【发布时间】:2021-02-28 01:26:39
【问题描述】:
我在在线获取我的网站时遇到了一些困难。尽管我在端口 447 (nicer.app) 上有一个类似的站点,但这个 zoned.at 站点不会超过它在浏览器中的 ERR_CONNECTION_REFUSED 状态。
我在 ubuntu 20.04 上使用 nginx 和 apache2。
“netstat -tulpn | grep 448” 什么都不返回,但是“service apache2 restart”和“service nginx restart”也什么都不返回,表示没有错误,并且日志中也没有任何内容(/var/logs/apache2/error.448.log 和 /var/logs/nginx /error.log)
这是我的 apache 配置部分:
<VirtualHost *:448>
# The ServerName directive sets the request scheme, hostname and port that
# the server uses to identify itself. This is used when creating
# redirection URLs. In the context of virtual hosts, the ServerName
# specifies what hostname must appear in the request's Host: header to
# match this virtual host. For the default virtual host (this file) this
# value is not decisive as it is used as a last resort host regardless.
# However, you must set it for any further virtual host explicitly.
#ServerName www.example.com
ServerName zoned.at
ServerAdmin rene.veerman.netherlands@gmail.com
DocumentRoot /home/rene/data1/htdocs/zoned.at
# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
# error, crit, alert, emerg.
# It is also possible to configure the loglevel for particular
# modules, e.g.
#LogLevel info ssl:warn
#LogLevel info ssl:warn
LogLevel debug ssl:warn
ErrorLog ${APACHE_LOG_DIR}/error.448.log
CustomLog ${APACHE_LOG_DIR}/access.448.log combined
# For most configuration files from conf-available/, which are
# enabled or disabled at a global level, it is possible to
# include a line for only one particular virtual host. For example the
# following line enables the CGI configuration for this host only
# after it has been globally disabled with "a2disconf".
#Include conf-available/serve-cgi-bin.conf
<Directory /home/rene/data1/htdocs/zoned.at>
Options -Indexes +FollowSymLinks
AllowOverride All
Require all granted
</Directory>
SSLEngine on
SSLProtocol all -SSLv2 -SSLv3
SSLHonorCipherOrder on
SSLCipherSuite "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH+aRSA+RC4 EECDH EDH+aRSA RC4 !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS +RC4 RC4"
SSLCertificateFile /etc/letsencrypt/live/zoned.at/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/zoned.at/privkey.pem
SSLCertificateChainFile /etc/letsencrypt/live/zoned.at/fullchain.pem
</VirtualHost>
这是我的 nginx 配置部分:
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name zoned.at;
root /home/rene/data1/htdocs/zoned.at;
large_client_header_buffers 4 32k;
ssl_certificate /etc/letsencrypt/live/zoned.at/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/zoned.at/privkey.pem;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
ssl_protocols TLSv1.2 TLSv1.1 TLSv1;
ssl_ciphers 'kEECDH+ECDSA+AES128 kEECDH+ECDSA+AES256 kEECDH+AES128 kEECDH+AES256 kEDH+AES128 kEDH+AES256 DES-CBC3-SHA +SHA !aNULL !eNULL !LOW !kECDH !DSS !MD5 !RC4 !EXP !PSK !SRP !CAMELLIA !SEED';
ssl_prefer_server_ciphers on;
ssl_dhparam /etc/nginx/dhparam.pem;
location / {
proxy_pass https://192.168.178.21:448/;
proxy_redirect off;
proxy_buffering off;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Ssl on;
proxy_connect_timeout 159s;
proxy_send_timeout 60;
proxy_read_timeout 60;
send_timeout 60;
resolver_timeout 60;
}
}
【问题讨论】:
-
更新:apachectl configtest 返回“语法正常”
-
更新:我还没有将端口输入/etc/apache2/ports.conf,但这还没有解决我的问题。 ERR_CONNECTION_REFUSED 仍然是浏览器的答案,但我确实设法得到 netstat -tulpn | grep apache 实际上将 448 列为现在正在侦听的端口。搜索继续!
-
更新:sudo ufw allow 448 无效,但需要 。