如何在 Nginx 和清漆后面的 Apache 上解决 ERR_INVALID_REDIRECT 的 HTTPS Wordpress 网站?
How to solve ERR_INVALID_REDIRECT for an HTTPS Wordpress website on Apache behind Nginx and varnish?
我的网站主页returns“ERR_INVALID_REDIRECT”。该网站的所有其他页面都很好。它只是 returns 主页的这个问题(意思是:https://www.mywebsiteurl.com/)。
原因是 Wordpress 决定重定向到“https:///”(参见下面的屏幕截图:X-redirect-by:Wordpress)
我已经:
- 清除了我的浏览器缓存
- 重新启动 Nginx、Varnish 和 Apache
- 停用 wordpress 的插件
- 在我的 wp-config.php 文件中 WP_HOME 和 WP_SITEURL 设置正确。
我刚刚升级到 Wordpress: 5.6.1 并且昨天还更新了我的主题。升级前没有问题。所以问题肯定来自这些操作之一。
我的问题是,我还应该检查什么?
我可以采取哪些下一步行动来找出问题的根源?我能以某种方式进行任何高级调试吗?
非常感谢。
更新 #1
Mywebsite.conf
<VirtualHost *:8080>
ServerName www.mywebsite.com
DocumentRoot /var/www/wordpress/
LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b \"%{User-agent}i\"" varnishcombined
ErrorLog /var/log/apache2/wordpress/mywebsite-error.log
CustomLog /var/log/apache2/wordpress/mywebsite-access.log varnishcombined
</VirtualHost>
wordpress.conf
<Directory /var/www/wordpress/>
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
</Directory>
<VirtualHost *:80>
ServerName 139.162.xx.xx #I masked the IP here
#Redirect permanent / http://www.mywebsite.com/
ServerAdmin webmaster@localhost
DocumentRoot /var/www/wordpress/
ErrorLog /var/log/apache2/wordpress/error.log
CustomLog /var/log/apache2/wordpress/access.log combined
<files xmlrpc.php>
order allow,deny
deny from all
</files>
</VirtualHost>
不应考虑来自 wordpress.com 的最后一个虚拟主机,因为 Apache 仅侦听端口 8080。
Nginx,我的前端网络服务器侦听端口 80 和 443。
更新#2
mywebsite.conf(Nginx 配置文件)
server {
listen 443;
server_name www.mywebsite.com;
port_in_redirect off;
ssl on;
ssl_certificate /etc/ssl/private/mywebsite.com.chained.crt;
ssl_certificate_key /etc/ssl/private/mywebsite_com_key.txt;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!dSS;
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:20m;
ssl_session_timeout 60m;
add_header Strict-Transport-Security "max-age=31536000";
add_header X-Content-Type-Options nosniff;
location / {
proxy_pass http://127.0.0.1:6081;
proxy_read_timeout 90;
proxy_redirect off;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;
proxy_set_header X-Forwarded-Port 443;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Host $http_host;
proxy_set_header HTTPS "on";
}
}
server {
listen 443 ssl;
server_name mywebsite.com;
return 301 https://www.mywebsite.com$request_uri;
}
server {
listen 80 default_server;
server_name _;
return 301 https://$host$request_uri;
}
更新 #3
#curl -v -H 'Host: www.mywebsite.com' http://127.0.0.1:8080/
* Expire in 0 ms for 6 (transfer 0x56356f708f50)
* Trying 127.0.0.1...
* TCP_NODELAY set
* Expire in 200 ms for 4 (transfer 0x56356f708f50)
* Connected to 127.0.0.1 (127.0.0.1) port 8080 (#0)
> GET / HTTP/1.1
> Host: www.mywebsite.com
> User-Agent: curl/7.64.0
> Accept: */*
>
< HTTP/1.1 301 Moved Permanently
< Date: Wed, 24 Feb 2021 14:32:06 GMT
< Server: Apache/2.4.38 (Debian)
< X-Redirect-By: WordPress
< Location: https://www.mywebsite.com/
< Content-Length: 0
< Content-Type: text/html; charset=UTF-8
<
* Connection #0 to host 127.0.0.1 left intact
知道了。
我的 wp-config.php 有错字(是 HTTP_X_FORWRDED_HOST 而不是 HTTP_X_FORWARDED_HOST)...
