nginx 子域 ssl 重定向重定向顶级域 [英] nginx subdomain ssl redirect redirects top level domain

问题描述

我为子域上的所有 HTTP 流量设置了重定向以通过 HTTPS，但我注意到当我访问 http://mydomain.com 时，它正在重定向到 https://subdomain.mydomain.com.https://mydomain.com 上没有遇到问题.

为了澄清，

http://mydomain.com 不应该重定向但它当前重定向到 https://subdomain.mydomain.com

http://subdomain.mydomain.com 应该重定向到 https://subdomain.mydomain.com.

这是我的 nginx 配置

服务器{听 *:80;server_name subdomain.mydomain.com;server_tokens 关闭；根/无处；# 这不必是有效路径，因为我们正在重定向，您不必更改它.重写 ^ https://$server_name$request_uri 永久；}服务器 {听 443 ssl；server_name subdomain.mydomain.com;server_tokens 关闭；.... 其他的东西 ...}

解决方案

引用自 http://nginx.org/en/docs/http/request_processing.html

<块引用>

nginx 首先决定哪个服务器应该处理请求.让我们从一个简单的配置开始，其中所有三个虚拟服务器监听端口 *:80:

服务器{听80；server_name example.org www.example.org;...}服务器 {听80；server_name example.net www.example.net;...}服务器 {听80；server_name example.com www.example.com;...}

<块引用>

在这个配置中，nginx 只测试请求的头字段主机"来确定应该将请求路由到哪个服务器.如果它的值不匹配任何服务器名称，或者请求不匹配包含这个头字段，然后 nginx 会将请求路由到此端口的默认服务器.在上面的配置中，默认服务器是第一个——这是 nginx 的标准默认值行为.

这意味着在您的示例中，当您向 http://mydomain.com 发出请求时，唯一可用的服务器块是 server_name subdomain.mydomain.com; 块，所以它重定向到 https.最简单的解决方案是创建一个名为的新服务器块，它只返回一个 http 状态代码，可能还有一条消息.例如

服务器{听80；server_name mydomain.com;返回403这里没什么可看的"；}

您也可以像这样使用 default_server listen 80 default_server; 以确保所有未配置"的主机名都将出现在此块中

I setup a redirect for all HTTP traffic on my subdomain to go through HTTPS but I noticed that when I visit http://mydomain.com it is redirecting to https://subdomain.mydomain.com. No problem is encountered on https://mydomain.com.

Just to clarify,

http://mydomain.com should not redirect but it currectly redirects to https://subdomain.mydomain.com

http://subdomain.mydomain.com should redirect to https://subdomain.mydomain.com.

This is my nginx conf

server {
    listen *:80;
    server_name subdomain.mydomain.com;
    server_tokens off;
    root /nowhere; # this doesn't have to be a valid path since we are redirecting, you don't have to change it.
    rewrite ^ https://$server_name$request_uri permanent;
}

server {
    listen 443 ssl;
    server_name subdomain.mydomain.com;
    server_tokens off;
    .... other stuff ...
}

解决方案

Quoting from http://nginx.org/en/docs/http/request_processing.html

nginx first decides which server should process the request. Let’s start with a simple configuration where all three virtual servers listen on port *:80:

server {
    listen      80;
    server_name example.org www.example.org;
    ...
}

server {
    listen      80;
    server_name example.net www.example.net;
    ...
}

server {
    listen      80;
    server_name example.com www.example.com;
    ...
}

In this configuration nginx tests only the request’s header field "Host" to determine which server the request should be routed to. If its value does not match any server name, or the request does not contain this header field at all, then nginx will route the request to the default server for this port. In the configuration above, the default server is the first one — which is nginx’s standard default behaviour.

That means that in your example, when you make a request to http://mydomain.com the only available server block to serve the request is the server_name subdomain.mydomain.com; block, so it redirects to https. The simplest solution is to create a new server block called which just returns a http status code and possibly a message. E.g.

server {
  listen 80;
  server_name mydomain.com;
  return 403 "nothing to see here";
}

You may also use default_server like this listen 80 default_server; to make sure that all 'unconfigured' hostnames will come in this block

这篇关于nginx 子域 ssl 重定向重定向顶级域的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！