V2EX = way to explore
V2EX 是一个关于分享和探索的地方
现在注册
已注册用户请  登录
V2EX 提问指南
kmdd33
V2EX  ›  问与答

深夜近 3 点,还在处理问题, chrome 浏览器显示 www.mydomain.com 将您重定向的次数过多??!!

  •  
  •   kmdd33 · 2017-04-08 02:57:09 +08:00 via iPad · 7834 次点击
    这是一个创建于 2790 天前的主题,其中的信息可能已经有所发展或是发生改变。

    环境: lnmp,申请了免费的腾讯 ssl 证书, cloudflare 的 crypto 修改 ssl 为 full

    我的 nginx.conf 配置如下:

    ` user www www;

    worker_processes auto;

    error_log /home/wwwlogs/nginx_error.log crit;

    pid /usr/local/nginx/logs/nginx.pid;

    #Specifies the value for maximum file descriptors that can be opened by this process. worker_rlimit_nofile 51200;

    events { use epoll; worker_connections 51200; multi_accept on; }

    http {

    map $http_cf_ipcountry $allow {
    default yes;
    CN yes;
    RU no;
    US yes;
    }
    include       mime.types;
    default_type  application/octet-stream;
    
    server_names_hash_bucket_size 128;
    client_header_buffer_size 32k;
    large_client_header_buffers 4 32k;
    client_max_body_size 50m;
    
    sendfile   on;
    tcp_nopush on;
    
    keepalive_timeout 60;
    
    tcp_nodelay on;
    
    fastcgi_connect_timeout 300;
    fastcgi_send_timeout 300;
    fastcgi_read_timeout 300;
    fastcgi_buffer_size 64k;
    fastcgi_buffers 4 64k;
    fastcgi_busy_buffers_size 128k;
    fastcgi_temp_file_write_size 256k;
    
    gzip on;
    gzip_min_length  1k;
    gzip_buffers     4 16k;
    gzip_http_version 1.1;
    gzip_comp_level 2;
    gzip_types     text/plain application/javascript application/x-javascript text/javascript text/css application/xml application/xml+rss;
    gzip_vary on;
    gzip_proxied   expired no-cache no-store private auth;
    gzip_disable   "MSIE [1-6]\.";
    
    #limit_conn_zone $binary_remote_addr zone=perip:10m;
    ##If enable limit_conn_zone,add "limit_conn perip 10;" to server section.
    
    server_tokens off;
    access_log off;
    

    server {

    listen 80; server_name www.mydomain.com; return 301 https://www.mydomain.com$request_uri;

    }

    server{

    if ($allow = no) { return 403; }

    location ~ /.well-known { allow all; }

     listen 443 default ssl;
    #listen [::]:80 default_server ipv6only=on;
    server_name www.mydomain.com.com;
    ssl_certificate /usr/local/nginx/conf/1_www.mydomain.com_bundle.crt;
    ssl_certificate_key /usr/local/nginx/conf/2_www.mydomain.com.key;
    ssl_session_timeout 5m;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;
    ssl_prefer_server_ciphers on;
    index index.html index.htm index.php;
    root  /home/wwwroot/default;
    
    #error_page   404   /404.html;
    include enable-php.conf;
    
    location /nginx_status
    {
        stub_status on;
        access_log   off;
    }
    
    location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
    {
        expires      30d;
    }
    
    location ~ .*\.(js|css)?$
    {
        expires      12h;
    }
    
    
    
    
    location ~ /\.
    {
        deny all;
    }
    
    
    access_log  /home/wwwlogs/access.log;
    

    } include vhost/*.conf; }

    
    
    
    参考了教程: https://www.v2ex.com/t/275074...
    
    http://stackoverflow.com/questions/35143193/cloudflare-and-nginx-too-many-redirects
    
    和 https://www.qcloud.com/docume...
    
    http://www.wuce.org/cloudflare-felxible-ssl-rediction-loop/
    重启: lnmp nginx restart 出现警告:
    
    toping nginx... nginx: [warn] conflicting server name "www.mydomain.com" on 0.0.0.0:80, ignored
    
    怎么办?怎么办?
    
    13 条回复    2017-04-08 23:20:57 +08:00
    kmdd33
        1
    kmdd33  
    OP
       2017-04-08 02:59:10 +08:00 via iPad
    http://stackoverflow.com/questions/35143193/cloudflare-and-nginx-too-many-redirects
    stackoverflow 有人说可以设置 302 临时,这个管用吗?如何修改成 302 重定向?
    misaka19000
        2
    misaka19000  
       2017-04-08 03:03:28 +08:00 via Android
    Marfal
        3
    Marfal  
       2017-04-08 03:03:35 +08:00
    https://pastebin.com/

    可以把配置发在这
    yangqi
        4
    yangqi  
       2017-04-08 03:19:26 +08:00
    你 vhosts/文件夹里面是不是还有多余的 conf 文件?
    kmdd33
        5
    kmdd33  
    OP
       2017-04-08 03:58:31 +08:00 via iPad
    @yangqi 我现在去查看一下这个文件夹
    kmdd33
        6
    kmdd33  
    OP
       2017-04-08 04:00:47 +08:00 via iPad
    @Marfal 我也不清楚, nginx.conf 文件里面的设置正确吗?
    crystom
        7
    crystom  
       2017-04-08 04:02:53 +08:00 via iPhone
    第二段 sever 开始处加上 listen 443; sever_name www.mydomain.com;
    crystom
        8
    crystom  
       2017-04-08 04:13:49 +08:00 via iPhone
    e 好像不是这样,看走眼了
    kmdd33
        9
    kmdd33  
    OP
       2017-04-08 04:50:44 +08:00 via iPad
    @misaka19000 .com 那个疏忽错误已经修改过来,谢谢,观察的很细。
    kmdd33
        10
    kmdd33  
    OP
       2017-04-08 20:56:24 +08:00
    没有 vhosts 这个文件夹, whereis vhost 和 vhosts 都没有提示
    kmdd33
        11
    kmdd33  
    OP
       2017-04-08 20:56:36 +08:00
    yangqi
        12
    yangqi  
       2017-04-08 22:36:54 +08:00
    access_log 打开然后看一下怎么回事
    kmdd33
        13
    kmdd33  
    OP
       2017-04-08 23:20:57 +08:00
    看到了最近请求的一些信息,没看出来什么毛病啊?
    关于   ·   帮助文档   ·   博客   ·   API   ·   FAQ   ·   实用小工具   ·   4881 人在线   最高记录 6679   ·     Select Language
    创意工作者们的社区
    World is powered by solitude
    VERSION: 3.9.8.5 · 22ms · UTC 09:58 · PVG 17:58 · LAX 01:58 · JFK 04:58
    Developed with CodeLauncher
    ♥ Do have faith in what you're doing.