【发布时间】:2015-12-10 15:25:22
【问题描述】:
我在 xyz.com 上有一个网站,在 xyz.com/piwik 上有一个 piwik。 Piwik 运行良好,但不幸的是,并非所有由 piwik 请求的数据都由服务器处理。
我观察到如下行为:
xyz.com/piwik/ -> 错误
xyz.com/piwik/index.php -> 很好
xyz.com/piwik/?module=... -> 错误
nginx.conf
# Configuration containing list of application servers
upstream wsgi_cluster {
server ***.***.112.44:5000;
}
# Default server configuration
#
server {
listen 80;
error_log /var/log/nginx/http.error.log warn;
server_name xxx;
return 301 https://$server_name$request_uri;
}
# HTTPS server
server {
listen 443 ssl;
server_name xxx;
auth_basic "Restricted";
root /usr/share/nginx/html;
index index.html index.htm;
ssl on;
ssl_certificate /etc/nginx/ssl/server.crt;
ssl_certificate_key /etc/nginx/ssl/server.key;
error_log /var/log/nginx/https.error.log warn;
charset utf-8;
location /piwik/ {
location ~ /piwik/(.*\.php)(/.*)?$ {
fastcgi_pass unix:/var/run/php5-fpm.sock;
}
#fastcgi_split_path_info ^(.+\.php)(/.+)$;
#fastcgi_pass unix:/var/run/php5-fpm.sock;
#fastcgi_index index.php;
}
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
}
location / {
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
auth_basic "Restricted";
auth_basic_user_file /etc/nginx/.htpasswd;
client_max_body_size 10m;
client_body_buffer_size 128k;
proxy_connect_timeout 60s;
proxy_send_timeout 90s;
proxy_read_timeout 90s;
proxy_buffering off;
proxy_temp_file_write_size 64k;
proxy_pass http://wsgi_cluster;
proxy_redirect off;
}
# Deny certain User-Agents (case insensitive)
# The ~* makes it case insensitive as opposed to just a ~
if ($http_user_agent ~* "Baiduspider|Jullo|AcoiRobot" ) {
return 403;
}
error_page 502 /502.html;
location = /502.html {
root /etc/nginx/;
internal;
}
error_page 401 /401.html;
location = /401.html {
root /etc/nginx/;
internal;
}
}
我的站点.conf
# Configuration containing list of application servers
upstream wsgi_cluster {
server ***.***.112.44:5000;
}
# Default server configuration
#
server {
listen 80;
error_log /var/log/nginx/http.error.log warn;
server_name xxx;
return 301 https://$server_name$request_uri;
}
# HTTPS server
server {
listen 443 ssl;
server_name xxx;
auth_basic "Restricted";
root /usr/share/nginx/html;
index index.html index.htm;
ssl on;
ssl_certificate /etc/nginx/ssl/server.crt;
ssl_certificate_key /etc/nginx/ssl/server.key;
error_log /var/log/nginx/https.error.log warn;
charset utf-8;
location /piwik/ {
location ~ /piwik/(.*\.php)(/.*)?$ {
fastcgi_pass unix:/var/run/php5-fpm.sock;
}
#fastcgi_split_path_info ^(.+\.php)(/.+)$;
#fastcgi_pass unix:/var/run/php5-fpm.sock;
#fastcgi_index index.php;
}
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
}
location / {
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
auth_basic "Restricted";
auth_basic_user_file /etc/nginx/.htpasswd;
client_max_body_size 10m;
client_body_buffer_size 128k;
proxy_connect_timeout 60s;
proxy_send_timeout 90s;
proxy_read_timeout 90s;
proxy_buffering off;
proxy_temp_file_write_size 64k;
proxy_pass http://wsgi_cluster;
proxy_redirect off;
}
# Deny certain User-Agents (case insensitive)
# The ~* makes it case insensitive as opposed to just a ~
if ($http_user_agent ~* "Baiduspider|Jullo|AcoiRobot" ) {
return 403;
}
error_page 502 /502.html;
location = /502.html {
root /etc/nginx/;
internal;
}
error_page 401 /401.html;
location = /401.html {
root /etc/nginx/;
internal;
}
}
【问题讨论】: