bri*_*der 27 ssl passenger nginx ruby-on-rails-3
所以我查看了我能找到的每个示例配置,但每当我尝试查看需要ssl的页面时,我最终都会进行重定向循环.我正在运行nginx/0.8.53和乘客3.0.2.
这是ssl配置
server {
listen 443 default ssl;
server_name <redacted>.com www.<redacted>.com;
root /home/app/<redacted>/public;
passenger_enabled on;
rails_env production;
ssl_certificate /home/app/ssl/<redacted>.com.pem;
ssl_certificate_key /home/app/ssl/<redacted>.key;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X_FORWARDED_PROTO https;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-Url-Scheme $scheme;
proxy_redirect off;
proxy_max_temp_file_size 0;
location /blog {
rewrite ^/blog(/.*)?$ http://blog.<redacted>.com/$1 permanent;
}
location ~* \.(js|css|jpg|jpeg|gif|png)$ {
if (-f $request_filename) {
expires max;
break;
}
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
Run Code Online (Sandbox Code Playgroud)
这是非ssl配置
server {
listen 80;
server_name <redacted>.com www.<redacted>.com;
root /home/app/<redacted>/public;
passenger_enabled on;
rails_env production;
location /blog {
rewrite ^/blog(/.*)?$ http://blog.<redacted>.com/$1 permanent;
}
location ~* \.(js|css|jpg|jpeg|gif|png)$ {
if (-f $request_filename) {
expires max;
break;
}
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
Run Code Online (Sandbox Code Playgroud)
如果我有任何其他信息可以帮助我诊断问题,请告诉我.
pja*_*mer 31
这是你的路线:
listen 443 default ssl;
Run Code Online (Sandbox Code Playgroud)
将其更改为:
listen 443;
ssl on;
Run Code Online (Sandbox Code Playgroud)
我称之为旧式.还有,那个
proxy_set_header X_FORWARDED_PROTO https;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-Url-Scheme $scheme;
proxy_redirect off;
proxy_max_temp_file_size 0;
Run Code Online (Sandbox Code Playgroud)
为我做了诀窍.我现在看到我错过了你所拥有的真实IP线路,但到目前为止,这摆脱了ssl_requirement和ssl_enforcer的无限循环问题.
我玩弄了一堆这些答案,但没有任何效果对我有用。然后我意识到,由于我使用 Cloudflare,问题可能不在服务器上,而在于 Cloudflare。瞧,当我将 SSL 设置为Full (Strict)一切正常时!
我发现就是这条线
proxy_set_header Host $http_host;
Run Code Online (Sandbox Code Playgroud)
哪个应改为
proxy_set_header Host $host;
Run Code Online (Sandbox Code Playgroud)
根据nginx文档,使用'$ http_host传递"未更改的请求标头".
| 归档时间: |
|
| 查看次数: |
44462 次 |
| 最近记录: |