VPS侦探论坛

标题: 军哥，lnmp1。4，加了ssl后，magento系统做了http跳转到https，发现网站所有保存功能不能用了 [打印本页]

作者: gfjustme 时间: 2017-6-15 12:19
标题: 军哥，lnmp1。4，加了ssl后，magento系统做了http跳转到https，发现网站所有保存功能不能用了
军哥，lnmp1。4，加了ssl后，magento系统做了http跳转到https，发现网站所有保存功能不能用了。http如果不做跳转，http和https访问都没有问题，但是做跳转就不好用了
跳转代码如下：
server
{
      listen 80;
      #listen [::]:80;
      server_name www.test.com tset.com;
      return 301 https://www.test.com$request_uri;
}

生成的session是不可写的，求解，谢谢军哥。

作者: licess 时间: 2017-6-15 14:06
标题: 回复 1# 的帖子
可能magento后台 Use Secure URLs in Frontend 和 Use Secure URLs 没开启

作者: gfjustme 时间: 2017-6-15 14:12
标题: 回复 2# 的帖子
Use Secure URLs in Frontend 和 Use Secure URLs，都开启了，如果http和https分别访问都没问题，就是加了那个301跳转后，就不能保存了。

作者: licess 时间: 2017-6-16 09:20
这个就不打清楚了，可能保存功能页面上有http的链接

作者: gfjustme 时间: 2017-6-16 11:47
标题: 回复 4# 的帖子
如果不做强制http使用https访问的跳转，分别访问http和https都没问题,实在是找不到原因了，帮看下配置文件，是不是哪里有问题
magento的伪静态：
location / {
      index index.html index.php; ## Allow a static html file to be shown first
      try_files $uri $uri/ @handler; ## If missing pass the URI to Magento's front handler
      expires 30d; ## Assume all files are cachable
}

## These locations would be hidden by .htaccess normally
location /app/             { deny all; }
location /includes/          { deny all; }
location /lib/             { deny all; }
location /media/downloadable/ { deny all; }
location /pkginfo/          { deny all; }
location /report/config.xml { deny all; }
location /var/             { deny all; }
location /downloader/       { deny all; }

location /var/export/ { ## Allow admins only to view export folder
      auth_basic          "Restricted"; ## Message shown in login window
      auth_basic_user_file htpasswd; ## See /etc/nginx/htpassword
      autoindex          on;
}
   location  /. { ## Disable .htaccess and other hidden files
      return 404;
}

location @handler { ## Magento uses a common front handler
      rewrite / /index.php;
}

location ~ .php/ { ## Forward paths like /js/index.php/x.js to relevant handler
      rewrite ^(.*.php)/ $1 last;
}

sever的配置：
server
{
      listen 80;
      #listen [::]:80;
      server_name www.testA.com testA.com;
      return 301 https://www.testA.com$request_uri;
}

server
{
      listen 443 ssl http2;
      #listen [::]:443 ssl http2;
      server_name www.testA.com testA.com;
      index index.html index.htm index.php default.html default.htm default.php;
      root  /home/wwwroot/program/testA;
      ssl on;
      ssl_certificate /etc/letsencrypt/live/www.testA.com/fullchain.pem;
      ssl_certificate_key /etc/letsencrypt/live/www.testA.com/privkey.pem;
      ssl_session_timeout 5m;
      ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
      ssl_prefer_server_ciphers on;
      ssl_ciphers "EECDH+CHACHA20:EECDH+CHACHA20-draft:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5";
      ssl_session_cache builtin:1000 shared:SSL:10m;
      # openssl dhparam -out /usr/local/nginx/conf/ssl/dhparam.pem 2048
      ssl_dhparam /usr/local/nginx/conf/ssl/dhparam.pem;

      include mg.conf;
      #error_page 404 /404.html;

      # Deny access to PHP files in specific directory
      #location ~ /(wp-content|uploads|wp-includes|images)/.*.php$ { deny all; }

      include enable-php.conf;

      location ~ [^/].php(/|$)
      {
         # comment try_files $uri =404; to enable pathinfo
         try_files $uri =404;
         fastcgi_pass  unix:/tmp/php-cgi.sock;
         fastcgi_index index.php;
         include fastcgi.conf;
      }

      location ~ .*.(gif|jpg|jpeg|png|bmp|swf)$
      {
         expires    30d;
      }

      location ~ .*.(js|css)?$
      {
         expires    12h;
      }

      location ~ /.well-known {
         allow all;
      }

      location ~ /.
      {
         deny all;
      }

      access_log  /home/wwwlogs/www.testA.com.log;
}

[ 本帖最后由 gfjustme 于 2017-6-16 11:48 编辑 ]

作者: licess 时间: 2017-6-16 18:15
标题: 回复 5# 的帖子
这个和配置文件应该没关系，建议去官方论坛问一下

欢迎光临 VPS侦探论坛 (https://bbs.lnmp.com/)