我确信这只是一个基本的配置。我有一个wordpress多站点正在运行,带有基本域。我想实现简单的域映射,不幸的是,nginx-config的Wordpress文档非常缺乏。
9个月前,我尝试并成功地使用WU域映射插件做到了这一点,但这一次它不起作用,我宁愿让它在没有插件的情况下工作(旨在安装低插件WP(。
当然,我已经修改了网站部分的网站URL来测试这一点。
我目前拥有的是:
site1.com (working)
site2.site1.com (working)
site2.com (301 redirect loop)
我想要的是:
site1.com
site2.com
有什么建议需要添加到我的Nginx conf文件中吗?我当前的nginx conf文件与Digital Ocean Docker设置页面的文件基本相同:
server {
listen 80;
listen [::]:80;
server_name *.site1.com site1.com www.site1.com;
location ~ /.well-known/acme-challenge {
allow all;
root /var/www/html;
}
location / {
rewrite ^ https://$host$request_uri? permanent;
}
error_log /var/log/nginx/error.log;
access_log /var/log/nginx/access.log;
}
server {
error_log /var/log/nginx/error.log;
access_log /var/log/nginx/access.log;
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name site1.com www.site1.com;
index index.php index.html index.htm;
root /var/www/html;
server_tokens off;
ssl_certificate /etc/letsencrypt/live/site1.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/site1.com/privkey.pem;
include /etc/nginx/conf.d/options-ssl-nginx.conf;
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-XSS-Protection "1; mode=block" always;
add_header X-Content-Type-Options "nosniff" always;
add_header Referrer-Policy "no-referrer-when-downgrade" always;
add_header Content-Security-Policy "default-src * data: 'unsafe-eval' 'unsafe-inline'" always;
# add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;
# enable strict transport security only if you understand the implications
location / {
try_files $uri $uri/ /index.php$is_args$args;
}
location ~ .php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+.php)(/.+)$;
fastcgi_pass wordpress:9000;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
}
location ~ /.ht {
deny all;
}
location = /favicon.ico {
log_not_found off; access_log off;
}
location = /robots.txt {
log_not_found off; access_log off; allow all;
}
location ~* .(css|gif|ico|jpeg|jpg|js|png)$ {
expires max;
log_not_found off;
}
}
更新:
如果我登录并运行nginx
命令,请检查nginx Docker,我会收到以下错误消息:编辑-这也发生在工作配置上,所以我猜这可能是转移注意力
nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use)
2021/03/18 10:07:11 [emerg] 29#29: bind() to [::]:80 failed (98: Address already in use)
nginx: [emerg] bind() to [::]:80 failed (98: Address already in use)
2021/03/18 10:07:11 [emerg] 29#29: bind() to 0.0.0.0:443 failed (98: Address already in use)
nginx: [emerg] bind() to 0.0.0.0:443 failed (98: Address already in use)
2021/03/18 10:07:11 [emerg] 29#29: bind() to [::]:443 failed (98: Address already in use)
nginx: [emerg] bind() to [::]:443 failed (98: Address already in use)
2021/03/18 10:07:11 [emerg] 29#29: still could not bind()
在容器中,netstat为端口80/443提供了以下信息:
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 1/nginx: master pro
tcp 0 0 172.18.0.2:38422 199.232.138.132:80 TIME_WAIT -
tcp6 0 0 :::80 :::* LISTEN 1/nginx: master pro
tcp 0 0 0.0.0.0:443 0.0.0.0:* LISTEN 1/nginx: master pro
tcp6 0 0 :::443 :::* LISTEN 1/nginx: master pro
在集装箱外,它似乎只正确运行了一个端口:
tcp 0 0 0.0.0.0:443 0.0.0.0:* LISTEN 1298/docker-proxy
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 1313/docker-proxy
编辑(18/3/21(:
刚刚从另一个IP地址的工作备份中进行了恢复,但我对这个特定的域仍然有问题。有趣的是,我跨越了另一个不同域的网站,这个网站正在工作!
我会检查配置,看看里面是否有什么不同,如果没有,我想我需要走DNS路线,检查它是否正确地针对我的主机。
天哪,那真是一场胡言乱语。经过几天的努力,它变成了Cloudflare SSL。今天确实注意到了,但没有注意到。
事情指向DNS/SSL,但不确定它可能是什么。在这里找到了Cloudflare SSL设置的参考,在网站的SSL/TLS设置中,我将加密模式设置为灵活,它们应该是完整。设置它,它现在就工作了。我觉得我已经解决了这个问题,这次最好把它记得更清楚!