Linux nginx默认站点不';他似乎不在工作
我已经让nginx作为反向代理在docker中运行了一段时间,它工作得非常好,除了最近出现的一个小问题 我想要什么:当用户访问我的nginx服务器,但没有为URL指定.conf文件时,404/444或其他一些HTTP响应会断开连接 我看到的:当用户导航到sudomain.url.com,并且在我的*.conf文件中没有指定该子域时,nginx使用它找到的第一个conf文件-忽略default.conf。请在下面找到我的详细信息 你能提供的任何其他提示/窍门也会很棒 nginx.conf:Linux nginx默认站点不';他似乎不在工作,linux,nginx,docker,proxy,reverse-proxy,Linux,Nginx,Docker,Proxy,Reverse Proxy,我已经让nginx作为反向代理在docker中运行了一段时间,它工作得非常好,除了最近出现的一个小问题 我想要什么:当用户访问我的nginx服务器,但没有为URL指定.conf文件时,404/444或其他一些HTTP响应会断开连接 我看到的:当用户导航到sudomain.url.com,并且在我的*.conf文件中没有指定该子域时,nginx使用它找到的第一个conf文件-忽略default.conf。请在下面找到我的详细信息 你能提供的任何其他提示/窍门也会很棒 nginx.conf: use
user nginx;
worker_processes 1;
error_log /etc/nginx/log/error.log warn;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /etc/nginx/log/access.log main;
sendfile on;
#tcp_nopush on;
keepalive_timeout 70;
#gzip on;
include /etc/nginx/conf.d/*.conf;
}
default.conf:
server {
server_name _;
listen 80 default_server;
return 444;
}
server {
server_name _;
listen 443 default_server;
return 444;
}
conf文件的示例(可能有十几个):
我还没有实际测试过这个,但我的直觉是你的listen指令不应该包含主机名。它们应该包含要侦听的接口的IP地址和要侦听的端口。然后,对于每个不同的端口/IP组合,可以指定其中一个作为默认值 只有在解析请求发往哪个IP地址以及它在哪个端口上之后,nginx才开始实际处理请求。这里的第一步是检查主机头,如果它找到一个匹配的服务器块作为主机头的值,那么这就是它应该路由的地方。如果找不到,则应路由到默认值 如果没有收到主机头,我认为,在较新版本的nginx中,它将删除请求,但是它以前只会通过发送到IP/端口组合的默认服务器来处理这个问题 下面是一个nginx.conf,它为命名服务器提供了工作端点,并为其他所有内容返回404。由于HSTS头文件的原因,您需要点击test.se{1,2,3,4}.home-v.ind.in查看它的工作情况,否则您将返回浏览器错误
user nginx;
worker_processes auto;
error_log stderr notice;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
sendfile on;
tcp_nopush on;
keepalive_timeout 300s;
ssl_certificate /etc/pki/nginx/fullchain.pem;
ssl_certificate_key /etc/pki/nginx/privkey.pem;
ssl_dhparam /etc/pki/nginx/dhparams.pem;
ssl_protocols TLSv1.2;
ssl_ciphers EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
ssl_prefer_server_ciphers on;
ssl_buffer_size 1400;
ssl_session_timeout 1d;
ssl_session_cache shared:SSL:50m;
ssl_stapling on;
ssl_stapling_verify on;
ssl_trusted_certificate /etc/pki/nginx/fullchain.pem;
add_header "Cache-Control" "no-transform";
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;
resolver 8.8.8.8 8.8.4.4 216.146.35.35 216.146.36.36 valid=60s;
resolver_timeout 2s;
server {
listen 80 default_server;
server_name _;
return 301 https://$host$request_uri;
}
server {
listen 443 ssl http2;
server_name test.se1.home-v.ind.in;
root /usr/share/nginx/html;
location /.well-known { satisfy any; allow all; try_files $uri $uri/ =404; }
location /robots.txt { satisfy any; allow all; add_header Content-Type text/plain; return 200 "User-agent: *\nDisallow: /\n"; }
location / { satisfy any; allow all; add_header Content-Type text/plain; return 200 "Test Site 1"; }
}
server {
listen 443 ssl http2;
server_name test.se2.home-v.ind.in;
root /usr/share/nginx/html;
