我用Bitnami Wordpress创建了一个EC2实例,然后将其克隆到一个新实例中。
此后,我在两个实例中都修改了该NGINX脚本以重定向HTTP => HTTPS请求。
# HTTP server
server {
listen 80;
server_name localhost;
#include "/opt/bitnami/nginx/conf/bitnami/phpfastcgi.conf";
if ($http_x_forwarded_proto = 'http'){
return 301 https://$host$request_uri;
}
include "/opt/bitnami/nginx/conf/bitnami/bitnami-apps-prefix.conf";
}
# HTTPS server
server {
listen 443 ssl;
server_name localhost;
ssl_certificate server.crt;
ssl_certificate_key server.key;
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
#include "/opt/bitnami/nginx/conf/bitnami/phpfastcgi.conf";
include "/opt/bitnami/nginx/conf/bitnami/bitnami-apps-prefix.conf";
}
include "/opt/bitnami/nginx/conf/bitnami/bitnami-apps-vhosts.conf";
通过SSH登录并运行curl -i localhost
,其中一个实例运行良好,并返回最终页面源代码。
另一个实例返回此:
bitnami@ip-xxx-xx-xx-xxx:~$ curl -i localhost
HTTP/1.1 301 Moved Permanently
Server: nginx/1.14.0
Date: Mon, 04 Feb 2019 16:05:51 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.1.22
Location: https://localhost/
X-Frame-Options: SAMEORIGIN
考虑到它是一个克隆实例,这里可能发生什么问题?
答案 0 :(得分:1)
Bitnami工程师在这里:
X-Forwarded-Proto(XFP)标头是一个标准标头,用于标识客户端用来连接到代理或负载均衡器的协议(HTTP或HTTPS)。
https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Forwarded-Proto
在这种情况下,当您直接连接到NGINX服务器时,不需要使用该“ if”块,您只需将请求重定向到HTTPS
return 301 https://$host$request_uri;
您可以在此处找到有关https重定向的更多信息:
https://docs.bitnami.com/general/apps/wordpress-pro/administration/force-https-nginx/