[英]Nginx 1.10 and WordPress 3.6.1 Permalink issue
使用nginx时,WordPress的永久链接出现问题。 我试图在我的nginx的配置文件中添加以下行,但是仍然无法使这些永久链接正常工作:
location / {
try_files $uri $uri/ /en/index.php?$args;
}
在WordPress控制面板中启用永久链接时,出现404错误。
这是我的nginx conf文件,如果这可以帮助调查问题,因为我已经在网络上尝试了几乎所有内容。 我猜我的配置有些混乱:
server {
server_name blog.domain.com www.blog.domain.com;
listen 161.122.20.14;
return 301 https://$server_name$request_uri;
ssl_certificate /home/domain/domains/blog.domain.com/ssl.cert;
ssl_certificate_key /home/domain/domains/blog.domain.com/ssl.key;
}
server {
server_name blog.domain.com www.blog.domain.com;
listen 161.122.20.14:443 ssl http2;
root /home/domain/domains/blog.domain.com/public_html;
index index.html index.htm index.php;
access_log /var/log/virtualmin/blog.domain.com_access_log;
error_log /var/log/virtualmin/blog.domain.com_error_log;
fastcgi_param GATEWAY_INTERFACE CGI/1.1;
fastcgi_param SERVER_SOFTWARE nginx;
fastcgi_param QUERY_STRING $query_string;
fastcgi_param REQUEST_METHOD $request_method;
fastcgi_param CONTENT_TYPE $content_type;
fastcgi_param CONTENT_LENGTH $content_length;
fastcgi_param SCRIPT_FILENAME /home/domain/domains/blog.domain.com/public_html$fastcgi_script_name;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
fastcgi_param REQUEST_URI $request_uri;
fastcgi_param DOCUMENT_URI $document_uri;
fastcgi_param DOCUMENT_ROOT /home/domain/domains/blog.domain.com/public_html;
fastcgi_param SERVER_PROTOCOL $server_protocol;
fastcgi_param REMOTE_ADDR $remote_addr;
fastcgi_param REMOTE_PORT $remote_port;
fastcgi_param SERVER_ADDR $server_addr;
fastcgi_param SERVER_PORT $server_port;
fastcgi_param SERVER_NAME $server_name;
fastcgi_param HTTPS $https;
location ~ \.php$ {
try_files $uri =404;
fastcgi_pass unix:/var/php-nginx/14765596504348.sock/socket;
}
location = /favicon.ico {
log_not_found off;
access_log off;
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
location ~* .(js|css|png|jpg|jpeg|gif|ico)$ {
access_log off;
log_not_found off;
expires 365d;
}
location ~* /(?:uploads|files)/.*\.php$ {
deny all;
}
location ~* \.(engine|inc|info|install|make|module|profile|test|po|sh|.*sql|theme|tpl(\.php)?|xtmpl)$|^(\..*|Entries.*|Repository|Root|Tag|Template)$|\.php_ {
return 444;
}
location ~* \.(pl|cgi|py|sh|lua)\$ {
return 444;
}
location ~ /(\.|wp-config\.php|readme\.html|license\.txt) { deny all; }
ssl_certificate /home/domain/domains/blog.domain.com/ssl.cert;
ssl_certificate_key /home/domain/domains/blog.domain.com/ssl.key;
ssl_trusted_certificate /home/domain/domains/blog.domain.com/ssl.ca;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_dhparam /etc/nginx/dhparam.pem;
ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA';
add_header Accept-Ranges bytes;
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-Content-Type-Options "nosniff" always;
add_header X-XSS-Protection "1; mode=block" always;
add_header Strict-Transport-Security "max-age=15768000" always;
add_header Public-Key-Pins 'pin-sha256="Niasdcu1LQAzCK234v6aJLcwJFCcWATc4asdIBhio7XpIQ="; pin-sha256="75h33riR+PAtOJcVKNfn2y1/N1ARLqJ213YDX5bnAi1Q="; max-age=2592000;';
}
让我们看一下您的重定向服务器块...由于WordPress不允许或不喜欢同时使用www和根域作为网站URL,因此您必须选择一个。 假设您不希望www且想要使用域本身,则第一个重定向服务器块将如下所示:
server {
listen 161.122.20.14;
server_name blog.domain.com www.blog.domain.com;
