仅在 https 上出现禁止 403 错误,但 url http 工作正常
Getting forbidden 403 error only on https but url http working fine
在我的服务器上,我在 root 上有 wordpress 站点,在 wordpress 中有 codeigniter 项目作为子文件夹,我为 codeigniter 项目创建了子域。两者在没有 SSL 的情况下都工作正常现在我想在子域项目上应用 SSL,同时在这个问题上应用 ssl。当我使用 https://subdomain.example.com 打开网站时,它给我禁止的 403 错误。
以下是我在 apache 上托管的网站示例。我的根 wordpress 项目有符号 link。
http://example.com - 工作正常 - root 上的 wordpress 项目
http://subdomain.example.com - 工作正常 - wordpress 项目文件夹下的 codeigniter 项目
https://subdomain.example.com - 出现禁止错误
以下是我的apache ssl虚拟主机文件数据。
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerAlias subdomain.example.com
ServerName subdomain.example.com
DocumentRoot /var/www/html/wordpress
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
SSLEngine on
SSLCertificateFile /home/ubuntu/wordpress/cdq/my-ssl-certifications/fc1d71b08ac8aab1.crt
SSLCertificateKeyFile /home/ubuntu/wordpress/cdq/my-ssl-certifications/host.key
SSLCertificateChainFile /home/ubuntu/wordpress/cdq/my-ssl-certifications/gd_bundle-g2-g1.crt
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory /usr/lib/cgi-bin>
SSLOptions +StdEnvVars
</Directory>
<Directory /var/www/html/wordpress>
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Require all granted
</Directory>
</VirtualHost>
</IfModule>
wordpress项目的htaccess
RewriteEngine On
RewriteCond %{HTTP_HOST} subdomain.example.com$
RewriteCond %{REQUEST_URI} !^/subfolder
RewriteRule ^(.*)$ /subfolder/ [L]
RewriteBase /
RewriteRule ^index\.php$ - [L]
# add a trailing slash to /wp-admin
RewriteRule ^wp-admin$ wp-admin/ [R=301,L]
RewriteCond %{REQUEST_FILENAME} -f [OR]
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule ^ - [L]
RewriteRule ^(wp-(content|admin|includes).*) [L]
RewriteRule ^(.*\.php)$ [L]
RewriteRule . index.php [L]
子文件夹项目的 htaccess
RewriteEngine on
RewriteBase /
RewriteCond %{REQUEST_FILENAME} -s [OR]
RewriteCond %{REQUEST_FILENAME} -l [OR]
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule ^.*$ - [NC,L]
RewriteRule ^(.*)$ /index.php/ [L]
您的配置中存在一些与权限相关的问题:
<Directory /var/www/html/wordpress>
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Require all granted
</Directory>
所有文件都需要授权。所以你所要做的就是让它像:
<Directory "/var/www/html/wordpress">
AllowOverride All
</Directory>
P.S. 我已经修改了你的文件,你可以这样使用它:
<IfModule mod_ssl.c>
<VirtualHost _default_:443>
ServerAlias subdomain.example.com
ServerName subdomain.example.com
DocumentRoot /var/www/html/wordpress
<Directory "/var/www/html/wordpress">
AllowOverride All
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
SSLEngine on
SSLCertificateFile /home/ubuntu/wordpress/cdq/my-ssl-certifications/fc1d71b08ac8aab1.crt
SSLCertificateKeyFile /home/ubuntu/wordpress/cdq/my-ssl-certifications/host.key
SSLCertificateChainFile /home/ubuntu/wordpress/cdq/my-ssl-certifications/gd_bundle-g2-g1.crt
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory /usr/lib/cgi-bin>
SSLOptions +StdEnvVars
</Directory>
BrowserMatch "MSIE [2-6]" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown
</VirtualHost>
没有大的变化。我只是根据我的工作文件修改它。希望对你有帮助。
问题终于解决了。问题在于项目文件夹结构的权限。现在一切正常
在我的服务器上,我在 root 上有 wordpress 站点,在 wordpress 中有 codeigniter 项目作为子文件夹,我为 codeigniter 项目创建了子域。两者在没有 SSL 的情况下都工作正常现在我想在子域项目上应用 SSL,同时在这个问题上应用 ssl。当我使用 https://subdomain.example.com 打开网站时,它给我禁止的 403 错误。
以下是我在 apache 上托管的网站示例。我的根 wordpress 项目有符号 link。
http://example.com - 工作正常 - root 上的 wordpress 项目
http://subdomain.example.com - 工作正常 - wordpress 项目文件夹下的 codeigniter 项目
https://subdomain.example.com - 出现禁止错误
以下是我的apache ssl虚拟主机文件数据。
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerAlias subdomain.example.com
ServerName subdomain.example.com
DocumentRoot /var/www/html/wordpress
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
SSLEngine on
SSLCertificateFile /home/ubuntu/wordpress/cdq/my-ssl-certifications/fc1d71b08ac8aab1.crt
SSLCertificateKeyFile /home/ubuntu/wordpress/cdq/my-ssl-certifications/host.key
SSLCertificateChainFile /home/ubuntu/wordpress/cdq/my-ssl-certifications/gd_bundle-g2-g1.crt
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory /usr/lib/cgi-bin>
SSLOptions +StdEnvVars
</Directory>
<Directory /var/www/html/wordpress>
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Require all granted
</Directory>
</VirtualHost>
</IfModule>
wordpress项目的htaccess
RewriteEngine On
RewriteCond %{HTTP_HOST} subdomain.example.com$
RewriteCond %{REQUEST_URI} !^/subfolder
RewriteRule ^(.*)$ /subfolder/ [L]
RewriteBase /
RewriteRule ^index\.php$ - [L]
# add a trailing slash to /wp-admin
RewriteRule ^wp-admin$ wp-admin/ [R=301,L]
RewriteCond %{REQUEST_FILENAME} -f [OR]
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule ^ - [L]
RewriteRule ^(wp-(content|admin|includes).*) [L]
RewriteRule ^(.*\.php)$ [L]
RewriteRule . index.php [L]
子文件夹项目的 htaccess
RewriteEngine on
RewriteBase /
RewriteCond %{REQUEST_FILENAME} -s [OR]
RewriteCond %{REQUEST_FILENAME} -l [OR]
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule ^.*$ - [NC,L]
RewriteRule ^(.*)$ /index.php/ [L]
您的配置中存在一些与权限相关的问题:
<Directory /var/www/html/wordpress>
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Require all granted
</Directory>
所有文件都需要授权。所以你所要做的就是让它像:
<Directory "/var/www/html/wordpress">
AllowOverride All
</Directory>
P.S. 我已经修改了你的文件,你可以这样使用它:
<IfModule mod_ssl.c>
<VirtualHost _default_:443>
ServerAlias subdomain.example.com
ServerName subdomain.example.com
DocumentRoot /var/www/html/wordpress
<Directory "/var/www/html/wordpress">
AllowOverride All
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
SSLEngine on
SSLCertificateFile /home/ubuntu/wordpress/cdq/my-ssl-certifications/fc1d71b08ac8aab1.crt
SSLCertificateKeyFile /home/ubuntu/wordpress/cdq/my-ssl-certifications/host.key
SSLCertificateChainFile /home/ubuntu/wordpress/cdq/my-ssl-certifications/gd_bundle-g2-g1.crt
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory /usr/lib/cgi-bin>
SSLOptions +StdEnvVars
</Directory>
BrowserMatch "MSIE [2-6]" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown
</VirtualHost>
没有大的变化。我只是根据我的工作文件修改它。希望对你有帮助。
问题终于解决了。问题在于项目文件夹结构的权限。现在一切正常