Apache-2.2
Nginx 不通過 HTTPS 提供靜態文件
我正在嘗試在 Apache 前面設置 Nginx 作為反向代理並提供靜態文件。我 301 http 到 https,並在 https 部分提供指令以通過別名提供靜態文件夾。但是,由於某些奇怪的原因,這些文件是通過 http 提供的。
這是我的 Nginx 站點配置:
server { listen 80; listen [::]:80; access_log off; server_name site.com www.site.com; return 301 https://$server_name$request_uri; } server { listen 443; ssl on; ssl_certificate /usr/local/sslcert/my.crt; ssl_certificate_key /usr/local/sslcert/my.key; access_log off; server_name site.com www.site.com; location /public/ { alias /var/www/public/; expires max; add_header Pragma public; add_header Cache-Control "public"; } location / { root /var/www/; index index.php client_max_body_size 10m; client_body_buffer_size 128k; proxy_send_timeout 90; proxy_read_timeout 90; proxy_buffer_size 128k; proxy_buffers 4 256k; proxy_busy_buffers_size 256k; proxy_temp_file_write_size 256k; proxy_connect_timeout 30s; proxy_redirect off; proxy_pass http://127.0.0.1:3333/; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } location /push { root /var/www/; rewrite /push(.*) /$1 break; proxy_pass https://127.0.0.1:8332/push/; proxy_redirect off; proxy_set_header Host $host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } location ~ /\.ht { deny all; } }
我錯過了什麼?
所以問題實際上與 Zend Framework BaseUrl 設置有關。我已將其刪除,現在一切正常。
這可能不是問題的實際原因,但無論如何都會造成困難。
您正在使用
root
內部位置塊,一般情況下效果不佳。試試這個配置:
server { listen 80; listen [::]:80; access_log off; server_name site.com www.site.com; return 301 https://$server_name$request_uri; } server { listen 443 ssl; listen [::]:443 ssl; ssl_certificate /usr/local/sslcert/my.crt; ssl_certificate_key /usr/local/sslcert/my.key; access_log off; server_name site.com www.site.com; root /var/www; location /public/ { expires max; add_header Pragma public; add_header Cache-Control "public"; } location / { index index.php client_max_body_size 10m; client_body_buffer_size 128k; proxy_send_timeout 90; proxy_read_timeout 90; proxy_buffer_size 128k; proxy_buffers 4 256k; proxy_busy_buffers_size 256k; proxy_temp_file_write_size 256k; proxy_connect_timeout 30s; proxy_redirect off; proxy_pass http://127.0.0.1:3333/; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } location /push { rewrite ^/push(.*) /$1 break; proxy_pass https://127.0.0.1:8332/push/; proxy_redirect off; proxy_set_header Host $host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } location ~ /\.ht { deny all; } }
變化:
- 將 ssl 定義移至監聽行
- 將 IPv6 添加到 SSL 部分
root
將指令移至伺服器級別- 從位置塊中刪除了不需要的
alias
和root
定義,伺服器級root
指令涵蓋了這些^
在推送rewrite
規則中添加了行首。