[英]Traefik IngressRoute redirect doesn’t work
我在IngressRoute之后设置了默认路径和wp-*
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
name: external-1
namespace: marketing
spec:
entryPoints:
- web
- websecure
routes:
- match: Host(`example.com`) || Host(`www.example.com`)
kind: Rule
services:
- name: wordpress
port: 80
middlewares:
- name: https-redirect
tls:
secretName: prod-cert
和
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
name: wp-admin-1
namespace: marketing
spec:
entryPoints:
- web
- websecure
routes:
- match: Host(`example.com`) || Host(`www.example.com`) && PathPrefix(`/wp-login.php`,`/wp-login.php/`, `/wp-admin/`)
kind: Rule
services:
- name: wordpress
port: 80
middlewares:
- name: secured-restricted
tls:
secretName: prod-cert
中间件:
---
apiVersion: traefik.containo.us/v1alpha1
kind: Middleware
metadata:
name: secured-restricted
namespace: marketing
spec:
chain:
middlewares:
- name: https-redirect
- name: permited-ips
---
apiVersion: traefik.containo.us/v1alpha1
kind: Middleware
metadata:
name: https-redirect
namespace: marketing
spec:
redirectScheme:
scheme: https
permanent: true
---
apiVersion: traefik.containo.us/v1alpha1
kind: Middleware
metadata:
name: permited-ips
namespace: marketing
spec:
ipWhiteList:
sourceRange:
- #.#.#.#/28
---
https://www.example.com --> 有效
https://example.com --> 被禁止
https://example.com仅在我尝试从白名单 IP (#.#.#.#/28) 访问它时有效
所以看起来 external-1 IngressRoute 没有受到攻击。
这个设置有什么问题?
以下列方式拆分规则解决了这个问题。
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
name: external-1
namespace: marketing
spec:
entryPoints:
- web
- websecure
routes:
- match: Host(`example.com`)
kind: Rule
services:
- name: wordpress
port: 80
- match: Host(`www.example.com`)
kind: Rule
services:
- name: wordpress
port: 80
middlewares:
- name: https-redirect
tls:
secretName: prod-cert
和
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
name: wp-admin-1
namespace: marketing
spec:
entryPoints:
- web
- websecure
routes:
- match: Host(`example.com`) && PathPrefix(`/wp-login.php`,`/wp-login.php/`, `/wp-admin/`)
kind: Rule
services:
- name: wordpress
port: 80
- match: Host(`www.example.com`) && PathPrefix(`/wp-login.php`,`/wp-login.php/`, `/wp-admin/`)
kind: Rule
services:
- name: wordpress
port: 80
middlewares:
- name: secured-restricted
tls:
secretName: prod-cert
您可能忘记了一个括号,您的原始配置可能只需更改为:
(Host(`example.com`) || Host(`www.example.com`)) && PathPrefix(`/wp-login.php`,`/wp-login.php/`, `/wp-admin/`)
使用kubernetes入口和重定向的traefik pathprefixstrip不起作用
[英]traefik pathprefixstrip with kubernetes ingress and redirect doesn't work
Traefik 仪表板:Ingress 和 IngressRoute,它们可以共存吗?
[英]Traefik Dashboard: Ingress and IngressRoute, can they co-exist?
Traefik 2.x IngressRoute 不适用于给定的 web 应用程序上下文根
[英]Traefik 2.x IngressRoute not working with given web application context root
用于观看特定 kubernetes 命名空间的 Traefik 配置不起作用
[英]Traefik configuration to watch a particular kubernetes namespace doesn't works
Traefik没有从Kubernetes的入口定义中选择TLS证书秘密
[英]Traefik doesn't pick TLS certificates secrets from the ingress definition in Kubernetes
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.