nginx 无限循环301

txjcv · 发表于 2024-4-15 13:14:13

本帖最后由 txjcv 于 2024-4-15 13:26 编辑
[ol]

server

{

listen 80;

listen [::]:80;

server_name test.com ;

index index.html index.htm index.php default.html default.htm default.php;

root /home/wwwroot/test.com;

#include rewrite/none.conf;

#error_page 404 /404.html;

# Deny access to PHP files in specific directory

#location ~ /(wp-content|uploads|wp-includes|images)/.*\.php$ { deny all; }

include enable-php.conf;

location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$

{

expires 30d;

}

location ~ .*\.(js|css)?$

{

expires 12h;

}

location ~ /.well-known {

allow all;

}

location ~ /\.

{

deny all;

}

location / {

return 301 https://$host$request_uri;

}

access_log /home/wwwlogs/test.com.log;

}

server

{

listen 443 ssl http2;

listen [::]:443 ssl http2;

server_name test.com ;

index curl.html index.html index.htm index.php default.html default.htm default.php;

root /home/wwwroot/test.com;

ssl_certificate /usr/local/nginx/conf/ssl/test.com/fullchain.cer;

ssl_certificate_key /usr/local/nginx/conf/ssl/test.com/test.com.key;

ssl_session_timeout 5m;

ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;

ssl_prefer_server_ciphers on;

ssl_ciphers "TLS13-AES-256-GCM-SHA384:TLS13-CHACHA20-POLY1305-SHA256:TLS13-AES-128-GCM-SHA256:TLS13-AES-128-CCM-8-SHA256:TLS13-AES-128-CCM-SHA256:EECDH+CHACHA20:EECDH+CHACHA20-draft:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5";

ssl_session_cache builtin:1000 shared:SSL:10m;

# openssl dhparam -out /usr/local/nginx/conf/ssl/dhparam.pem 2048

ssl_dhparam /usr/local/nginx/conf/ssl/dhparam.pem;

if ( $http_user_agent !~* curl ){

return 301 https://test.com/other/index.html;

}

include rewrite/none.conf;

#error_page 404 /404.html;

# Deny access to PHP files in specific directory

#location ~ /(wp-content|uploads|wp-includes|images)/.*\.php$ { deny all; }

include enable-php.conf;

location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$

{

expires 30d;

}

location ~ .*\.(js|css)?$

{

expires 12h;

}

location ~ /.well-known {

allow all;

}

location ~ /\.

{

deny all;

}

access_log /home/wwwlogs/test.com.log;

}

[/ol]复制代码

curl -I --user-agent "Mozilla" http://test.com/other/index.html
无限循环本身

榆木 · 发表于 2024-4-15 13:15:45

带套了吧把套的回源改成 443

txjcv · 发表于 2024-4-15 13:17:37

榆木发表于 2024-4-15 13:15

带套了吧把套的回源改成 443
没有套cdn
我是这样的 curl 访问网站就让他默认访问一个 curl.html 无意的空白内容
然后非curl访问的话我就让他301到网站/other/index.html正常页面

allnetstore · 发表于 2024-4-15 13:15:00

这种事情问GPT

jqbaobao · 发表于 2024-4-15 13:17:41

请求访问80
80收到，你应该跳转443
请求访问443
443收到，回源80

重复以上操作

榆木 · 发表于 2024-4-15 13:18:26

txjcv 发表于 2024-4-15 13:17

没有套cdn
我是这样的 curl 访问网站就让他默认访问一个 curl.html 无意的空白内容
然后非curl访问的话我 ...
if ( $http_user_agent !~* curl ){

      return 301 http://test.com/other/index.html;

      }

改成 https://test.com/other/index.html

wuxudd · 发表于 2024-4-15 13:20:23

你301不写在 location下，那不等于所有非curl请求都进行一遍301啊，包括已经301跳转的请求。

txjcv · 发表于 2024-4-15 13:17:00

本帖最后由 txjcv 于 2024-4-15 13:23 编辑

榆木发表于 2024-4-15 13:20

if ( $http_user_agent !~* curl ){

return 301 http://test.com/other/index.html;

也不行，非得要再开一个子域名网站吗？或者外部域

txjcv · 发表于 2024-4-15 13:21:00

本帖最后由 txjcv 于 2024-4-15 13:27 编辑

wuxudd 发表于 2024-4-15 13:21

你301不写在 location下，那不等于所有非curl请求都进行一遍301啊，包括已经301跳转的请求。 ...

这个301是默认lnmp脚本的 http重定向到https的配置

我重新修改下[ol]

server

{

listen 80;

listen [::]:80;

server_name test.com ;

index index.html index.htm index.php default.html default.htm default.php;

root /home/wwwroot/test.com;

return 301 https://$server_name$request_uri;

#include rewrite/none.conf;

#error_page 404 /404.html;

# Deny access to PHP files in specific directory

#location ~ /(wp-content|uploads|wp-includes|images)/.*\.php$ { deny all; }

include enable-php.conf;

location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$

{

expires 30d;

}

location ~ .*\.(js|css)?$

{

expires 12h;

}

location ~ /.well-known {

allow all;

}

location ~ /\.

{

deny all;

}

#location / {

# return 301 https://$host$request_uri;

#}

access_log /home/wwwlogs/test.com.log;

}

server

{

listen 443 ssl http2;

listen [::]:443 ssl http2;

server_name test.com ;

index curl.html index.html index.htm index.php default.html default.htm default.php;

root /home/wwwroot/test.com;

ssl_certificate /usr/local/nginx/conf/ssl/test.com/fullchain.cer;

ssl_certificate_key /usr/local/nginx/conf/ssl/test.com/test.com.key;

ssl_session_timeout 5m;

ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;

ssl_prefer_server_ciphers on;

ssl_ciphers "TLS13-AES-256-GCM-SHA384:TLS13-CHACHA20-POLY1305-SHA256:TLS13-AES-128-GCM-SHA256:TLS13-AES-128-CCM-8-SHA256:TLS13-AES-128-CCM-SHA256:EECDH+CHACHA20:EECDH+CHACHA20-draft:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5";

ssl_session_cache builtin:1000 shared:SSL:10m;

# openssl dhparam -out /usr/local/nginx/conf/ssl/dhparam.pem 2048

ssl_dhparam /usr/local/nginx/conf/ssl/dhparam.pem;

if ( $http_user_agent !~* curl ){

return 301 https://test.com/other/index.html;

}

include rewrite/none.conf;

#error_page 404 /404.html;

# Deny access to PHP files in specific directory

#location ~ /(wp-content|uploads|wp-includes|images)/.*\.php$ { deny all; }

include enable-php.conf;

location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$

{

expires 30d;

}

location ~ .*\.(js|css)?$

{

expires 12h;

}

location ~ /.well-known {

allow all;

}

location ~ /\.

{

deny all;

}

access_log /home/wwwlogs/test.com.log;

}

[/ol]复制代码
也是不行

wuxudd · 发表于 2024-4-15 13:21:16

txjcv 发表于 2024-4-15 13:25

这个301是默认lnmp脚本的  http重定向到https的配置
      if ( $http_user_agent !~* curl ){

      return 301 https://test.com/other/index.html;

      }

这一行，你在location下写，排除other目录。

		自动登录	找回密码
密码			立即注册