nginx 301重定向到错误的vhost

时间:2015-11-25 14:20:41

标签: redirect ssl nginx proxy vhosts

我有多个站点指向我们的主站点的301重定向问题,尽管预期受影响的站点位于他们自己的服务器块中。如果我禁用主站点,其他人按预期工作,所以主配置中的某些东西似乎胜过其他站点。任何帮助将不胜感激。

/etc/nginx/nginx.conf:

user nginx;
worker_processes  8;
worker_rlimit_nofile 100000;

error_log  /var/log/nginx/error.log notice;
pid        /var/run/nginx.pid;

events {
  worker_connections  4096;
  multi_accept on;
  use epoll;
}

http {
  include       /etc/nginx/mime.types;
  default_type  application/octet-stream;
  log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                    '$status $body_bytes_sent "$http_referer" '
                    '"$http_user_agent" "$http_x_forwarded_for"';
  #access_log /var/log/nginx/access.log;
  access_log off;
  gzip on;
  gzip_disable "msie6";
  gzip_vary on;
  gzip_proxied any;
  gzip_comp_level 6;
  gzip_min_length 1100;
  gzip_buffers 16 8k;
  gzip_http_version 1.1;
  gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;
  open_file_cache max=2000 inactive=20s;
  open_file_cache_valid 60s;
  open_file_cache_min_uses 5;
  open_file_cache_errors off;
  client_max_body_size 50M;
  client_body_buffer_size 1m;
  client_body_timeout 15;
  client_header_timeout 15;
  keepalive_timeout 2 2;
  send_timeout 15;
  sendfile on;
  tcp_nopush on;
  tcp_nodelay on;
  fastcgi_buffers 256 16k;
  fastcgi_buffer_size 128k;
  fastcgi_connect_timeout 3s;
  fastcgi_send_timeout 120s;
  fastcgi_read_timeout 120s;
  fastcgi_busy_buffers_size 256k;
  fastcgi_max_temp_file_size 0;
  reset_timedout_connection on;
  server_names_hash_bucket_size 100;
  fastcgi_cache_path /var/cache/nginx levels=1:2 keys_zone=microcache:10m max_size=1000m inactive=60m;
  ssl_session_cache   shared:SSL:10m;
  ssl_session_timeout 10m;
  include /etc/nginx/conf.d/*.conf;
}

这是vhost conf似乎胜过其他vhosts。 /etc/nginx/conf.d/site1.conf:

server {
        listen 10.10.10.1:80;
        listen 10.10.10.1:443 ssl;
        server_name  ^site1\.org$  ^www\.site1\.org$ ^old\.site1domain\.org$;
        ssl_certificate ...;
        ssl_certificate_key ...;
        ssl_protocols       TLSv1 TLSv1.1 TLSv1.2;
        ssl_ciphers         HIGH:!aNULL:!MD5;
        keepalive_timeout 70;
        root  /var/www/vhosts/site1.org/httpdocs;
        index index.php;
        client_max_body_size 128M;
        location ~ \.php$ {
                try_files $uri =404;
                fastcgi_split_path_info ^(.+\.php)(/.+)$;
                fastcgi_index index.php;
                fastcgi_pass unix:/var/run/php-fpm/site1.sock;
                fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
                fastcgi_param PATH_INFO $fastcgi_path_info;
                include /etc/nginx/fastcgi_params;
                include /etc/nginx/fastcgi.conf;
                open_file_cache          max=4000 inactive=20s;
                open_file_cache_valid    30s;
                open_file_cache_min_uses 2;
                open_file_cache_errors   on;
        }
        add_header Strict-Transport-Security "max-age=31536000; includeSubdomains";
        if ($scheme != "https") {
                rewrite ^ https://site1.org$uri permanent;
        }
        if ($host != "site1.org") {
                rewrite ^ https://site1.org$uri permanent;
        }
        #wp-super-cache
        ....
        location ~* .(ogg|ogv|svg|svgz|eot|otf|woff|mp4|ttf|css|js|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|tar|mid|midi|wav|bmp)$ {
                expires max;
        }

}

呼。好的,这是一个不同的vhost配置示例,它似乎没有回复请求(相反,我得到301到上面的vhost,无论是否注释掉重定向)。

/etc/nginx/conf.d/site2.conf:

server  {
    listen  10.10.10.1:80;
    server_name  ^sub1\.site2\.org$;
    allow  all;
    proxy_redirect  / http://10.10.10.1:6969;
    location  / {
            proxy_pass  http://10.10.10.1:6969;
    }
}

但是,出于某种原因,此SSL代理按预期工作(在不同的IP上): /etc/nginx/conf.d/site3.conf:

server  {
        listen  10.10.10.2:443 ssl;
        server_name  ^sub3\.site1\.org$;
        ssl_certificate     ...;
        ssl_certificate_key ...;
        ssl_protocols       TLSv1 TLSv1.1 TLSv1.2;
        ssl_ciphers         HIGH:!aNULL:!MD5;
        allow  all;
        proxy_redirect  / http://sub3.site1.org:80/;
        location  / {
            proxy_pass  http://sub3.site1.org:80/;
        }
        proxy_set_header Host $http_host;
}

以下是我尝试连接http://sub1.site2.org时的内容:

[c09 79] /etc/nginx/conf.d#wget {sub1.site2.url} --2015-11-25 09:09:28-- {sub1.site2.url} 解决sub1.site2.org ... 10.10.10.1 连接到sub1.site2.org | 10.10.10.1 |:80 ...已连接。 发送HTTP请求,等待响应... 301永久移动 地点:{site1.url} [关注]

依旧...... 提前谢谢。

1 个答案:

答案 0 :(得分:0)

您的$str="randomstring number randomstring number randomstring number"; $exp=explode(" ",$str); for($i=0;$i<count($exp);$i++) { if(trim($exp[$i])=="") continue; $result[]=array(0=>$exp[$i],1=>$exp[$i+1]); $i++; } var_dump($result); 指令都无效,因此它们都不匹配。因此server_name使用第一个nginx容器作为默认容器,并通过该容器处理所有请求。

然后点击你的server条件重写。

如果您必须在rewrite ^ https://site1.org$uri permanent;中使用正则表达式(尽管效率较低,除非您真的需要它),您必须在名称前添加server_name。否则,只需使用普通名称。

~

有关详细信息,请参阅this document

相关问题
最新问题