nginx拒绝在网站上应用样式

时间:2018-10-13 02:28:48

标签: php nginx nginx-config

nginx的新手,需要一些指导。我正在支持一个新站点,该站点在开发过程中业务命名了一个东西,然后购买了另一个主机名。并且CSS的申请被拒绝。这是一个现场制作站点,因此可以在https://mh.lhfs.com上访问。测试服务器(不同的计算机)和本地开发服务器运行正常,因此我假设它与服务器有关。任何帮助,将不胜感激。

这是配置文件。以前的开发人员喜欢复制和粘贴。我清理了Content-Security-Policy部分,但未能解决问题。

    server {
    listen 80;
   # listen [::]:80 default_server ipv6only=on;

    root /var/www/vhosts/lhfs.com/webpages/manufactured.lhfs.com;
    index index.php index.html index.htm;

    listen 443 ssl;
    listen [::]:443 ssl;

    server_name mh.lhfs.com;
    #server_name localhost;

    location / {
        try_files $uri $uri/ /index.php?$args;
    }

   #return 301 https://$server_name$request_uri;

    server_tokens off;
    add_header X-Frame-Options SAMEORIGIN;
    add_header X-Content-Type-Options nosniff;
    add_header X-XSS-Protection "1; mode=block";
    add_header Content-Security-Policy "script-src 'self' 'unsafe-inline' 'unsafe-eval' data:; style-src 'self' 'unsafe-inline' data:; frame-src img-src 'self' font-src 'self' default-src 'self' object-src 'none' https://*.typekit.net https://mh.lhfs.com https://lhfs.com https://mortgage.lhfs.com https://cdn.lhfs.com https://lhfs.com https://lhfscdn.com https://seal-goldengate.bbb.org http://seal-goldengate.bbb.org https://*.mylivechat.com https://mylivechat.com https://code.jquery.com https://maxcdn.bootstrapcdn.com http://ajax.googleapis.com http://www.google-analytics.com http://www.google.com http://ajax.googleapis.com https://maps.googleapis.com https://ssl.google-analytics.com https://maps.googleapis.com https://fonts.googleapis.com https://themes.googleusercontent.com https://tautt.zendesk.com https://assets.zendesk.com https://connect.facebook.net https://s-static.ak.facebook.com https://www.facebook.com https://s-static.ak.facebook.com http://0.gravatar.com https://www.gstatic.com http://1.gravatat.com https://fonts.gstatic.com https://maps.gstatic.com https://csi.gstatic.com";

    add_header Access-Control-Allow-Origin "*";

   #try_files $uri $uri/ =404;
   #try_files $uri $uri/ /index.php?$args;

   access_log  /var/www/vhosts/lhfs.com/webpages/manufactured.lhfs.com/logs/access.log;
   error_log /var/www/vhosts/lhfs.com/webpages/manufactured.lhfs.com/logs/error.log;

   error_page 404 /404.html;
   error_page 500 502 503 504 /50x.html;
   location = /50x.html {
        root /usr/share/nginx/html;
   }

    location ~ \.php$ {
       root /var/www/vhosts/lhfs.com/webpages/manufactured.lhfs.com;         
       try_files $uri =404;
       fastcgi_split_path_info ^(.+\.php)(/.+)$;
       fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
       fastcgi_index index.php;
       fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
       include fastcgi_params;
       fastcgi_read_timeout 300;
    }

    ssl_certificate /var/www/vhosts/system/sslcerts/cert-lhfscom/lhfs.com.chained.crt;
    ssl_certificate_key /var/www/vhosts/system/sslcerts/cert-lhfscom/lhfscom_frommt.key;

    ssl_dhparam /etc/nginx/ssl/dhparam.pem;

    ssl_stapling on;
    ssl_stapling_verify on;
    ssl_trusted_certificate /var/www/vhosts/system/sslcerts/cert-lhfscom/lhfs.com.chained.crt;

    try_files $uri $uri/ /index.php?$args;

    access_log  /var/www/vhosts/lhfs.com/webpages/manufactured.lhfs.com/logs/access.log;
    error_log /var/www/vhosts/lhfs.com/webpages/manufactured.lhfs.com/logs/error.log;

    location ~ \.php$ {
       root /var/www/vhosts/lhfs.com/webpages/manufactured.lhfs.com;         
       try_files $uri =404;
       fastcgi_split_path_info ^(.+\.php)(/.+)$;
       fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
       fastcgi_index index.php;
       fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
       include fastcgi_params;
       fastcgi_read_timeout 300;
    }

}

更新1:

我尝试了其他文章中看到的一些不同的东西,但没有帮助

  • 我从index.php文件中的样式表声明中删除了type ='text / css',但结果却相同。
  • 我检查了mime.types配置文件,并定义了类型。
  • 我检查了nginx.config并验证是否包含了mime.types配置。

我可能会添加,这不是此服务器上唯一出现这些错误的站点。他们都在一定程度上做到了。一个区别是此站点在站点路径上具有css。其他站点在显示CSS时没有问题。开发人员决定参考另一个服务器WordPress网站上的CSS样式表。 (不要问!每个人,如果一个人下线了,希望他们的所有站点都中断吗?不是他不在的原因之一。)

更新2: 我决定注释掉CSP部分,然后重试。该站点已成功加载。我将继续进行一段时间的调查。它似乎配置正确,但显然不是。如果您对导致此部分问题的原因有任何想法,请发表。

0 个答案:

没有答案