尝试将nginx中的一个页面重定向到http,将所有其他页面重定向到https

时间:2018-02-02 09:01:18

标签: ssl nginx cakephp websocket ratchet

我在Ubuntu 16和nginx中使用CakePHP 2.9,我有一个安装了ssl证书的vps,我想使用带有php棘轮的javascript websockets。问题是它们无法开箱即用。例如,在不改变firefox中的某个设置about:config的情况下,我不能在浏览器中使用ws websockets(如果我希望其他人能够使用它,那就不好了)。但我也无法让PHP Ratchet接受wss websockets。所以,我正在尝试将websockets将要运行的页面重定向到http,所以我可以使用常规的ws并连接到PHP棘轮。

问题是,我似乎无法让我的nginx配置文件顺利完成。我将它重定向到我想要使用websockets的页面上,但它似乎给出了404错误。这可能是我的网站DNS的问题,但这里是我正在使用的nginx配置:

server {
    listen 80;
    listen [::]:80;

    server_name server.com;

    location /websocket_path {
    }

    location / {
        return 301 https://$server_name/web/$request_uri/;
    }
}

server {
    listen 443 ssl http2 default_server;
    listen [::]:443 ssl http2 default_server ipv6only=on;

    root /usr/share/nginx/html;
    index index.html index.htm index.php;

    ssl on;
    ssl_certificate /ssl_path/cert_chain.crt;
    ssl_certificate_key /ssl_path/server.key;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_prefer_server_ciphers on;
    ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA';
    ssl_session_timeout 1d;
    ssl_session_cache shared:SSL:50m;
    ssl_stapling on;
    ssl_stapling_verify on;

    location /web {
        alias /usr/share/nginx/html/web/app/webroot;
        try_files $uri $uri/ /web/app/webroot/index.php;
    }

    server_name server.com;

    location = / {
        return 301 https://$server_name/web/$request_uri/;
    }

    location /websocket_path {
        return 301 http://$server_name/websocket_path;
    }


    location / {
        # First attempt to serve request as file, then
        # as directory, then fall back to displaying a 404.
        try_files $uri $uri/ =404;
        # Uncomment to enable naxsi on this location
        # include /etc/nginx/naxsi.rules
    }

    error_page 404 /404.html;
    error_page 500 502 503 504 /50x.html;
    location = /50x.html {
        root /usr/share/nginx/html;
    }

    location ~ \.php$ {
        try_files $uri =404;
        fastcgi_split_path_info ^(.+\.php)(/.+)$;
        fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
        fastcgi_index index.php;
        include fastcgi.conf;
        #include fastcgi_params;
        #fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
    }

    location ~ /.well-known {
        allow all;
    }

    location ~ /.sandbox {
    }

    location ~* \.(?:manifest:appcache|htm?|xml|json)$ {
        expires -1;
    }
}

对此事的任何帮助将不胜感激。谢谢。

0 个答案:

没有答案
相关问题
最新问题