[英]Traefik IngressRoute redirect doesn’t work
我在IngressRoute之后設置了默認路徑和wp-*
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
name: external-1
namespace: marketing
spec:
entryPoints:
- web
- websecure
routes:
- match: Host(`example.com`) || Host(`www.example.com`)
kind: Rule
services:
- name: wordpress
port: 80
middlewares:
- name: https-redirect
tls:
secretName: prod-cert
和
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
name: wp-admin-1
namespace: marketing
spec:
entryPoints:
- web
- websecure
routes:
- match: Host(`example.com`) || Host(`www.example.com`) && PathPrefix(`/wp-login.php`,`/wp-login.php/`, `/wp-admin/`)
kind: Rule
services:
- name: wordpress
port: 80
middlewares:
- name: secured-restricted
tls:
secretName: prod-cert
中間件:
---
apiVersion: traefik.containo.us/v1alpha1
kind: Middleware
metadata:
name: secured-restricted
namespace: marketing
spec:
chain:
middlewares:
- name: https-redirect
- name: permited-ips
---
apiVersion: traefik.containo.us/v1alpha1
kind: Middleware
metadata:
name: https-redirect
namespace: marketing
spec:
redirectScheme:
scheme: https
permanent: true
---
apiVersion: traefik.containo.us/v1alpha1
kind: Middleware
metadata:
name: permited-ips
namespace: marketing
spec:
ipWhiteList:
sourceRange:
- #.#.#.#/28
---
https://www.example.com --> 有效
https://example.com --> 被禁止
https://example.com僅在我嘗試從白名單 IP (#.#.#.#/28) 訪問它時有效
所以看起來 external-1 IngressRoute 沒有受到攻擊。
這個設置有什么問題?
以下列方式拆分規則解決了這個問題。
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
name: external-1
namespace: marketing
spec:
entryPoints:
- web
- websecure
routes:
- match: Host(`example.com`)
kind: Rule
services:
- name: wordpress
port: 80
- match: Host(`www.example.com`)
kind: Rule
services:
- name: wordpress
port: 80
middlewares:
- name: https-redirect
tls:
secretName: prod-cert
和
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
name: wp-admin-1
namespace: marketing
spec:
entryPoints:
- web
- websecure
routes:
- match: Host(`example.com`) && PathPrefix(`/wp-login.php`,`/wp-login.php/`, `/wp-admin/`)
kind: Rule
services:
- name: wordpress
port: 80
- match: Host(`www.example.com`) && PathPrefix(`/wp-login.php`,`/wp-login.php/`, `/wp-admin/`)
kind: Rule
services:
- name: wordpress
port: 80
middlewares:
- name: secured-restricted
tls:
secretName: prod-cert
您可能忘記了一個括號,您的原始配置可能只需更改為:
(Host(`example.com`) || Host(`www.example.com`)) && PathPrefix(`/wp-login.php`,`/wp-login.php/`, `/wp-admin/`)
使用kubernetes入口和重定向的traefik pathprefixstrip不起作用
[英]traefik pathprefixstrip with kubernetes ingress and redirect doesn't work
Traefik 儀表板:Ingress 和 IngressRoute,它們可以共存嗎?
[英]Traefik Dashboard: Ingress and IngressRoute, can they co-exist?
Traefik 2.x IngressRoute 不適用於給定的 web 應用程序上下文根
[英]Traefik 2.x IngressRoute not working with given web application context root
用於觀看特定 kubernetes 命名空間的 Traefik 配置不起作用
[英]Traefik configuration to watch a particular kubernetes namespace doesn't works
Traefik沒有從Kubernetes的入口定義中選擇TLS證書秘密
[英]Traefik doesn't pick TLS certificates secrets from the ingress definition in Kubernetes
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.