以下是当前状态:
- http://example.com到https://www.example.com有效
- http://www.example.com到https://www.example.com有效
- https://example.com到https://www.example.com不会重定向 - 只是解析为https://example.com
尝试了多个配置,仍然得出相同的结果。不确定它是否是配置字段中的元素顺序,如果我只是完全错误配置。
配置文件:
server {
server_name www.example.com example.com 123.123.123.123;
root /var/www/wdiu-new/web;
location / {
# try to serve file directly, fallback to app.php
try_files $uri /app.php$is_args$args;
}
# DEV
# This rule should only be placed on your development environment
# In production, don't include this and don't deploy app_dev.php or config.php
location ~ ^/(app_dev|config)\.php(/|$) {
fastcgi_pass unix:/var/run/php/php7.1-fpm.sock;
fastcgi_split_path_info ^(.+\.php)(/.*)$;
include fastcgi_params;
# When you are using symlinks to link the document root to the
# current version of your application, you should pass the real
# application path instead of the path to the symlink to PHP
# FPM.
# Otherwise, PHP's OPcache may not properly detect changes to
# your PHP files (see https://github.com/zendtech/ZendOptimizerPlus/issues/126
# for more information).
fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
fastcgi_param DOCUMENT_ROOT $realpath_root;
}
# PROD
location ~ ^/app\.php(/|$) {
fastcgi_pass unix:/var/run/php/php7.1-fpm.sock;
fastcgi_split_path_info ^(.+\.php)(/.*)$;
include fastcgi_params;
# When you are using symlinks to link the document root to the
# current version of your application, you should pass the real
# application path instead of the path to the symlink to PHP
# FPM.
# Otherwise, PHP's OPcache may not properly detect changes to
# your PHP files (see https://github.com/zendtech/ZendOptimizerPlus/issues/126
# for more information).
fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
fastcgi_param DOCUMENT_ROOT $realpath_root;
# Prevents URIs that include the front controller. This will 404:
# http://domain.tld/app.php/some-path
# Remove the internal directive to allow URIs like this
internal;
}
# return 404 for all other php files not matching the front controller
# this prevents access to other php files you don't want to be accessible.
location ~ \.php$ {
return 404;
}
error_log /var/log/nginx/project_error.log;
access_log /var/log/nginx/project_access.log;
# managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/new.example.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/new.example.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
listen 80;
server_name example.com;
return 301 https://www.example.com$request_uri;
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name example.com;
ssl_certificate /etc/letsencrypt/live/new.example.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/new.example.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
location / {
return 301 https://www.example.com$request_uri;
}
}
server {
if ($host = www.example.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
server_name www.example.com 123.123.123.123;
listen 80;
return 404; # managed by Certbot
}
您的第一个服务器块正在处理
example.com
.您应该删除该主机名,以便请求
example.com
落入包含重定向的以下服务器块。(实际上也删除了 IP 并将其移动到重定向主机,尽管如果您实际尝试使用,您可能会收到浏览器 SSL 警告
https://<ip>
)我想您希望此块 将https://example.com
server { listen 80; server_name example.com; return 301 https://www.example.com$request_uri; }
重定向到https://www.example.com但它不起作用,因为它只在端口 80 上侦听。
无论如何,您的服务器 {} 块中确实有很多冗余。我建议你组织得更好,否则你会一直遇到麻烦。