Nginx在URI上反向代理到Wordpress

时间:2015-03-03 01:27:42

标签: wordpress symfony redirect nginx reverse-proxy

我在nginx服务器上运行了一个Symfony 2.5.X应用程序。我将其称为 domain.com

该服务器中的/ news URI被配置为远程计算机的反向代理,我再次在nginx服务器上运行Wordpress博客。我将其称为 blog.domain.com

domain.com 的配置如下:

server {
  listen 80;
  server_name domain.com;

  set $project_path /home/webserver/prod.domain.com;
  root $project_path/web;

  error_log /home/webserver/prod.domain.com/app/logs/nginx_error.log;
  access_log /home/webserver/prod.domain.com/app/logs/nginx_access.log;

  charset utf-8;
  client_max_body_size 65m;

  # Some extra speed
  open_file_cache max=1000 inactive=20s;
  open_file_cache_valid 30s;
  open_file_cache_min_uses 2;
  open_file_cache_errors on;

  # Reverse-proxy all /news calls to remote machine
  location ~ /news?(.*) {

    access_log off;

    proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;
    proxy_set_header        Host                    blog.domain.com;  # without it it doesn't work
    #proxy_set_header        Host                    $http_host;
    proxy_set_header        X-Real-IP               $remote_addr;
    proxy_set_header        X-Forwarded-For         $proxy_add_x_forwarded_for;
    proxy_set_header        X-Forwarded-Proto       http;
    proxy_set_header        X-Custom-Secret         6ffe3dba7213c678324a101827aa3cf22c;

    proxy_redirect          off;
    proxy_buffering         off;
    #proxy_intercept_errors  on;

    proxy_pass http://blog.domain.com:80;
    break;
  }
  # Default URLs
  location / {
    try_files $uri /app.php$is_args$args;
  }

  # Error pages (static)
  #error_page 403                 /errorpages/403.html;
  error_page 404                  /errorpages/404.html;
  #error_page 405                 /errorpages/405.html;
  error_page 500 501 502 503 504  /errorpages/5xx.html;

  # Don't log garbage, add some browser caching
  location ~* ^.+\.(ogg|ogv|svg|svgz|eot|otf|woff|mp4|ttf|rss|atom|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf)$ {
    access_log off;
    log_not_found off;
    expires max;
    add_header Pragma "public";
    add_header Cache-Control "public, must-revalidate, proxy-revalidate";
    try_files $uri /app.php?$query_string;
  }
  location ~* ^.+\.(css|js)$ {
    expires modified +1m;
    add_header Pragma "private";
    add_header Cache-Control "private";
    etag on;
    try_files $uri /app.php?$query_string;
  }
  location = /robots.txt {
    allow all;
    access_log off;
    log_not_found off;
  }

  # Disallow .htaccess, .htpasswd and .git
  location ~ /\.(ht|git) {
    deny all;
  }

  # Parse PHP
  location ~ ^/(app|app_dev|config)\.php(/|$) {
    include                 fastcgi_params;
    fastcgi_split_path_info ^(.+\.php)(/.*)$;
    fastcgi_param           SCRIPT_FILENAME $document_root$fastcgi_script_name;
    fastcgi_param           HTTPS           off;
    fastcgi_pass            php;
  }
}

blog.domain.com 的配置如下:

server {
  listen 80;
  server_name blog.domain.com;

  root  /home/webserver-blog/news;

  access_log    /home/webserver-blog/logs/http_access.log;
  error_log     /home/webserver-blog/logs/http_error.log;

  charset utf-8;
  client_max_body_size 65m;

  # Some extra speed
  open_file_cache max=1000 inactive=20s;
  open_file_cache_valid 30s;
  open_file_cache_min_uses 2;
  open_file_cache_errors on;

  # Default URLs
  location / {
    # This never gets parsed as / is reserved for our main server
  }
  location ~* ^/news/(wp-content|wp-admin) {  # without this directive I didn't have any static files
    root /home/webserver-topblog/;
  }
  location ~* ^/news {
    try_files $uri $uri/ /index.php?args;
  }

  # Don't log garbage
  location ~* ^.+\.(ogg|ogv|svg|svgz|eot|otf|woff|mp4|ttf|rss|atom|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf)$ {
    access_log off;
    log_not_found off;
    expires max;
  }
  location = /robots.txt {
    allow all;
    access_log off;
    log_not_found off;
  }

  # Disallow .htaccess or .htpasswd
  location ~ /\.ht {
    deny all;
  }

  # Disallow logs
  location ~ ^/logs/.*\.(log|txt)$ {
    deny all;
  }

  # Parse PHP
  location ~ \.php$ {
      #if (!-e $request_filename) { rewrite / /index.php last; }
      try_files $uri =404;

      include        fastcgi_params;
      fastcgi_index  index.php;
      fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
      fastcgi_pass   php;
  }
}

