服务器块没有正确路由#nginxhelp [英] Server block not routing correctly #nginxhelp

问题描述

我已经设置了一个带有多个服务器块的 NGINX 服务器.我已经配置了 2 个简单的网站在同一台服务器上运行.它们指向在各自的服务器块文件中指定的两个不同的根路径.

I have setup an NGINX server with multiple server blocks. I have configured 2 simple websites to run on the same server. They point to two different root paths specified in the respective server block file.

我已经更新了两个域的 DNS 详细信息:

I have updated the DNS details for both the domains:

名称服务器:根据注册商更新详细信息

Name Servers: updated details as per registrar

A 记录:更新相同的静态 IP 地址

A records: updated same static IP address

但是，当我在浏览器中使用 domain2.com 进行测试时，它会重定向到 domain1.com.我究竟做错了什么?我已经使用以下命令重新启动了 nginx 服务器:

However, when I test with domain2.com in the browser, it redirects to domain1.com. What am I doing wrong? I have already restarted the nginx server using:

sudo systemctl restart nginx

这是我的服务器块的样子:

This is how my server block looks like:

# Default server configuration
#
server {

    root /var/www/domain1.com/html;

    # Add index.php to the list if you are using PHP
    index index.php index.html index.htm index.nginx-debian.html;

    server_name domain1.com www.domain1.com;

    location / {
        # First attempt to serve request as file, then
        # as directory, then fall back to displaying a 404.
        # try_files $uri $uri/ =404;
                try_files $uri $uri/ /index.php?q=$uri&$args; 
    }

    # pass PHP scripts to FastCGI server
    #
    location ~ \.php$ {
        include snippets/fastcgi-php.conf;
    #
    #   # With php-fpm (or other unix sockets):
        fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
    #   # With php-cgi (or other tcp sockets):
    #   fastcgi_pass 127.0.0.1:9000;
    }

    # deny access to .htaccess files, if Apache's document root
    # concurs with nginx's one
    #
    #location ~ /\.ht {
    #   deny all;
    #}

    listen [::]:443 ssl ipv6only=on; # managed by Certbot
    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/domain1.com/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/domain1.com/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot


}

server {
    if ($host = www.domain1.com) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


    if ($host = domain1.com) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


    listen 80;
    listen [::]:80;

    server_name domain1.com www.domain1.com;
    return 404; # managed by Certbot

}

这是我的第二个服务器块文件:

This is my second server block file:

# Default server configuration
#
server {
        listen 80;
        listen [::]:80;

    root /var/www/domain2.com/html;

    # Add index.php to the list if you are using PHP
    index index.php index.html index.htm index.nginx-debian.html;

    server_name domain2.com www.domain2.com;

    location / {
        # First attempt to serve request as file, then
        # as directory, then fall back to displaying a 404.
        # try_files $uri $uri/ =404;
                try_files $uri $uri/ /index.php?q=$uri&$args; 
    }

    # pass PHP scripts to FastCGI server
    #
    location ~ \.php$ {
        include snippets/fastcgi-php.conf;
    #
    #   # With php-fpm (or other unix sockets):
        fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
    #   # With php-cgi (or other tcp sockets):
    #   fastcgi_pass 127.0.0.1:9000;
    }

    # deny access to .htaccess files, if Apache's document root
    # concurs with nginx's one
    #
    #location ~ /\.ht {
    #   deny all;
    #}
}

推荐答案

您的服务器块配置文件非常完美.不要改变任何东西.让我解释一下正在发生的事情.您的服务器块表明您安装了 certbot，可能用于为 domain1.com 部署 Lets Encrypt SSL 证书，而 domain2.com 的服务器块还没有任何由 certbot 管理的条目.这可能意味着您使用的是 domain1.com 的 ssl 证书，而不是 domain2.com.

Your server block configuration files are perfect. Do not change anything. Let me explain what is happening. Your server block indicates that you installed certbot, probably for deploying Lets Encrypt SSL certificates for domain1.com whereas the server block for domain2.com does not have any entry managed by certbot yet. This probably means that you are using ssl certificates for domain1.com but not for domain2.com.

在为 domain1.com 配置 SSL 证书时，您可能选择了将所有流量重定向到 SSL 的选项.发生的情况是，当 dns 服务器向您的 Web 服务器发送对 domain2.com 的请求时，它需要该域的 SSL 证书，但没有找到.然后它将所有流量重定向到安装了有效 SSL 证书的现有域.

At the time of configuring SSL certificates for domain1.com, you probably selected the option of redirecting all traffic to SSL. Whats happening is that when the dns servers send a request for domain2.com to your web server, it expects an SSL certificate for that domain but finds none. It then redirects all traffic to the existing domain which has a valid SSL certificate installed.

但是，证书上的域名 (domain1.com) 不得与 DNS 服务器传递给 domain2.com 的信息匹配.因此，它很可能会抛出有关无效 SSL 证书的错误或警告消息.

However, the domain name on the certificate (domain1.com) shall not match the information passed on by the DNS server for domain2.com. Hence, it shall, in all likelihood, throw an error or warning message regarding invalid SSL certificates.

解决方案:为 domain2.com 安装一个新的 SSL 证书，就像为 domain1.com 所做的一样，一切正常.

Solution: Install a new SSL certificate for domain2.com just like you did for domain1.com and everything should work fine.

让我知道它是否有效.

这篇关于服务器块没有正确路由#nginxhelp的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！