我目前已在ec2实例上部署了WordPress网站。我已经部署了CloudFront,并且在CloudFront发生了SSL终止。我收到了内容混合错误。我对CloudFront的了解不多,无法解决错误。 首先,在没有CloudFront的情况下,我创建了一条带有somedomain.com的指向我的ec2实例的记录。在原始设置中使用CloudFront之后,我将somedomain.com用作原始域名。
尝试过的解决方案:
我尝试在CloudFront的“行为”部分中的Whitlist标头,以便后端Wordpress站点可以理解该请求为https,为此,我已更改了nginx conf文件,但禁止使用403。如果我在此解决方案中做错了事,请纠正我。
[NGINX conf文件]
server {
listen 80;
root /var/www/html;
server_name somedomain.com;
###Start code section added for withelist headers
#if ($http_x_forwarded_proto != 'https') {
# rewrite ^ https://$host$request_uri? permanent;
#}
###End code section added for withelist headers
location / {
index index.php index.html;
try_files $uri $uri/ /index.php?$args;
}
# Specify a charset
charset utf-8;
# GZIP
gzip off;
# Add trailing slash to */wp-admin requests.
rewrite /wp-admin$ $scheme://$host$uri/ permanent;
# Prevents hidden files (beginning with a period) from being served
location ~ /\. {
access_log off;
log_not_found off;
deny all;
}
###########
# SEND EXPIRES HEADERS AND TURN OFF 404 LOGGING
###########
location ~* ^.+.(xml|ogg|ogv|svg|svgz|eot|otf|woff|mp4|ttf|css|rss|atom|js|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf)$ {
access_log off;
log_not_found off;
expires max;
}
# Pass all .php files onto a php-fpm or php-cgi server
location ~ \.php$ {
try_files $uri =404;
include /etc/nginx/fastcgi_params;
fastcgi_read_timeout 3600s;
fastcgi_buffer_size 128k;
fastcgi_buffers 4 128k;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_pass unix:/run/php/php7.2-fpm.sock;
fastcgi_index index.php;
###Start code section added for withelist headers
#if ($http_cloudfront_forwarded_proto = 'https') {
# set $fe_https 'on';
#}
#fastcgi_param HTTPS $fe_https;
###End code section added for withelist headers
}
# ROBOTS
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
# RESTRICTIONS
location ~* /(?:uploads|files)/.*\.php$ {
deny all;
}
}