军哥,lnmp1。4,加了ssl后,magento系统做了http跳转到https,发现网站所有保存功能不能用了
军哥,lnmp1。4,加了ssl后,magento系统做了http跳转到https,发现网站所有保存功能不能用了。http如果不做跳转,http和https访问都没有问题,但是做跳转就不好用了跳转代码如下:
server
{
listen 80;
#listen [::]:80;
server_name www.test.com tset.com;
return 301 https://www.test.com$request_uri;
}
生成的session是不可写的,求解,谢谢军哥。
回复 1# 的帖子
可能magento后台 Use Secure URLs in Frontend 和 Use Secure URLs 没开启回复 2# 的帖子
Use Secure URLs in Frontend 和 Use Secure URLs,都开启了,如果http和https分别访问都没问题,就是加了那个301跳转后,就不能保存了。 这个就不打清楚了,可能保存功能页面上有http的链接回复 4# 的帖子
如果不做强制http使用https访问的跳转,分别访问http和https都没问题,实在是找不到原因了,帮看下配置文件,是不是哪里有问题magento的伪静态:
location / {
index index.html index.php; ## Allow a static html file to be shown first
try_files $uri $uri/ @handler; ## If missing pass the URI to Magento's front handler
expires 30d; ## Assume all files are cachable
}
## These locations would be hidden by .htaccess normally
location /app/ { deny all; }
location /includes/ { deny all; }
location /lib/ { deny all; }
location /media/downloadable/ { deny all; }
location /pkginfo/ { deny all; }
location /report/config.xml { deny all; }
location /var/ { deny all; }
location /downloader/ { deny all; }
location /var/export/ { ## Allow admins only to view export folder
auth_basic "Restricted"; ## Message shown in login window
auth_basic_user_file htpasswd; ## See /etc/nginx/htpassword
autoindex on;
}
location/. { ## Disable .htaccess and other hidden files
return 404;
}
location @handler { ## Magento uses a common front handler
rewrite / /index.php;
}
location ~ .php/ { ## Forward paths like /js/index.php/x.js to relevant handler
rewrite ^(.*.php)/ $1 last;
}
sever的配置:
server
{
listen 80;
#listen [::]:80;
server_name www.testA.com testA.com;
return 301 https://www.testA.com$request_uri;
}
server
{
listen 443 ssl http2;
#listen [::]:443 ssl http2;
server_name www.testA.com testA.com;
index index.html index.htm index.php default.html default.htm default.php;
root/home/wwwroot/program/testA;
ssl on;
ssl_certificate /etc/letsencrypt/live/www.testA.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/www.testA.com/privkey.pem;
ssl_session_timeout 5m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers "EECDH+CHACHA20:EECDH+CHACHA20-draft:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5";
ssl_session_cache builtin:1000 shared:SSL:10m;
# openssl dhparam -out /usr/local/nginx/conf/ssl/dhparam.pem 2048
ssl_dhparam /usr/local/nginx/conf/ssl/dhparam.pem;
include mg.conf;
#error_page 404 /404.html;
# Deny access to PHP files in specific directory
#location ~ /(wp-content|uploads|wp-includes|images)/.*.php$ { deny all; }
include enable-php.conf;
location ~ [^/].php(/|$)
{
# comment try_files $uri =404; to enable pathinfo
try_files $uri =404;
fastcgi_passunix:/tmp/php-cgi.sock;
fastcgi_index index.php;
include fastcgi.conf;
}
location ~ .*.(gif|jpg|jpeg|png|bmp|swf)$
{
expires 30d;
}
location ~ .*.(js|css)?$
{
expires 12h;
}
location ~ /.well-known {
allow all;
}
location ~ /.
{
deny all;
}
access_log/home/wwwlogs/www.testA.com.log;
}
[ 本帖最后由 gfjustme 于 2017-6-16 11:48 编辑 ]
回复 5# 的帖子
这个和配置文件应该没关系,建议去官方论坛问一下
页:
[1]