我有两个Nginx服务器块。一个用于根域,我们称之为myproject.us
,另一个用于子域subdomain.myproject.us
。出于某种原因,当我通过Web浏览器访问子域时,子域总是重定向回根域。像cURL这样的工具不会被重定向。
根服务器阻止文件
upstream backend {
least_conn;
server 10.132.42.217:3000;
server 10.132.39.94:3000;
server 10.132.66.78:3000;
}
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name myproject.us;
return 301 https://$server_name$request_uri;
}
server {
listen 443;
server_name myproject.us;
ssl on;
ssl_certificate /etc/ssl/myproject/2017/ssl-bundle.crt;
ssl_certificate_key /etc/ssl/myproject/2017/server.key;
ssl_session_timeout 30m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS:!DH;
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:30m;
client_max_body_size 500M;
location /static/ {
autoindex on;
root /var/www/myproject/myproject/public/;
}
location / {
proxy_pass http://backend;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
add_header X-Nginx-Server 'nginx1';
add_header X-Upstream $upstream_addr;
}
}
子域服务器阻止文件
server {
listen 80;
listen [::]:80;
server_name subdomain.myproject.us
client_max_body_size 500M;
location / {
proxy_pass http://backend;
add_header X-Nginx-Server 'nginx1';
add_header X-Upstream $upstream_addr;
}
}
你会看到我正在使用Nginx代理一些后端服务器。子域文件使用根文件中的后端。期望的行为是:
要避开这个显而易见的问题,是的,我知道subdomain.myproject.us将提供与安全域相同的内容,只是没有HTTPS的好处。