您的位置: 首页  >  技术问答  >  Nginx 配置导致无限重定向循环

Nginx 配置导致无限重定向循环

分类: 技术问答 2022-05-03 17:33:17
问题描述:

所以我查看了我能找到的每个示例配置,但每次我尝试查看需要 ssl 的页面时,我最终都会进入重定向循环.我正在运行 nginx/0.8.53 和乘客 3.0.2.

So I've looked at every sample configuration I could find and yet every time I try and view a page that requires ssl, I end up in an redirect loop. I'm running nginx/0.8.53 and passenger 3.0.2.

这里是ssl配置

server  {
  listen 443 default ssl;
  server_name <redacted>.com www.<redacted>.com;
  root /home/app/<redacted>/public;
  passenger_enabled on;
  rails_env production;  
  ssl_certificate      /home/app/ssl/<redacted>.com.pem;
  ssl_certificate_key  /home/app/ssl/<redacted>.key;

  proxy_set_header  X-Real-IP  $remote_addr;
  proxy_set_header  X_FORWARDED_PROTO https;
  proxy_set_header  X-Forwarded-For $proxy_add_x_forwarded_for;
  proxy_set_header  Host $http_host;
  proxy_set_header  X-Url-Scheme $scheme;
  proxy_redirect    off;
  proxy_max_temp_file_size 0;

  location /blog {
    rewrite ^/blog(/.*)?$ http://blog.<redacted>.com/$1 permanent;
  }

  location ~* .(js|css|jpg|jpeg|gif|png)$ {
    if (-f $request_filename) {
      expires      max;
      break;
    }
  }

  error_page   500 502 503 504  /50x.html;
  location = /50x.html {
    root   html;
  }
}

这是非 ssl 配置

server  {
  listen 80;
  server_name <redacted>.com www.<redacted>.com;
  root /home/app/<redacted>/public;
  passenger_enabled on;
  rails_env production;  

  location /blog {
    rewrite ^/blog(/.*)?$ http://blog.<redacted>.com/$1 permanent;
  }

  location ~* .(js|css|jpg|jpeg|gif|png)$ {
    if (-f $request_filename) {
      expires      max;
      break;
    }
  }

  error_page   500 502 503 504  /50x.html;
  location = /50x.html {
    root   html;
  }
}

如果我可以提供任何其他信息来帮助诊断问题,请告诉我.

Let me know if there's any additional info I can give to help diagnose the issue.

这里是您的专线:

  listen 443 default ssl;

改为:

listen 443;
ssl on;

这我称之为旧风格.此外,还有

This I'll call the old style. Also, that along with

              proxy_set_header X_FORWARDED_PROTO https;
              proxy_set_header  X-Forwarded-For $proxy_add_x_forwarded_for;
              proxy_set_header  Host $http_host;
              proxy_set_header  X-Url-Scheme $scheme;
              proxy_redirect    off;
              proxy_max_temp_file_size 0;

帮我解决了这个问题.我现在知道我缺少您拥有的真实 IP 线路,但到目前为止,这解决了我的 ssl_requirement 和 ssl_enforcer 无限循环问题.

did the trick for me. I see now i am missing the real IP line you have, but so far, this got rid of my infinite loop problem with ssl_requirement and ssl_enforcer.

相关推荐