return 301 https://blog.domain.com$request_uri;
}
这将有效侦听blog.domain.com和www.blog.domain.com的给定IP,端口80,将它们重定向到https://blog.domain.com
现在我为什么要先说? 因为您可能想要另一个重定向服务器块来捕获www域中的所有https。 在这种情况下,您需要确保服务器块具有有效的ssl配置集。 无需进行更多调查,只需从配置中获取,ssl重定向将如下所示:
server {
listen 161.122.20.14:443 ssl http2;
server_name www.blog.domain.com;
ssl_certificate /home/domain/domains/blog.domain.com/ssl.cert;
ssl_certificate_key /home/domain/domains/blog.domain.com/ssl.key;
ssl_trusted_certificate /home/domain/domains/blog.domain.com/ssl.ca;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_dhparam /etc/nginx/dhparam.pem;
ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA';
return 301 https://blog.domain.com$request_uri;
}
现在我们可以确定,无论重定向到端口80还是443,所有对blog.domain.com或www.blog.domain.com的请求都已得到处理,我们的主服务器块如下所示:
server {
listen 161.122.20.14:443 ssl http2 deferred;
server_name blog.domain.com;
root /home/domain/domains/blog.domain.com/public_html;
index index.html index.htm index.php;
access_log /var/log/virtualmin/blog.domain.com_access_log;
error_log /var/log/virtualmin/blog.domain.com_error_log;
ssl_certificate /home/domain/domains/blog.domain.com/ssl.cert;
ssl_certificate_key /home/domain/domains/blog.domain.com/ssl.key;
ssl_trusted_certificate /home/domain/domains/blog.domain.com/ssl.ca;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_dhparam /etc/nginx/dhparam.pem;
ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA';
add_header Accept-Ranges bytes;
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-Content-Type-Options "nosniff" always;
add_header X-XSS-Protection "1; mode=block" always;
add_header Strict-Transport-Security "max-age=15768000" always;
add_header Public-Key-Pins 'pin-sha256="Niasdcu1LQAzCK234v6aJLcwJFCcWATc4asdIBhio7XpIQ="; pin-sha256="75h33riR+PAtOJcVKNfn2y1/N1ARLqJ213YDX5bnAi1Q="; max-age=2592000;';
location = /favicon.ico {
log_not_found off;
access_log off;
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
location ~* .(js|css|png|jpg|jpeg|gif|ico)$ {
access_log off;
log_not_found off;
expires 365d;
}
location ~* /(?:uploads|files)/.*\.php$ {
deny all;
}
location ~* \.(engine|inc|info|install|make|module|profile|test|po|sh|.*sql|theme|tpl(\.php)?|xtmpl)$|^(\..*|Entries.*|Repository|Root|Tag|Template)$|\.php_ {
return 444;
}
location ~* \.(pl|cgi|py|sh|lua)\$ {
return 444;
}
location ~ /(\.|wp-config\.php|readme\.html|license\.txt) { deny all; }
location / {
try_files $uri $uri/ /index.php?q=$uri&$args;
}
location ~ [^/]\.php(/|$) {
fastcgi_split_path_info ^(.+?\.php)(/.*)$;
if (!-f $document_root$fastcgi_script_name) {
return 404;
}
include fastcgi_params;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_pass unix:/var/php-nginx/14765596504348.sock/socket;
}
}
此处的关键是您的try_files,并添加一个/位置块,其中包含默认操作。 您还应该保存该php位置块并将其用于将来的配置...另一个,就是说,不安全。 从本质上讲,这实际上是允许您在WordPress中使用永久链接的功能。
location / {
try_files $uri $uri/ /index.php?q=$uri&$args;
}
location ~ [^/]\.php(/|$) {
fastcgi_split_path_info ^(.+?\.php)(/.*)$;
if (!-f $document_root$fastcgi_script_name) {
return 404;
}
include fastcgi_params;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_pass unix:/var/php-nginx/14765596504348.sock/socket;
}
我也想知道您是从哪里想到将所有fastcgi params放入配置中的。
请注意,我已经从您发布的内容中复制/粘贴了内容,而没有检查所有内容是否有效。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.