由certbot生成的配置文件上的ngnix www到no-www

时间:2018-10-16 09:55:45

标签: nginx lets-encrypt certbot

我正在尝试向example.com以及www.example.com发送请求,以转到下面显示的配置文件中的https://example.com。该文件与certbot生成的完全相同。

将两个return 301语句更改为

return 301 https://example.com$request_uri;

没有工作,因为https://www.example.com仍然转到https://www.example.com,而不是所需的https://example.com

如果有人能指出获得所需结果所需的确切更改,将不胜感激。简化的指令将是一个好处,因为我对nginx和certbot都是陌生的。谢谢。

server {
    root /var/www/html/drupal;
    index  index.php index.html index.htm;
    server_name example.com www.example.com;

    location / {
        try_files $uri /index.php?$query_string;        
    }

    location @rewrite {
        rewrite ^/(.*)$ /index.php?q=$1;
    }

    location ~ [^/]\.php(/|$) {
        include snippets/fastcgi-php.conf;
        fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        include fastcgi_params;
    }

    location ~ ^/sites/.*/files/styles/ {
        try_files $uri @rewrite;
    }

    location ~ ^(/[a-z\-]+)?/system/files/ {
        try_files $uri /index.php?$query_string;
    }

    listen [::]:443 ssl; # managed by Certbot
    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot


}
server {
    if ($host = www.example.com) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


    if ($host = example.com) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


    listen 80;
    listen [::]:80;
    server_name example.com www.example.com;
    return 404; # managed by Certbot
}

2 个答案:

答案 0 :(得分:1)

打开括号以更清楚地了解

代替2个443侦听器,创建2个。与80个侦听器相同。

就像您更容易知道正在做什么,为每对主机和架构配置一个配置。

server {
    listen 80;
    listen [::]:80;
    server_name  www.example.com; #this will only listen to http://www.example.com
    location / {        
       return 301 https://example.com$request_uri; #and will upgrade to https
    }
       #we don't want that many redirects, so this will go directly to example.com
 }

server {
    listen 80;
    listen [::]:80;
    server_name  example.com; #this will only listen to http://example.com
    location / {        
       return 301 https://$host$request_uri; #and will upgrade to https
    }
 }
server {
server_name  www.example.com;

location / {
    return 301 https://example.com$request_uri #this redirects to non-www
}
listen [::]:443 ssl; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}

server{
#same server configuration as your first server bracket, only accepting     https://example.com and not www.
}

我看到您正在将到达的连接发送到Drupal,因此认为Drupal具有变量$ base_url,该变量使它可以重定向到该主机,因此,如果将其设置为www.example.com,它将赢得不管您是nginx conf,还是Drupal本身也可以进行重定向。

希望有帮助,对任何问题发表评论。

答案 1 :(得分:0)

现在可以正常工作,@ flaixman。我从您的建议中做出了一个更改-仅对80个对象进行了一次更改,因为它们都做完全相同的事情。所以,这是最终版本:(希望我以后不会弄乱可能会引起问题的东西。)

server {
    listen 80;
    listen [::]:80;
    server_name example.com www.example.com;
    location / {
        return 301 https://example.com$request_uri;
    }
}

server {
    server_name www.example.com;
    location / {
        return 301 https://example.com$request_uri;
    }
    listen [::]:443 ssl; # managed by Certbot
    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}

server{
    root /var/www/html/d8;
    index index.php index.html index.htm;
    server_name example.com;

    location / {
        try_files $uri /index.php?$query_string;        
    }

    location @rewrite {
        rewrite ^/(.*)$ /index.php?q=$1;
    }

    location ~ [^/]\.php(/|$) {
        include snippets/fastcgi-php.conf;
        fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        include fastcgi_params;
    }

    location ~ ^/sites/.*/files/styles/ {
        try_files $uri @rewrite;
    }

    location ~ ^(/[a-z\-]+)?/system/files/ {
        try_files $uri /index.php?$query_string;
    }

    listen [::]:443 ssl; # managed by Certbot
    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
相关问题
最新问题