我有一个拥有主域名和子域名的网站。我用nginx。在主域上,我有https,在子域上没有。但是,https://sub.domain.com正在提供domain.com的内容,并带有浏览器警告
到目前为止,我尝试在Nginx中调整我的conf效果并不顺利。
这是sub.domain.com的nginx conf文件:
server {
listen 80;
server_name sub.domain.com;
root /var/www/sub/;
index index.php;
access_log /var/log/nginx/sub_http_access.log combined;
error_log /var/log/nginx/sub_http_error.log;
location = /favicon.ico {
log_not_found off;
access_log off;
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
location ~ \.php(?:$|/) {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_pass php-handler-http;
fastcgi_read_timeout 60s;
}
location ~* \.(htaccess|htpasswd) {
deny all;
}
# set long EXPIRES header on static assets
location ~* \.(?:jpg|jpeg|gif|bmp|ico|png|css|js|swf)$ {
expires 30d;
access_log off;
}
}
这是domain.com的nginx conf:
upstream php-handler-http {
server 127.0.0.1:9000;
#server unix:/var/run/php5-fpm.sock;
}
server {
server_name domain.com;
root /var/www/html/;
index index.php;
# set max upload size
client_max_body_size 2G;
fastcgi_buffers 64 4K;
access_log /var/log/nginx/wordpress_http_access.log combined;
error_log /var/log/nginx/wordpress_http_error.log;
location = /favicon.ico {
log_not_found off;
access_log off;
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
location / {
try_files $uri $uri/ /index.php?$args ;
}
location ~* \.(htaccess|htpasswd) {
deny all;
}
location ~ \.php(?:$|/) {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_pass php-handler-http;
fastcgi_read_timeout 60s;
}
# set long EXPIRES header on static assets
location ~* \.(?:jpg|jpeg|gif|bmp|ico|png|css|js|swf)$ {
expires 30d;
access_log off;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/domain.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/domain.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = sub.domain.com) {
return 301 http://$host$request_uri;
}
if ($host = domain.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 443 ssl;
server_name 8.8.8.8;
return 301 $scheme://domain.com$request_uri;
}
我希望https://sub.domain.com不能提供主要的网站内容,并且不能重定向到http://sub.domain.com的301