location /.well-known { satisfy any; allow all; try_files $uri $uri/ =404; }
location /robots.txt { satisfy any; allow all; add_header Content-Type text/plain; return 200 "User-agent: *\nDisallow: /\n"; }
location / { satisfy any; allow all; add_header Content-Type text/plain; return 200 "Test Site 2"; }
}
server {
listen 443 ssl http2 default_server;
server_name _;
root /usr/share/nginx/html;
location /.well-known { satisfy any; allow all; try_files $uri $uri/ =404; }
location / { return 404; }
}
}
您的default.conf是否位于/etc/nginx/conf.d/default.conf中?是的,我应该注意到所有conf文件都位于/etc/nginx/conf.d/,应该包含在
include/etc/nginx/conf.d/*.conf中代码>我可以删除主机名,它们在那里进行测试(我在网上读到的东西)-最初看起来更像这样:listen80代码>无论哪种情况(有或没有),当您指向conf文件时,conf文件都可以工作-使用sub.domain.com使用正确的conf文件。我很困惑,然后,我将发布一个工作示例,该示例在一台服务器上工作,我已经在那里收听test.se1.home-v.ind.In,test.se2.home-v.ind.In,test.se3.home-v.ind.in和test.se4.home-v.ind.in se1和se2有合适的侦听器,其他所有内容都返回404。听起来不错,感谢您的帮助!期待着比较配置,看看我可能会在这里出错。更新了我的答案与nginx.conf服务多个网站,一些重定向到实际页面,而所有其他重定向到404。
user nginx;
worker_processes auto;
error_log stderr notice;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
sendfile on;
tcp_nopush on;
keepalive_timeout 300s;
ssl_certificate /etc/pki/nginx/fullchain.pem;
ssl_certificate_key /etc/pki/nginx/privkey.pem;
ssl_dhparam /etc/pki/nginx/dhparams.pem;
ssl_protocols TLSv1.2;
ssl_ciphers EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
ssl_prefer_server_ciphers on;
ssl_buffer_size 1400;
ssl_session_timeout 1d;
ssl_session_cache shared:SSL:50m;
ssl_stapling on;
ssl_stapling_verify on;
ssl_trusted_certificate /etc/pki/nginx/fullchain.pem;
add_header "Cache-Control" "no-transform";
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;
resolver 8.8.8.8 8.8.4.4 216.146.35.35 216.146.36.36 valid=60s;
resolver_timeout 2s;
server {
listen 80 default_server;
server_name _;
return 301 https://$host$request_uri;
}
server {
listen 443 ssl http2;
server_name test.se1.home-v.ind.in;
root /usr/share/nginx/html;
location /.well-known { satisfy any; allow all; try_files $uri $uri/ =404; }
location /robots.txt { satisfy any; allow all; add_header Content-Type text/plain; return 200 "User-agent: *\nDisallow: /\n"; }
location / { satisfy any; allow all; add_header Content-Type text/plain; return 200 "Test Site 1"; }
}
server {
listen 443 ssl http2;
server_name test.se2.home-v.ind.in;
root /usr/share/nginx/html;
location /.well-known { satisfy any; allow all; try_files $uri $uri/ =404; }
location /robots.txt { satisfy any; allow all; add_header Content-Type text/plain; return 200 "User-agent: *\nDisallow: /\n"; }
location / { satisfy any; allow all; add_header Content-Type text/plain; return 200 "Test Site 2"; }
}
server {
listen 443 ssl http2 default_server;
server_name _;
root /usr/share/nginx/html;
location /.well-known { satisfy any; allow all; try_files $uri $uri/ =404; }
location / { return 404; }
}
}