nginx
的新手,需要一些指导。我正在支持一个新站点,该站点在开发过程中业务命名了一个东西,然后购买了另一个主机名。并且CSS的申请被拒绝。这是一个现场制作站点,因此可以在https://mh.lhfs.com上访问。测试服务器(不同的计算机)和本地开发服务器运行正常,因此我假设它与服务器有关。任何帮助,将不胜感激。
这是配置文件。以前的开发人员喜欢复制和粘贴。我清理了Content-Security-Policy部分,但未能解决问题。
server {
listen 80;
# listen [::]:80 default_server ipv6only=on;
root /var/www/vhosts/lhfs.com/webpages/manufactured.lhfs.com;
index index.php index.html index.htm;
listen 443 ssl;
listen [::]:443 ssl;
server_name mh.lhfs.com;
#server_name localhost;
location / {
try_files $uri $uri/ /index.php?$args;
}
#return 301 https://$server_name$request_uri;
server_tokens off;
add_header X-Frame-Options SAMEORIGIN;
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";
add_header Content-Security-Policy "script-src 'self' 'unsafe-inline' 'unsafe-eval' data:; style-src 'self' 'unsafe-inline' data:; frame-src img-src 'self' font-src 'self' default-src 'self' object-src 'none' https://*.typekit.net https://mh.lhfs.com https://lhfs.com https://mortgage.lhfs.com https://cdn.lhfs.com https://lhfs.com https://lhfscdn.com https://seal-goldengate.bbb.org http://seal-goldengate.bbb.org https://*.mylivechat.com https://mylivechat.com https://code.jquery.com https://maxcdn.bootstrapcdn.com http://ajax.googleapis.com http://www.google-analytics.com http://www.google.com http://ajax.googleapis.com https://maps.googleapis.com https://ssl.google-analytics.com https://maps.googleapis.com https://fonts.googleapis.com https://themes.googleusercontent.com https://tautt.zendesk.com https://assets.zendesk.com https://connect.facebook.net https://s-static.ak.facebook.com https://www.facebook.com https://s-static.ak.facebook.com http://0.gravatar.com https://www.gstatic.com http://1.gravatat.com https://fonts.gstatic.com https://maps.gstatic.com https://csi.gstatic.com";
add_header Access-Control-Allow-Origin "*";
#try_files $uri $uri/ =404;
#try_files $uri $uri/ /index.php?$args;
access_log /var/www/vhosts/lhfs.com/webpages/manufactured.lhfs.com/logs/access.log;
error_log /var/www/vhosts/lhfs.com/webpages/manufactured.lhfs.com/logs/error.log;
error_page 404 /404.html;
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
location ~ \.php$ {
root /var/www/vhosts/lhfs.com/webpages/manufactured.lhfs.com;
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
fastcgi_read_timeout 300;
}
ssl_certificate /var/www/vhosts/system/sslcerts/cert-lhfscom/lhfs.com.chained.crt;
ssl_certificate_key /var/www/vhosts/system/sslcerts/cert-lhfscom/lhfscom_frommt.key;
ssl_dhparam /etc/nginx/ssl/dhparam.pem;
ssl_stapling on;
ssl_stapling_verify on;
ssl_trusted_certificate /var/www/vhosts/system/sslcerts/cert-lhfscom/lhfs.com.chained.crt;
try_files $uri $uri/ /index.php?$args;
access_log /var/www/vhosts/lhfs.com/webpages/manufactured.lhfs.com/logs/access.log;
error_log /var/www/vhosts/lhfs.com/webpages/manufactured.lhfs.com/logs/error.log;
location ~ \.php$ {
root /var/www/vhosts/lhfs.com/webpages/manufactured.lhfs.com;
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
fastcgi_read_timeout 300;
}
}
更新1:
我尝试了其他文章中看到的一些不同的东西,但没有帮助
我可能会添加,这不是此服务器上唯一出现这些错误的站点。他们都在一定程度上做到了。一个区别是此站点在站点路径上具有css。其他站点在显示CSS时没有问题。开发人员决定参考另一个服务器WordPress网站上的CSS样式表。 (不要问!每个人,如果一个人下线了,希望他们的所有站点都中断吗?不是他不在的原因之一。)
更新2: 我决定注释掉CSP部分,然后重试。该站点已成功加载。我将继续进行一段时间的调查。它似乎配置正确,但显然不是。如果您对导致此部分问题的原因有任何想法,请发表。