【问题标题】:A domain redirection loop on Laravel Forge, Nginx and SSL when redirecting from non-www domain to the www one从非 www 域重定向到 www 时,Laravel Forge、Nginx 和 SSL 上的域重定向循环
【发布时间】:2017-01-09 11:56:51
【问题描述】:

我在 Laravel Forge 上使用 Let's Encrypt 设置了 HTTPS,并使用 Laravel 中间件将非安全域重定向到安全域:

if ( env('APP_ENV') === 'production' ) {
    $request->setTrustedProxies([$request->getClientIp()]);

    if ( !$request->secure() ) {
        return redirect()->secure($request->getRequestUri());
    }
}

return $next($request);

这是我的example.com(不是实际的域)Nginx 配置:

# FORGE CONFIG (DOT NOT REMOVE!)
include forge-conf/example.com/before/*;

server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;
    server_name example.com;
    root /home/forge/example.com/public;

    # FORGE SSL (DO NOT REMOVE!)
    ssl_certificate /etc/nginx/ssl/example.com/120143/server.crt;
    ssl_certificate_key /etc/nginx/ssl/example.com/120143/server.key;

    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers '[...]';
    ssl_prefer_server_ciphers on;
    ssl_dhparam /etc/nginx/dhparams.pem;

    index index.html index.htm index.php;

    charset utf-8;

    # FORGE CONFIG (DOT NOT REMOVE!)
    include forge-conf/example.com/server/*;

    location / {
        try_files $uri $uri/ /index.php?$query_string;
    }

    location = /favicon.ico { access_log off; log_not_found off; }
    location = /robots.txt  { access_log off; log_not_found off; }

    access_log off;
    error_log  /var/log/nginx/example.com-error.log error;

    error_page 404 /index.php;

    location ~ \.php$ {
        fastcgi_split_path_info ^(.+\.php)(/.+)$;
        fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
        fastcgi_index index.php;
        include fastcgi_params;
    }

    location ~ /\.ht {
        deny all;
    }
}

# FORGE CONFIG (DOT NOT REMOVE!)
include forge-conf/example.com/after/*;

这是我的www.example.com 配置:

# FORGE CONFIG (DOT NOT REMOVE!)
include forge-conf/www.example.com/before/*;

server {
    listen 80;
    server_name www.example.com;
    return 301 $scheme://example.com$request_uri;
}

# FORGE CONFIG (DOT NOT REMOVE!)
include forge-conf/www.example.com/after/*;

一切正常,HTTP 重定向到 HTTPS,www 重定向到非 www,但我想做相反的事情,将非 www 重定向到 www。我加了

return 301 $scheme://www.example.com$request_uri;

example.com 并在www.example.com 配置中将其注释掉以删除循环,但它不起作用:

www.example.com redirected you too many times.

我也尝试将非www配置的内容复制到www配置,并在那里听443,但它仍然无休止地重定向。我究竟做错了什么?感谢您的宝贵时间。

【问题讨论】:

    标签: laravel nginx laravel-forge


    【解决方案1】:

    我会建议以下方法:

    www.example.com 应该看起来像

    # FORGE CONFIG (DOT NOT REMOVE!)
    include forge-conf/www.example.com/before/*;
    
    server {
        listen 80;
        server_name www.example.com;
        return 301 https://www.example.com$request_uri;
    }
    
    server {
        listen 443 ssl http2;
        listen [::]:443 ssl http2;
        server_name www.example.com;
        root /home/forge/example.com/public;
    
        # FORGE SSL (DO NOT REMOVE!)
        ssl_certificate /etc/nginx/ssl/example.com/120143/server.crt;
        ssl_certificate_key /etc/nginx/ssl/example.com/120143/server.key;
    
        ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
        ssl_ciphers '[...]';
        ssl_prefer_server_ciphers on;
        ssl_dhparam /etc/nginx/dhparams.pem;
    
        index index.html index.htm index.php;
    
        charset utf-8;
    
        # FORGE CONFIG (DOT NOT REMOVE!)
        include forge-conf/example.com/server/*;
    
        location / {
            try_files $uri $uri/ /index.php?$query_string;
        }
    
        location = /favicon.ico { access_log off; log_not_found off; }
        location = /robots.txt  { access_log off; log_not_found off; }
    
        access_log off;
        error_log  /var/log/nginx/example.com-error.log error;
    
        error_page 404 /index.php;
    
        location ~ \.php$ {
            fastcgi_split_path_info ^(.+\.php)(/.+)$;
            fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
            fastcgi_index index.php;
            include fastcgi_params;
        }
    
        location ~ /\.ht {
            deny all;
        }
    }
    # FORGE CONFIG (DOT NOT REMOVE!)
    include forge-conf/www.example.com/after/*;
    

    example.com 应该是这样的

    # FORGE CONFIG (DOT NOT REMOVE!)
    include forge-conf/example.com/before/*;
    
    server {
        listen 80;
        server_name example.com;
        return 301 $scheme://www.example.com$request_uri;
    }
    
    include forge-conf/example.com/after/*;
    

    【讨论】:

    • 同样的事情:domain redirected you too many times。如果我关注 www 域,由于某种原因,我会被重定向到非 www 域;我确实重启了 Nginx。
    • 你清理浏览器缓存了吗? @Banandrew
    • 是的。刚刚在完全清理过的其他浏览器中尝试过,同样的错误。
    【解决方案2】:

    只需切换配置,通过在这些配置文件中将 www 添加到非 www 来切换。另外,因为您使用的是 Lets Encrypt for SSL,您可能需要切换 ssl_certificatessl_certificate_key 的配置以指向正确的文件,

    ssl_certificate /etc/nginx/ssl/www.example.com/120143/server.crt;
    ssl_certificate_key /etc/nginx/ssl/www.example.com/120143/server.key;
    

    只需重新启动计算机即可刷新网络缓存。

    【讨论】:

    • 我做了,没用。 /etc/nginx/ssl下没有www版本的证书/密钥,我尝试复制它们并在相应的配置中更改路径,但也没有用。
    • 你不复制它,而是用加密创建它./letsencrypt-auto certonly -a webroot --webroot-path=/var/www/html -d example.com -d www.example.com
    【解决方案3】:

    一切正常,HTTP 重定向到 HTTPS,www 重定向到非 www,但我想做相反的事情,将非 www 重定向到 www。

    根据Force WWW behind an AWS EC2 Load Balancer,发生这种情况是因为默认的forge-conf/example.com/before/redirect.conf(您从未提及但仍必须包含在内)仍必须包含server 定义与server_name www.example.comreturn 301 $scheme://example.com$request_uri;,因此,当你尝试在你自己的配置中做相反的redirect,加上仍然必须保留的默认配置,你创建了一个完整的重定向循环。

    【讨论】:

      猜你喜欢
      • 2020-12-31
      • 1970-01-01
      • 2014-03-25
      • 2017-08-10
      • 2016-04-02
      • 1970-01-01
      • 2011-04-01
      • 1970-01-01
      • 2017-06-20
      相关资源
      最近更新 更多