/**
* * Handle SSL reverse proxy
* */
if ($_SERVER[HTTP_X_FORWARDED_PROTO] == https)
$_SERVER[HTTPS]=on;
if (isset($_SERVER[HTTP_X_FORWARDED_HOST])) {
$_SERVER[HTTP_HOST] = $_SERVER[HTTP_X_FORWARDED_HOST];
}
我的网站主页returns“ERR_INVALID_REDIRECT”。该网站的所有其他页面都很好。它只是 returns 主页的这个问题(意思是:https://www.mywebsiteurl.com/)。
原因是 Wordpress 决定重定向到“https:///”(参见下面的屏幕截图:X-redirect-by:Wordpress)
我已经:
- 清除了我的浏览器缓存
- 重新启动 Nginx、Varnish 和 Apache
- 停用 wordpress 的插件
- 在我的 wp-config.php 文件中 WP_HOME 和 WP_SITEURL 设置正确。
我刚刚升级到 Wordpress: 5.6.1 并且昨天还更新了我的主题。升级前没有问题。所以问题肯定来自这些操作之一。
我的问题是,我还应该检查什么? 我可以采取哪些下一步行动来找出问题的根源?我能以某种方式进行任何高级调试吗?
非常感谢。
更新 #1
Mywebsite.conf
<VirtualHost *:8080>
ServerName www.mywebsite.com
DocumentRoot /var/www/wordpress/
LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b \"%{User-agent}i\"" varnishcombined
ErrorLog /var/log/apache2/wordpress/mywebsite-error.log
CustomLog /var/log/apache2/wordpress/mywebsite-access.log varnishcombined
</VirtualHost>
wordpress.conf
<Directory /var/www/wordpress/>
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
</Directory>
<VirtualHost *:80>
ServerName 139.162.xx.xx #I masked the IP here
#Redirect permanent / http://www.mywebsite.com/
ServerAdmin webmaster@localhost
DocumentRoot /var/www/wordpress/
ErrorLog /var/log/apache2/wordpress/error.log
CustomLog /var/log/apache2/wordpress/access.log combined
<files xmlrpc.php>
order allow,deny
deny from all
</files>
</VirtualHost>
不应考虑来自 wordpress.com 的最后一个虚拟主机,因为 Apache 仅侦听端口 8080。 Nginx,我的前端网络服务器侦听端口 80 和 443。
更新#2
mywebsite.conf(Nginx 配置文件)
server {
listen 443;
server_name www.mywebsite.com;
port_in_redirect off;
ssl on;
ssl_certificate /etc/ssl/private/mywebsite.com.chained.crt;
ssl_certificate_key /etc/ssl/private/mywebsite_com_key.txt;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!dSS;
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:20m;
ssl_session_timeout 60m;
add_header Strict-Transport-Security "max-age=31536000";
add_header X-Content-Type-Options nosniff;
location / {
proxy_pass http://127.0.0.1:6081;
proxy_read_timeout 90;
proxy_redirect off;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;
proxy_set_header X-Forwarded-Port 443;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Host $http_host;
proxy_set_header HTTPS "on";
}
}
server {
listen 443 ssl;
server_name mywebsite.com;
return 301 https://www.mywebsite.com$request_uri;
}
server {
listen 80 default_server;
server_name _;
return 301 https://$host$request_uri;
}
更新 #3
#curl -v -H 'Host: www.mywebsite.com' http://127.0.0.1:8080/
* Expire in 0 ms for 6 (transfer 0x56356f708f50)
* Trying 127.0.0.1...
* TCP_NODELAY set
* Expire in 200 ms for 4 (transfer 0x56356f708f50)
* Connected to 127.0.0.1 (127.0.0.1) port 8080 (#0)
> GET / HTTP/1.1
> Host: www.mywebsite.com
> User-Agent: curl/7.64.0
> Accept: */*
>
< HTTP/1.1 301 Moved Permanently
< Date: Wed, 24 Feb 2021 14:32:06 GMT
< Server: Apache/2.4.38 (Debian)
< X-Redirect-By: WordPress
< Location: https://www.mywebsite.com/
< Content-Length: 0
< Content-Type: text/html; charset=UTF-8
<
* Connection #0 to host 127.0.0.1 left intact
知道了。 我的 wp-config.php 有错字(是 HTTP_X_FORWRDED_HOST 而不是 HTTP_X_FORWARDED_HOST)...
/**
* * Handle SSL reverse proxy
* */
if ($_SERVER[HTTP_X_FORWARDED_PROTO] == https)
$_SERVER[HTTPS]=on;
if (isset($_SERVER[HTTP_X_FORWARDED_HOST])) {
$_SERVER[HTTP_HOST] = $_SERVER[HTTP_X_FORWARDED_HOST];
}