使用配置SSL的Cloudfare,nginx,nodejs问题(525/521错误)

时间:2019-03-04 12:46:56

标签: node.js ssl nginx cloudflare

我遇到了Cloudflare和SSL的问题。当我设置如下所示的重定向(nginx.conf)时,我总是收到错误525或521。

我找到了将SSL设置为严格模式的解决方案,并做到了。仍然没有任何改善,我陷入了问题。

任何帮助将不胜感激。

服务器的体系结构:

  1. nodejs
  2. Nginx(wordpress-blog.example.pl)+托管到nodejs(example.pl)

nginx.conf: 

#add_header X-Frame-Options SAMEORIGIN;
#add_header X-Content-Type-Options nosniff;
#add_header X-XSS-Protection "1; mode=block";

user www-data;
worker_processes auto;
pid /run/nginx.pid;

events {
        worker_connections 768;
        # multi_accept on;
}


http {
        client_max_body_size 100M;
        ##
        # Basic Settings
        ##
        server_tokens off;
        sendfile on;
        tcp_nopush on;
        tcp_nodelay on;
        keepalive_timeout 65;
        types_hash_max_size 2048;
        # server_tokens off;

        # server_names_hash_bucket_size 64;
        # server_name_in_redirect off;

        include /etc/nginx/mime.types;
        default_type application/octet-stream;

        ##
        # SSL Settings
        ##

        ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
        ssl_prefer_server_ciphers on;

        ##
        # Logging Settings
        ##

        access_log /var/log/nginx/access.log;
        error_log /var/log/nginx/error.log;

        gzip on;
        gzip_disable "msie6";
        gzip_vary on;
        gzip_proxied any;
        gzip_comp_level 6;
        gzip_buffers 16 8k;
        gzip_http_version 1.1;
        gzip_types text/plain application/javascript application/x-javascript text/javascript text/xml text/css;


################
#--- example ---#
################

upstream example.pl {
    server 127.0.0.1:3000;
    keepalive 8;
}

server {
    listen 0.0.0.0:80;
    server_name blog.example.pl;
    access_log /var/www/html/access.log;
    error_log /var/www/html/error.log;
    root   /home/ubuntu/apps/example-blog/;
    index index.php;

    location ~ \.php$ {
        try_files $uri =404;
        include /etc/nginx/fastcgi.conf;
        fastcgi_pass unix:/run/php/php7.0-fpm.sock;
    }
}

server {
    listen 80;
    server_name example.pl;

    access_log /var/www/html/access-example.log;
    error_log /var/www/html/error-example.log;

    if ($http_x_forwarded_proto = "http") {
        return 301 https://$server_name$request_uri;
    }

location / {
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header Host $http_host;
        proxy_set_header X-NginX-Proxy true;

        proxy_pass http://example.pl/;
        proxy_redirect off;

        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
    }

    location ~ ^/(avatars/|certificates/) {
        root /home/ubuntu/apps/example/public/;
        expires 30d;
        access_log off;
        #add_header Pragma public;
        add_header Cache-Control "public";
    }

    location ~*  \.(svg|jpg|jpeg|png|gif|ico|css|js)$ {
        #location ~* ^.+\.(css|js)$ {
        root /home/ubuntu/apps/example/dist/;
        expires 30d;
        access_log off;
        #add_header Pragma public;
        add_header Cache-Control "public";
        #fastcgi_pass example.pl:3000;
    }
}

server {
    listen       81;
    server_name  localhost;
    access_log /var/www/html/access.log;
    error_log /var/www/html/error.log;

    root   /home/ubuntu/apps/example-blog/; 
    #/var/www/html/;
    #root /var/www/html/;
    index index.php;
    location ~ \.php$ {
            try_files $uri =404;
            include /etc/nginx/fastcgi.conf;
            fastcgi_pass unix:/run/php/php7.0-fpm.sock;
            #fastcgi_pass 127.0.0.1:9000;
            #fastcgi_index index.php;
            #fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
            #include fastcgi_params;
        }

    location /phpmyadmin {
       root /usr/share/;
       index index.php index.html index.htm;
       location ~ ^/phpmyadmin/(.+\.php)$ {
               try_files $uri =404;
               root /usr/share/;
               fastcgi_pass unix:/run/php/php7.0-fpm.sock;
                include /etc/nginx/fastcgi.conf;
                #fastcgi_index index.php;
               #fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
               #include fastcgi_params;
       }
       location ~* ^/phpmyadmin/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ {
               root /usr/share/;
       }
   }

   location /phpMyAdmin {
       rewrite ^/* /phpmyadmin last;
   }

}
}

0 个答案:

没有答案
相关问题
最新问题