Nginx不重定向

时间:2019-06-21 13:20:51

标签: nginx server nginx-reverse-proxy

我想将我的nginx配置为反向代理,但是在http请求中重定向无效。

我需要将所有请求重定向到HTTPS非www版本。

重定向架构如下:

http://example.comhttps://example.com

http://www.example.comhttps://example.com

https://www.example.comhttps://example.com

似乎正在忽略第一个服务器块。

这是我的nginx配置:

upstream socialfm.io {
    server 0.0.0.0:3000;
}
server {
    server_name socialfm.io www.socialfm.io;
    listen 80 ;
    access_log /var/log/nginx/access.log vhost;
    add_header Strict-Transport-Security "max-age=31536000; includeSubdomains; preload";
    return 301 https://$server_name$request_uri;
}
server {
    server_name socialfm.io;
    listen 443 ssl http2 ;
    access_log /var/log/nginx/access.log vhost;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers 'ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS';
    ssl_prefer_server_ciphers on;
    ssl_session_timeout 5m;
    ssl_session_cache shared:SSL:50m;
    ssl_session_tickets off;
    ssl_certificate /etc/nginx/certs/socialfm.io.crt;
    ssl_certificate_key /etc/nginx/certs/socialfm.io.key;
    ssl_dhparam /etc/nginx/certs/socialfm.io.dhparam.pem;
    add_header Strict-Transport-Security "max-age=31536000; includeSubdomains; preload";
    include /etc/nginx/vhost.d/default;
    location / {
        proxy_pass http://socialfm.io;
    }
}

使用此配置,如果我卷曲到不同的端点,则会得到以下结果:

curl -I https://socialfm.io
HTTP/2 200 
server: nginx/1.17.0
date: Fri, 21 Jun 2019 13:17:44 GMT
content-type: text/html; charset=utf-8
content-length: 11005
etag: W/"2afd-b94jAwGQdqc8V3k0tostLQ3Fsa4"
set-cookie: sessionId=s%3A1Z8WGW5chvT13YFFuZRDkTGk8vZbDnl7.IHQ%2BnDR%2B3Nh2KEmycHq5c8i02z5tLWo9WecKgCHaHXk; Path=/; HttpOnly
strict-transport-security: max-age=31536000; includeSubdomains; preload

curl -I http://socialfm.io
HTTP/1.1 404 Not Found
Server: nginx/1.14.0 (Ubuntu)
Date: Fri, 21 Jun 2019 13:18:00 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive

curl -I http://www.socialfm.io
HTTP/1.1 404 Not Found
Server: nginx/1.14.0 (Ubuntu)
Date: Fri, 21 Jun 2019 13:18:12 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive

curl -I https://www.socialfm.io
curl: (51) SSL: no alternative certificate subject name matches target host name 'www.socialfm.io'

我做错了什么? :S

谢谢!

0 个答案:

没有答案
相关问题
最新问题