当我使用nginx时,我遇到了WordPress永久链接的问题。 我试图在我的nginx配置文件中添加以下行,但仍然无法让这些永久链接工作:
location / {
try_files $uri $uri/ /en/index.php?$args;
}
当我在WordPress控制面板中启用永久链接时,我收到404错误。
这是我的nginx conf文件,如果这可以帮助调查问题,因为我几乎尝试了网络上的所有内容。我想我的配置中有些东西搞砸了:
server {
server_name blog.domain.com www.blog.domain.com;
listen 161.122.20.14;
return 301 https://$server_name$request_uri;
ssl_certificate /home/domain/domains/blog.domain.com/ssl.cert;
ssl_certificate_key /home/domain/domains/blog.domain.com/ssl.key;
}
server {
server_name blog.domain.com www.blog.domain.com;
listen 161.122.20.14:443 ssl http2;
root /home/domain/domains/blog.domain.com/public_html;
index index.html index.htm index.php;
access_log /var/log/virtualmin/blog.domain.com_access_log;
error_log /var/log/virtualmin/blog.domain.com_error_log;
fastcgi_param GATEWAY_INTERFACE CGI/1.1;
fastcgi_param SERVER_SOFTWARE nginx;
fastcgi_param QUERY_STRING $query_string;
fastcgi_param REQUEST_METHOD $request_method;
fastcgi_param CONTENT_TYPE $content_type;
fastcgi_param CONTENT_LENGTH $content_length;
fastcgi_param SCRIPT_FILENAME /home/domain/domains/blog.domain.com/public_html$fastcgi_script_name;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
fastcgi_param REQUEST_URI $request_uri;
fastcgi_param DOCUMENT_URI $document_uri;
fastcgi_param DOCUMENT_ROOT /home/domain/domains/blog.domain.com/public_html;
fastcgi_param SERVER_PROTOCOL $server_protocol;
fastcgi_param REMOTE_ADDR $remote_addr;
fastcgi_param REMOTE_PORT $remote_port;
fastcgi_param SERVER_ADDR $server_addr;
fastcgi_param SERVER_PORT $server_port;
fastcgi_param SERVER_NAME $server_name;
fastcgi_param HTTPS $https;
location ~ \.php$ {
try_files $uri =404;
fastcgi_pass unix:/var/php-nginx/14765596504348.sock/socket;
}
location = /favicon.ico {
log_not_found off;
access_log off;
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
location ~* .(js|css|png|jpg|jpeg|gif|ico)$ {
access_log off;
log_not_found off;
expires 365d;
}
location ~* /(?:uploads|files)/.*\.php$ {
deny all;
}
location ~* \.(engine|inc|info|install|make|module|profile|test|po|sh|.*sql|theme|tpl(\.php)?|xtmpl)$|^(\..*|Entries.*|Repository|Root|Tag|Template)$|\.php_ {
return 444;
}
location ~* \.(pl|cgi|py|sh|lua)\$ {
return 444;
}
location ~ /(\.|wp-config\.php|readme\.html|license\.txt) { deny all; }
ssl_certificate /home/domain/domains/blog.domain.com/ssl.cert;
ssl_certificate_key /home/domain/domains/blog.domain.com/ssl.key;
ssl_trusted_certificate /home/domain/domains/blog.domain.com/ssl.ca;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_dhparam /etc/nginx/dhparam.pem;
ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA';
add_header Accept-Ranges bytes;
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-Content-Type-Options "nosniff" always;
add_header X-XSS-Protection "1; mode=block" always;
add_header Strict-Transport-Security "max-age=15768000" always;
add_header Public-Key-Pins 'pin-sha256="Niasdcu1LQAzCK234v6aJLcwJFCcWATc4asdIBhio7XpIQ="; pin-sha256="75h33riR+PAtOJcVKNfn2y1/N1ARLqJ213YDX5bnAi1Q="; max-age=2592000;';
}
答案 0 :(得分:2)
让我们来看一下您的重定向服务器块...由于 WordPress 不允许或喜欢您同时使用www和root域名进行网站网址的事实,您必须选择一个。假设您不想使用www并希望使用域本身,您的第一个重定向服务器块将如下所示:
server {
listen 161.122.20.14;
server_name blog.domain.com www.blog.domain.com;
