header Set-Cookie;
      tcp_nodelay off;
      break;
   }

   location ~ \.php$ {
      try_files $uri =404;
      fastcgi_split_path_info ^(.+\.php)(/.+)$;
      fastcgi_pass unix:/var/run/php5-fpm.sock;
      fastcgi_index index.php;
      include fastcgi_params;
   }

  location = /error/403.html {
      root /var/www/cdnwknet.com/html;
      allow all;
  }

  location = /error/404.html {
      root /var/www/cdnwknet.com/html;
      allow all;
  }
}

在我的真实域名的DNS设置中,我添加了一个CNAME,如此图片显示---&gt; i.stack.imgur.com/y0BkE.jpg

我正在使用DigitalOcean,我的真实网站和无cookie域名在同一个Droplet(服务器)上。不含cookie的域名与我的真实域名具有相同的IP地址。

现在,我在这里缺少什么,我的无Cookie域名配置是否正确?

如果需要更改,我的真实域名配置如下:

server {
   listen 80 default_server;
   listen [::]:80 default_server ipv6only=on;
   server_name wknet.se www.wknet.se;

   add_header Strict-Transport-Security max-age=15768000;
   return 301 https://www.wknet.se$request_uri;
}

server {
   listen 443 ssl;
   server_name wknet.se;

   ssl_certificate /etc/nginx/ssl/SSL.crt;
   ssl_certificate_key /etc/nginx/ssl/KEY.key;

   ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
   ssl_ciphers ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:RC4+RSA:+HIGH:+MEDIUM;
   ssl_prefer_server_ciphers on;

   return 301 https://www.wknet.se$request_uri;
 }

 server {
   listen 443 ssl;
   server_name www.wknet.se;

   root /var/www/wknet.se/html;
   index index.php index.html index.htm;

   ssl_certificate /etc/nginx/ssl/SSL.crt;
   ssl_certificate_key /etc/nginx/ssl/KEY.key;

   ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
   ssl_ciphers ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:RC4+RSA:+HIGH:+MEDIUM;
   ssl_prefer_server_ciphers on;

   error_page 403 /error/403.html;
   error_page 404 /error/404.html;

   charset utf-8;

   if ( $request_uri ~ ^(/index\.php)$ ) {
      return 301 https://www.wknet.se;
   }

   location / {
      try_files $uri $uri/ =404;
   }

   location ~ \.php$ {
      try_files $uri =404;
      fastcgi_split_path_info ^(.+\.php)(/.+)$;
      fastcgi_pass unix:/var/run/php5-fpm.sock;
      fastcgi_index index.php;
      include fastcgi_params;
   }

   location ~ /\.ht {
      deny all;
   }

   location = /favicon.ico {
      log_not_found off;
      access_log off;
   }

   location = /robots.txt {
      allow all;
      log_not_found off;
      access_log off;
   }

   location ~ /\. { 
      deny all; 
      error_log off; 
      log_not_found off; 
   }

   location ~* .(jpg|jpeg|png|gif|ico|css|js)$ {
      log_not_found off;
      expires 365d;
      add_header Cache-Control "public, max-age=315360000";
   }

   location ~* ^.+\.(ogg|ogv|svg|svgz|eot|otf|woff|mp4|ttf|rss|atom|jpg|jpeg|png|gif|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf)$ {
      access_log off;
      log_not_found off;
      expires max;
      add_header Pragma public;
      add_header Cache-Control "public, must-revalidate, proxy-revalidate";
   }

   location ~* \.(7z|ai|class|css|csv|ejs|eps|flv|html?|jar|jpe?g|js|json|lzh|m4a|m4v|mov|mp3|pdf|pict|pls|ps|psd|swf|tiff?|txt|webp)$ {
      access_log off; 
      log_not_found off;
      expires max;
      add_header Pragma public;
      add_header Cache-Control "public, must-revalidate, proxy-revalidate";
   }

   location = /error/403.html {
      root /var/www/wknet.se/html;
      allow all;
   }

   location = /error/404.html {
      root /var/www/wknet.se/html;
      allow all;
   }
}

1 个答案:

答案 0 :(得分:0)

添加一个单独的子域,例如static.wknet.se

并添加:

server{
fastcgi_hide_header Set-Cookie;
}