Apache-2.2

在 cloudflare 後面使用後網站陷入重定向循環

  • January 24, 2017

我的網站https://stage.issufy.com/,設置 ssl 後,我得到 302 重定向循環。這是htaccess文件


<IfModule mod_rewrite.c>
   <IfModule mod_negotiation.c>
       Options -MultiViews
   </IfModule>

   RewriteEngine On

  # Redirect Trailing Slashes If Not A Folder...
   RewriteCond %{REQUEST_FILENAME} !-d
   RewriteRule ^(.*)/$ /$1 [L,R=301]

   # Handle Front Controller...
   RewriteCond %{REQUEST_FILENAME} !-d
   RewriteCond %{REQUEST_FILENAME} !-f
   RewriteRule ^ index.php [L]

   # Handle Authorization Header
   RewriteCond %{HTTP:Authorization} .
   RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
</IfModule>

這是 http 的 Apache 配置:

<VirtualHost *:80>
  ServerName stage.issufy.com
   Redirect / https://stage.issufy.com
  DocumentRoot /var/www/html/stage.issufy.com

  <Directory "/var/www/html/stage.issufy.com">
       Options FollowSymLinks
       AllowOverride All
       Order allow,deny
       Allow from all
  </Directory>

  ErrorLog ${APACHE_LOG_DIR}/error.log
  CustomLog ${APACHE_LOG_DIR}/access.log combined
RewriteEngine on
RewriteCond %{SERVER_NAME} =stage.issufy.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]
</VirtualHost>

這是ssl配置:

<IfModule mod_ssl.c>
<VirtualHost *:443>
  ServerName stage.issufy.com
  DocumentRoot /var/www/html/stage.issufy.com
  <Directory "/var/www/html/stage.issufy.com">
       Options FollowSymLinks
       AllowOverride All
       Order allow,deny
       Allow from all
  </Directory>
  ErrorLog ${APACHE_LOG_DIR}/error.log
  CustomLog ${APACHE_LOG_DIR}/access.log combined
SSLCertificateFile /etc/letsencrypt/live/stage.issufy.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/stage.issufy.com/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>
</IfModule>

網站在沒有 cloudfare 的情況下執行良好,但一旦啟用 cloudflare,就會出現 302 重定向錯誤。

這是錯誤日誌

172.68.51.31 - - [17/Jan/2017:18:24:18 +0000] "GET / HTTP/1.1" 302 539 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Dragon/52.15.25.665 Chrome/52.0.2743.82 Safari/537.36"
172.68.51.31 - - [17/Jan/2017:18:24:18 +0000] "GET / HTTP/1.1" 302 538 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Dragon/52.15.25.665 Chrome/52.0.2743.82 Safari/537.36"
172.68.51.31 - - [17/Jan/2017:18:24:18 +0000] "GET / HTTP/1.1" 302 538 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Dragon/52.15.25.665 Chrome/52.0.2743.82 Safari/537.36"
172.68.51.31 - - [17/Jan/2017:18:24:19 +0000] "GET / HTTP/1.1" 302 538 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Dragon/52.15.25.665 Chrome/52.0.2743.82 Safari/537.36"
172.68.51.31 - - [17/Jan/2017:18:24:19 +0000] "GET / HTTP/1.1" 302 539 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Dragon/52.15.25.665 Chrome/52.0.2743.82 Safari/537.36"
172.68.51.31 - - [17/Jan/2017:18:24:19 +0000] "GET / HTTP/1.1" 302 538 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Dragon/52.15.25.665 Chrome/52.0.2743.82 Safari/537.36"
172.68.51.31 - - [17/Jan/2017:18:24:20 +0000] "GET / HTTP/1.1" 302 539 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Dragon/52.15.25.665 Chrome/52.0.2743.82 Safari/537.36"
172.68.51.31 - - [17/Jan/2017:18:24:20 +0000] "GET / HTTP/1.1" 302 539 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Dragon/52.15.25.665 Chrome/52.0.2743.82 Safari/537.36"

如果您使用 Cloudflare 的靈活 SSL 產品 - 您的源 Web 伺服器將看到在埠 80 下未加密的流量。

為了解決這個問題,您有幾個選擇:

引用自:https://serverfault.com/questions/826830