无法让 prerender.io nginx 配置与 https 重写一起使用

【问题标题】:Having trouble getting prerender.io nginx config to work with https rewrite无法让 prerender.io nginx 配置与 https 重写一起使用
【发布时间】:2016-04-19 00:16:06
【问题描述】:

我想我可能已经用我正在尝试编写的这个 nginx 配置咀嚼了更多的东西。我是 nginx 配置的新手,我正在尝试编写一个非常复杂的配置(至少对我而言)。任何帮助将不胜感激。

配置需要:

  1. 将 http $http_x_forwarded_proto 重定向到 https(https 在 ec2 负载均衡器处中断)
  2. 使用 prerender.io 的 nginx 中间件(可抓取单页应用程序的 seo)
  3. 将任何查询参数 (_escaped_fragment_=) 从 http 传递到 https
  4. 将所有子域请求重定向到https://example.com/c/$subdomain
  5. 允许http://example.com/healthcheck.txt 通过http(负载均衡器健康检查)

这是我当前的配置

server {
    listen 80;
    server_name example.com;

    root   /var/www/html/dist;
    index  index.html;

    error_log  /var/log/mysite/error.log;
    access_log /var/log/mysite/access.log;

    location /healthcheck.txt {
        break;
    }

    location / {
        try_files $uri @prerender;

        if ($http_x_forwarded_proto != "https") {
            set $urltest N;
        }

        if ($query_string) {
            set $urltest "${urltest}Y";
        }

        if ($urltest = N) {
            rewrite ^(.*)$ https://example.com$1 permanent;
        }

        if ($urltest = NY) {
            rewrite ^(.*)$ https://example.com$1?$query_string permanent;
        }
    }

    location @prerender {
        proxy_set_header X-Prerender-Token MY_TOKEN;

        set $prerender 0;
        if ($http_user_agent ~* "baiduspider|twitterbot|facebookexternalhit|rogerbot|linkedinbot|embedly|quora link preview|showyoubot|outbrain|pinterest|slackbot|vkShare|W3C_Validator") {
            set $prerender 1;
        }
        if ($args ~ "_escaped_fragment_") {
            set $prerender 1;
        }
        if ($http_user_agent ~ "Prerender") {
            set $prerender 0;
        }
        if ($uri ~ "\.(js|css|xml|less|png|jpg|jpeg|gif|pdf|doc|txt|ico|rss|zip|mp3|rar|exe|wmv|doc|avi|ppt|mpg|mpeg|tif|wav|mov|psd|ai|xls|mp4|m4a|swf|dat|dmg|iso|flv|m4v|torrent|ttf|woff)") {
            set $prerender 0;
        }

        #resolve using Google's DNS server to force DNS resolution and prevent caching of IPs
        resolver 8.8.8.8;

        if ($prerender = 1) {

            #setting prerender as a variable forces DNS resolution since nginx caches IPs and doesnt play well with load balancing
            set $prerender "service.prerender.io";
            rewrite .* /$scheme://$host$request_uri? break;
            proxy_pass http://$prerender;
        }
        if ($prerender = 0) {
            rewrite .* /index.html break;
        }
    }
}

server {
    listen 80;
    server_name ~^(?<sub>.+)\.example\.com$ ;

    rewrite ^ https://example.com/c/$sub;
}

这适用于项目 1 4 和 5,但项目 2 和 3 不起作用

  1. 使用 prerender.io 的 nginx 中间件

这根本不起作用,但是没有 https 重定向它确实起作用

  1. 将任何查询参数 (_escaped_fragment_=) 从 http 传递到 https

它可以工作,但是像这样复制查询参数:?_escaped_fragment_=&amp;_escaped_fragment_=

有人可以提供什么建议吗?

【问题讨论】:

    标签: nginx prerender


    【解决方案1】:

    我终于可以解决它了。我让 SSL 通过负载均衡器并到达服务器本身,这样我就不能简单地将 http 重定向到 https 而不必担心负载均衡器造成的复杂性。

    这是我更新的配置:

    server {
    listen 80;
    server_name ~^(?<sub>.+)\.example\.com$ ;

    if ($sub = 'www') {
        return 301 https://$host$request_uri;
    }

    if ($sub != '') {
        rewrite ^ https://example.com/c/$sub;
    }

    if ($sub = '') {
        return 301 https://$host$request_uri;
    }
}

server {
    listen 443;
    server_name example.com;

    ssl  on;
    ssl_certificate    /etc/ssl/star_example_com.pem;
    ssl_certificate_key    /etc/ssl/star_example_com.key;

    root /var/www/html/dist;
    index index.html;

    access_log /var/log/example/ssl.access.log;
    error_log /var/log/example/ssl.error.log;

    include /etc/nginx/content_redirects.conf;

    location / {
        try_files $uri @prerender;
    }

    location @prerender {
        proxy_set_header X-Prerender-Token MY_KEY;

        set $prerender 0;
        if ($http_user_agent ~* "baiduspider|twitterbot|facebookexternalhit|rogerbot|linkedinbot|embedly|quora link preview|showyoubot|outbrain|pinterest|slackbot|vkShare|W3C_Valid
ator") {
            set $prerender 1;
        }
        if ($args ~ "_escaped_fragment_") {
            set $prerender 1;
        }
        if ($http_user_agent ~ "Prerender") {
            set $prerender 0;
        }
        if ($uri ~ "\.(js|css|xml|less|png|jpg|jpeg|gif|pdf|doc|txt|ico|rss|zip|mp3|rar|exe|wmv|doc|avi|ppt|mpg|mpeg|tif|wav|mov|psd|ai|xls|mp4|m4a|swf|dat|dmg|iso|flv|m4v|torrent|
ttf|woff)") {
            set $prerender 0;
        }

        #resolve using Google's DNS server to force DNS resolution and prevent caching of IPs
        resolver 8.8.8.8;

        if ($prerender = 1) {

            #setting prerender as a variable forces DNS resolution since nginx caches IPs and doesnt play well with load balancing
            set $prerender "service.prerender.io";
            rewrite .* /https://$host$request_uri? break;
            proxy_pass http://$prerender;
        }
        if ($prerender = 0) {
            rewrite .* /index.html break;
        }
    }
}

    【讨论】:

      猜你喜欢
      • 1970-01-01
      • 1970-01-01
      • 2018-03-04
      • 1970-01-01
      • 2014-01-15
      • 1970-01-01
      • 2017-02-12
      • 2017-02-06
      • 2019-07-28
      相关资源
      最近更新 更多
      热门标签
      Java Python linux javascript Mysql C# Docker 算法 前端 SpringBoot Redis Vue spring 设计模式 .net core .net kubernetes c++ 数据库 数据结构 大数据 js 机器学习 微服务 Android Go 程序员 面试 JVM ASP.net core 云原生 人工智能 后端 PHP git CSS golang k8s Nginx Django mybatis 深度学习 多线程 React 架构 devops 爬虫 云计算 Spring Boot LeetCode