正如您所知,我的Wordpress位于/home/webserver-blog/news/。我在Wordpress中稍微修改了index.php文件,用于检查X-Custom-Secret标头,如果它不存在(或无效),则会强制301重定向到 domain.com/news /

现在我尝试了几种不同的方法让它正常运行。

  • 首先(也是最明显的)将 blog.domain.com root指向/home/webserver-blog/,并允许nginx自然地将请求URI传递给子目录,/news。这非常有效,但它不允许我使用Wordpress的永久链接,只是使用查询字符串。如果您在没有尾随斜杠的情况下调用/news,那么它产生的其他奇怪行为实际上是在HTTP重定向中暴露 blog.domain.com 。我的自定义index.php可以快速处理这些重定向,但我仍然想避免完全暴露 blog.domain.com
  • 第二种(当前非常流行的)方法再次将 blog.domain.com root直接指向Wordpress的目录/home/webserver-blog/news/并欺骗所有对具有location ~* ^/news/(wp-content|wp-admin)指令的静态文件的请求指向它的根目录一个levelel。这适用于固定链接和静态文件,但同样 - /news/wp-login.php为我提供了无限重定向到本身/news/wp-admin/实际上下载了index.php文件而不是解析它(发送它为application/octet-stream

我完全没有想法......非常感谢任何帮助。

1 个答案:

答案 0 :(得分:1)

我认为我设法提出了一个解决方案。远非完美或干净,但......好吧,它有效。

blog.domain.com 的配置:

server {
  listen 80;
  server_name blog.domain.com;

  root  /home/webserver-blog;

  access_log    /home/webserver-blog/logs/http_access.log;
  error_log     /home/webserver-blog/logs/http_error.log;

  charset utf-8;
  client_max_body_size 65m;

  # Some extra speed
  open_file_cache max=1000 inactive=20s;
  open_file_cache_valid 30s;
  open_file_cache_min_uses 2;
  open_file_cache_errors on;

  # Default URLs
  location ~* ^/news$ {
    rewrite ^ $scheme://domain.com/news/ permanent;   # ** HARDCODED production url
    break;
  }
  location / {
    try_files $uri $uri/ @redir;
  }
  location @redir {
    rewrite ^/news/(.*)$ /news/index.php?$1 last;
  }

  # Don't log garbage
  location ~* ^.+\.(ogg|ogv|svg|svgz|eot|otf|woff|mp4|ttf|rss|atom|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf)$ {
    access_log off;
    log_not_found off;
    expires max;
  }
  location = /robots.txt {
    allow all;
    access_log off;
    log_not_found off;
  }

  # Disallow .htaccess or .htpasswd
  location ~ /\.ht {
    deny all;
  }

  # Disallow logs
  location ~ ^/logs/.*\.(log|txt)$ {
    deny all;
  }

  # Parse PHP
  location ~ \.php$ {
    include                 fastcgi_params;
    fastcgi_split_path_info ^(.+\.php)(/.*)$;
    fastcgi_param           SCRIPT_FILENAME  $document_root$fastcgi_script_name;
    fastcgi_param           HTTPS           off;
    fastcgi_pass            php;
  }
}

所以诀窍是我仍然在文件系统目录上运行,而不是花哨的全方位重写和重定向。 news/仍然是文件系统中的物理目录,可以使用来自nginx的location /指令进行读取。以前在尝试不带斜线访问时暴露 blog.domain.com 域的问题似乎是本机nginx的行为 - 它看到了一个目录,它在末尾添加了一个斜杠;由于它的server_name设置为 blog.domain.com ,我们开始吧。硬编码生产URL并将该规则放在首位几乎解决了这个问题。

@redir位置再次启用了Wordpress'很好地永久保存。

我已添加到整个设置以防止人们直接在http:// blog.domain.com /上直接存储的另一个index.php文件直接存储在{{1 }}:

/home/webserver-blog/

...而且,正如之前提到的,在Wordpress&#39;之上几行。原<?php /* * domain.com redirector */ $production = 'http://domain.com/news/'; // Redirect nicely if(isset($_SERVER['REQUEST_URI']) and $_SERVER['REQUEST_URI'] !== '/') { $target = sprintf('%s%s', $production, preg_replace('/^\//', null, $_SERVER['REQUEST_URI'])); header('Location: ' . $target); } else header('Location: ' . $production); 

index.php

丑陋......但是很有效。 我仍然乐于听到更好的解决方案。 :)

相关问题
最新问题