[英]Varnish with Apache2 using mod_ssl and mod_proxy causing issues
I have installed the Varnish with Apach2 and setup that using the HTTP proxy apache module and used the headers to get the Data over HTTP and send it to HTTPS using reverse proxy. I have installed the Varnish with Apach2 and setup that using the HTTP proxy apache module and used the headers to get the Data over HTTP and send it to HTTPS using reverse proxy.
ProxyPreserveHost On
ProxyPass / http://127.0.0.1:80/
ProxyPassReverse / http://127.0.0.1:80/
RequestHeader set X-Forwarded-Port “443”
RequestHeader set X-Forwarded-Proto “https
But the issue I am facing this setup is the Browser error Content is loading from HTTP over HTTPS has been blocked.但我面临此设置的问题是浏览器错误内容正在从 HTTP 加载到 HTTPS 已被阻止。
Mixed Content: The page at '' was loaded over HTTPS, but requested an insecure stylesheet ''.混合内容:“”处的页面已通过 HTTPS 加载,但请求了不安全的样式表“”。 This request has been blocked;此请求已被阻止; the content must be served over HTTPS.内容必须通过 HTTPS 提供。
Please help to understand where I am wrong and how can I make this work?请帮助了解我错在哪里以及如何使这项工作?
Thank you in Advance.先感谢您。
There's not a whole lot of context about the setup and the configuration, but based on the information you provided I'm going to assume you're using Apache to first terminate the TLS connection and then forward that traffic to Varnish.关于设置和配置的上下文并不多,但根据您提供的信息,我假设您使用 Apache 首先终止 TLS 连接,然后将该流量转发到 Varnish。
I'm also assuming Apache is also configured as the backend in Varnish listening on a port like 8080 whereas Varnish is on 80 and the HTTPS Apache vhost is on 443.我还假设 Apache 也配置为 Varnish 的后端,在 8080 等端口上侦听,而 Varnish 在 80 上,HTTPS ZE9713AE04A02A8123D6F33DD956 上
The one thing that might be missing in your setup is a cache variation based on the X-Forwarded-Proto
header.您的设置中可能缺少的一件事是基于X-Forwarded-Proto
header 的缓存变体。
I would advise you to set that cache variation using the following configuration:我建议您使用以下配置设置该缓存变体:
Header append Vary: X-Forwarded-Proto
This uses mod_headers
and can either be set in your .htaccess
file or your vhost configuration.这使用mod_headers
并且可以在您的.htaccess
文件或您的虚拟主机配置中设置。
It should allow Varnish to be aware of the variations based on the Vary: X-Forwarded-Proto
header and store a version for HTTP and one for HTTPS.它应该允许 Varnish 了解基于Vary: X-Forwarded-Proto
header 并存储 HTTP 的版本和 Z0E8433F9A404F1F3BA601C14B026D23 的版本。
This will prevent HTTP content being stored when HTTPS content is requested and vice versa.这将防止在请求 HTTPS 内容时存储 HTTP 内容,反之亦然。
If you want to make sure the issue behaves as I'm expecting it to, please perform a test using the following steps:如果您想确保问题的行为符合我的预期,请使用以下步骤执行测试:
sudo varnishadm ban obj.status "!=" 0
通过sudo varnishadm ban obj.status "!=" 0
清除缓存Then fix the issue through the Vary: X-Forwarded-Proto
header and try the testcase again.然后通过Vary: X-Forwarded-Proto
header 修复问题并再次尝试测试用例。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.