Ubuntu

無法從 Nginx 中刪除強制 HTTPS 重定向?

  • June 9, 2015

我最初將 Nginx 配置設置為自動將 HTTP 重定向到 HTTPS。由於我的工作安全策略和 Cloudflare 集成,HTTPS 無法在我的網路內解析。

我只是想刪除強制重定向到 HTTPS。但是在使用 URI 重寫註釋掉塊之後,伺服器仍然會自動重定向。

這是我對 Nginx 的預設配置

#HTTPS redirect (if necessary)
#server {
#       listen      80;
#       server_name example.com;
#       rewrite     ^   https://$server_name$request_uri? permanent;
#}

server {
       listen 80;
       listen [::]:80 default_server ipv6only=on;
       listen 443 ssl spdy;
       root /var/www/example/current/public;
       index index.php index.html index.htm;

       spdy_chunk_size 8k;
       spdy_headers_comp 7;

       server_name example.com;
       # Point to ssl certificates
       ssl_certificate /root/example.com.crt;
       ssl_certificate_key /root/example.com.key;
       # Allow only secure TLS protocols
       ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
       #ssl_prefer_server_ciphers on;
       #ssl_ciphers AES256+EECDH:AES256+EDH:!aNULL;

       ssl on;

       # Set the buffer size to 1400 bytes (that way it fits into a single MTU$
       ssl_buffer_size 1400;
#       add_header Strict-Transport-Security max-age=63072000;

       gzip on;
       gzip_min_length 1280;
       gzip_buffers    16 8k;
       gzip_comp_level 4;
       gzip_http_version 1.0;
       gzip_types    text/plain text/html text/css application/javascript appl$
       gzip_vary on;

       location / {
               # First attempt to serve request as file, then
               # as directory, then fall back to displaying a 404.
               try_files $uri $uri/ /index.php$is_args$args;
       }

       # pass the PHP scripts to FastCGI server listening on /var/run/php5-fpm$
       location ~ \.php$ {
               try_files $uri /index.php =404;
               fastcgi_pass unix:/var/run/php5-fpm.sock;
               fastcgi_index index.php;
               fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_nam$
               include fastcgi_params;
       }

       location ~* \.(css|js|gif|jpe?g|png|woff2?)$ {
               #gzip on;
               #gzip_vary on;
               expires 168h;
               add_header Pragma public;
               add_header Cache-Control "public, must-revalidate, proxy-revali$
               add_header Vary "Accept-Encoding";
       }


       #include /etc/nginx/global/*;
}

任何幫助將不勝感激!謝謝你。

首先,刪除ssl on;

其次,你有Strict-Transport-Security標題,瀏覽器記住了 2 年(正如註釋掉標題所說的那樣)。將其添加回來max-age=0以刪除效果。

如果您不能這樣做(或希望立即生效),請從瀏覽器中清除 HSTS,如本文所述

引用自:https://serverfault.com/questions/697674