使用Nginx作为反向代理将http路由到https
[英]Routing http to https using nginx as a reverse proxy
问题描述
I have a site which has a login page that I need to use https with. 
我有一个网站,该网站有一个登录页面,我需要使用该登录页面。 I am running the site using django on apache with an nginx front-end acting as a reverse proxy doing two things: 我正在apache上使用django运行该站点,并且nginx前端充当反向代理,可做两件事:
1) serving all the django static content 2) configured to support ssl 1)提供所有django静态内容2)配置为支持ssl
the ssl stuff is all setup and seems to be working correctly....ie i can go to both ssl的东西已经全部安装好了,似乎工作正常。
http://www.mysite.com/login http://www.mysite.com/login
and 和
https://www.mysite.com/login https://www.mysite.com/login
with no problems, and the https asks me to verify the certificate etc. 没问题,并且https要求我验证证书等。
my problem is i am trying to set nginx up so that its not possible to enter a password in a login page that is not https. 我的问题是我正在尝试设置nginx,以便无法在非https的登录页面中输入密码。 i cannot get it to do this re-direct. 我不能让它这样做重定向。
can someone please explain how this works 有人可以解释一下它是如何工作的吗
ssl is running on 443 and nginx is forwarding on port 80 ssl在443上运行,nginx在端口80上转发
thanks 谢谢
2 个解决方案
解决方案1
1 2011-01-12 18:39:45
These redirects are better suited for configuration in your web app, not Nginx, because while you might hardcode redirects in Nginx, it's just easier to set them up in Python where it's directly related to your views. 这些重定向更适合在Web应用程序(而不是Nginx)中进行配置,因为虽然您可以在Nginx中对重定向进行硬编码,但在与视图直接相关的Python中进行设置更容易。
Just my opinion of course. 当然只是我的意见。
There are tons of SSL redirect middlewares on djangosnippets that will redirect a url to https. djangosnippets上有大量的SSL重定向中间件,它们会将URL重定向到https。
Here's one with a decorator so you can just do @secure on your view. 这是一个带有装饰器的装饰器,因此您可以在视图上执行@secure 。 http://djangosnippets.org/snippets/1999/ http://djangosnippets.org/snippets/1999/
I peresonally use this one modified slightly http://djangosnippets.org/snippets/880/ where I set certain url paths to be SSL in the settings.py file. 我在Person上使用了经过稍微修改的http://djangosnippets.org/snippets/880/ ,其中在settings.py文件中将某些网址路径设置为SSL。
For example, in my conf I have: SSL_URLS = ( '/cart/', '/checkout/', '/accounts/' ) 例如,在我的conf中,我有: SSL_URLS = ( '/cart/', '/checkout/', '/accounts/' )
解决方案2
1 2011-01-12 19:13:11
What about redirecting the url http://www.mysite.com/login to https ://www.mysite.com/login at the nginx proxy level, this would avoid any django machinery to be loaded, making it much faster and responsive. 在nginx代理级别将网址http://www.mysite.com/login重定向到https://www.mysite.com/login怎么样,这将避免加载任何django机制,从而使其更快,响应速度更快。 。
You could add to your nginx config 您可以添加到您的Nginx配置
location /login {
# redirect to secure page [permanent | redirect]
rewrite ^/login(.*) https://www.mysite.com/login permanent;
}
basicly redirect any /login to its https conterpart. 基本上将任何/ login重定向到其https conterpart。
hope it helps. 希望能帮助到你。
UPDATE 更新
make sure you listen to port 443 确保您监听端口443
server {
listen yourIP:80;
server_name yourdomain.com;
# redirect /login to the https page
location /login {
# redirect to secure page [permanent | redirect]
rewrite ^/login(.*) https://www.mysite.com/login permanent;
}
}
#the HTTPS section listening to port 443
server {
listen yourIP:443;
server_name yourdomain.com;
location / {
#your proxy code or root setting
}
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.