return 301 https://blog.domain.com$request_uri;
}
这将有效地监听给定的ip,端口80为blog.domain.com和www.blog.domain.com重定向到https://blog.domain.com
为什么我说第一次?因为您可能希望有另一个重定向服务器块来捕获www域中的所有https。在这种情况下,您需要确保您的服务器块具有有效的ssl配置集。如果没有更多调查并且只接受配置,您的ssl重定向将如下所示:
server {
listen 161.122.20.14:443 ssl http2;
server_name www.blog.domain.com;
ssl_certificate /home/domain/domains/blog.domain.com/ssl.cert;
ssl_certificate_key /home/domain/domains/blog.domain.com/ssl.key;
ssl_trusted_certificate /home/domain/domains/blog.domain.com/ssl.ca;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_dhparam /etc/nginx/dhparam.pem;
ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA';
return 301 https://blog.domain.com$request_uri;
}
现在我们确定所有对blog.domain.com或www.blog.domain.com的请求都要在重定向方面得到处理,在端口80和443上,我们的主服务器块看起来像这样:
server {
listen 161.122.20.14:443 ssl http2 deferred;
server_name blog.domain.com;
root /home/domain/domains/blog.domain.com/public_html;
index index.html index.htm index.php;
access_log /var/log/virtualmin/blog.domain.com_access_log;
error_log /var/log/virtualmin/blog.domain.com_error_log;
ssl_certificate /home/domain/domains/blog.domain.com/ssl.cert;
ssl_certificate_key /home/domain/domains/blog.domain.com/ssl.key;
ssl_trusted_certificate /home/domain/domains/blog.domain.com/ssl.ca;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_dhparam /etc/nginx/dhparam.pem;
ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA';
add_header Accept-Ranges bytes;
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-Content-Type-Options "nosniff" always;
add_header X-XSS-Protection "1; mode=block" always;
add_header Strict-Transport-Security "max-age=15768000" always;
add_header Public-Key-Pins 'pin-sha256="Niasdcu1LQAzCK234v6aJLcwJFCcWATc4asdIBhio7XpIQ="; pin-sha256="75h33riR+PAtOJcVKNfn2y1/N1ARLqJ213YDX5bnAi1Q="; max-age=2592000;';
location = /favicon.ico {
log_not_found off;
access_log off;
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
location ~* .(js|css|png|jpg|jpeg|gif|ico)$ {
access_log off;
log_not_found off;
expires 365d;
}
location ~* /(?:uploads|files)/.*\.php$ {
deny all;
}
location ~* \.(engine|inc|info|install|make|module|profile|test|po|sh|.*sql|theme|tpl(\.php)?|xtmpl)$|^(\..*|Entries.*|Repository|Root|Tag|Template)$|\.php_ {
return 444;
}
location ~* \.(pl|cgi|py|sh|lua)\$ {
return 444;
}
location ~ /(\.|wp-config\.php|readme\.html|license\.txt) { deny all; }
location / {
try_files $uri $uri/ /index.php?q=$uri&$args;
}
location ~ [^/]\.php(/|$) {
fastcgi_split_path_info ^(.+?\.php)(/.*)$;
if (!-f $document_root$fastcgi_script_name) {
return 404;
}
include fastcgi_params;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_pass unix:/var/php-nginx/14765596504348.sock/socket;
}
}
这里的关键是你的try_files并添加一个包含默认动作的/ location块。您还应该保存该php位置块并将其用于将来的配置...另一个只是,如何说,不安全。实际上,这实际上是允许您使用 WordPress 的永久链接。
location / {
try_files $uri $uri/ /index.php?q=$uri&$args;
}
location ~ [^/]\.php(/|$) {
fastcgi_split_path_info ^(.+?\.php)(/.*)$;
if (!-f $document_root$fastcgi_script_name) {
return 404;
}
include fastcgi_params;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_pass unix:/var/php-nginx/14765596504348.sock/socket;
}
我也想知道你在哪里有想法将所有fastcgi参数放在你的配置中..你在哪里得到这样的信息?
请注意,我已经从您发布的内容中复制/粘贴,而不检查是否所有内容都有效。