Apache2 清漆使用 mod_ssl 和 mod_proxy 导致问题
[英]Varnish with Apache2 using mod_ssl and mod_proxy causing issues
问题描述
I have installed the Varnish with Apach2 and setup that using the HTTP proxy apache module and used the headers to get the Data over HTTP and send it to HTTPS using reverse proxy. 
I have installed the Varnish with Apach2 and setup that using the HTTP proxy apache module and used the headers to get the Data over HTTP and send it to HTTPS using reverse proxy.
ProxyPreserveHost On
ProxyPass / http://127.0.0.1:80/
ProxyPassReverse / http://127.0.0.1:80/
RequestHeader set X-Forwarded-Port “443”
RequestHeader set X-Forwarded-Proto “https
But the issue I am facing this setup is the Browser error Content is loading from HTTP over HTTPS has been blocked.但我面临此设置的问题是浏览器错误内容正在从 HTTP 加载到 HTTPS 已被阻止。
Mixed Content: The page at '' was loaded over HTTPS, but requested an insecure stylesheet ''.
Please help to understand where I am wrong and how can I make this work?请帮助了解我错在哪里以及如何使这项工作?
Thank you in Advance.先感谢您。
1 个解决方案
解决方案1
0 2022-01-27 14:18:44
There's not a whole lot of context about the setup and the configuration, but based on the information you provided I'm going to assume you're using Apache to first terminate the TLS connection and then forward that traffic to Varnish.关于设置和配置的上下文并不多,但根据您提供的信息,我假设您使用 Apache 首先终止 TLS 连接,然后将该流量转发到 Varnish。
I'm also assuming Apache is also configured as the backend in Varnish listening on a port like 8080 whereas Varnish is on 80 and the HTTPS Apache vhost is on 443.我还假设 Apache 也配置为 Varnish 的后端,在 8080 等端口上侦听,而 Varnish 在 80 上,HTTPS ZE9713AE04A02A8123D6F33DD956 上
Vary header变化 header
The one thing that might be missing in your setup is a cache variation based on the X-Forwarded-Proto header.您的设置中可能缺少的一件事是基于X-Forwarded-Proto header 的缓存变体。
I would advise you to set that cache variation using the following configuration:我建议您使用以下配置设置该缓存变体:
Header append Vary: X-Forwarded-Proto
This uses mod_headers and can either be set in your .htaccess file or your vhost configuration.这使用mod_headers并且可以在您的.htaccess文件或您的虚拟主机配置中设置。
It should allow Varnish to be aware of the variations based on the Vary: X-Forwarded-Proto header and store a version for HTTP and one for HTTPS.它应该允许 Varnish 了解基于Vary: X-Forwarded-Proto header 并存储 HTTP 的版本和 Z0E8433F9A404F1F3BA601C14B026D23 的版本。
This will prevent HTTP content being stored when HTTPS content is requested and vice versa.这将防止在请求 HTTPS 内容时存储 HTTP 内容,反之亦然。
A good way to simulate the issue模拟问题的好方法
If you want to make sure the issue behaves as I'm expecting it to, please perform a test using the following steps:如果您想确保问题的行为符合我的预期,请使用以下步骤执行测试:
- Clear your cache through
sudo varnishadm ban obj.status "!=" 0通过sudo varnishadm ban obj.status "!=" 0清除缓存 - Call the HTTP version of a page and ensure its stored in cache调用 HTTP 版本的页面并确保其存储在缓存中
- Call that same page over HTTP and check whether or not the mixed contenet errors occur通过 HTTP 调用同一页面并检查是否出现混合内容错误
Then fix the issue through the Vary: X-Forwarded-Proto header and try the testcase again.然后通过Vary: X-Forwarded-Proto header 修复问题并再次尝试测试用例。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.