在一天的大部分时间里,我一直在尝试通过nginx将http重定向至https重定向,这一直很艰难。我已经检查了几个stackoverflow问题,以及Internet上的许多文章。我终于让http重定向到https重定向,但仅用于直接IP地址,而不是我尝试使用的域。
换句话说,http://12.345.67.890重定向到https://app.example.com,但是http://app.example.com不重定向到https://app.example.com。
这是预期的吗?我在这里不明白什么?
我的网站的配置文件
upstream appupstream {
server 0.0.0.0:3555;
}
server {
error_log /var/log/nginx/error.log warn;
listen [::]:80;
listen 80;
server_name app.example.com 12.345.67.890;
return 301 https://$server_name$request_uri;
access_log /var/log/nginx/access.log;
root /home/ec2-user/app/public;
proxy_set_header X-Forwarded-Proto $scheme;
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-NginX-Proxy true;
proxy_pass https://appupstream;
}
}
当我卷曲这些站点时,标题似乎支持我在浏览器中看到的内容:
IP卷曲结果
$ curl -I -L http://12.345.67.890
HTTP/1.1 301 Moved Permanently // <-- Note the permanent redirect on the ip
Server: nginx/1.12.1
Date: Sat, 03 Nov 2018 19:30:10 GMT
Content-Type: text/html
Content-Length: 185
Connection: keep-alive
Location: https://app.example.com/
HTTP/2 200
date: Sat, 03 Nov 2018 19:30:10 GMT
content-type: text/html; charset=utf-8
content-length: 4856
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
strict-transport-security: max-age=15778476; includeSubDomains
p3p: ABCDEF
域卷曲结果
$ curl -I -L http://app.example.com
HTTP/1.1 200 OK // <-- No permanent redirect on domain
Date: Sat, 03 Nov 2018 19:30:39 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 4856
Connection: keep-alive
X-FRAME-OPTIONS: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
Strict-Transport-Security: max-age=15778476; includeSubDomains
P3P: ABCDEF
我已经成功运行nginx -t,并且每次更新文件时都使用nginx reload和nginx restart。我已经清除了所有浏览数据(Cookie等)并重新访问,但是这种现象仍然存在。任何建议/指导将不胜感激!