Magento无法访问扩展名 - >重定向到管理员登录

Question

我用Nginx，Php-Fpm和APC设置了我的新服务器。另外我正在使用外部清漆缓存和MySQL数据库。

因为我正在使用该设置，所以我的一个扩展停止工作。如果我尝试在后端访问它，Magento会将我注销并将其重定向到magento管理员登录名。

这里是我的Nginx的conf：

1）nginx.conf

user    nginx; 
worker_processes 1; 
error_log   /var/log/nginx/error.log; 
pid    /var/run/nginx.pid; 

events { 
    worker_connections 1024; 
} 

http { 
    include  /etc/nginx/mime.types; 
    default_type application/octet-stream; 

    log_format main '$remote_addr - $remote_user [$time_local] "$request "' 
         '$status $body_bytes_sent "$http_referer" ' 
         '"$http_user_agent" "$http_x_forwarded_for"'; 

    access_log /var/log/nginx/access.log main; 

    sendfile  on; 
    autoindex off; 
    map $scheme $fastcgi_https { ## Detect when HTTPS is used 
     default off; 
     https on; 
    } 

    keepalive_timeout 10; 


    gzip on; 
    gzip_comp_level 2; 
    gzip_proxied any; 
    gzip_types  text/plain text/html text/css application/x-javascript text/xml application/xml application/xml+rss text/javascript; 

    # Load config files from the /etc/nginx/conf.d directory 
    include /etc/nginx/conf.d/*.conf; 

2）domain.conf

server { 
    listen 8080; 
    server_name domain.de; 
    rewrite/$scheme://www.$host$request_uri permanent; ## Forcibly prepend a www 
} 

server { 
    listen 8080 default; 
# SSL directives might go here 
    server_name www.domain.de *.domain.de; ## Domain is here twice so server_name_in_redirect will favour the www 
    root /var/www/html; 

    location/{ 
     index index.html index.php; ## Allow a static html file to be shown first 
     try_files $uri $uri/ @handler; ## If missing pass the URI to Magento's front handler 
     expires 30d; ## Assume all files are cachable 
    } 

    ## These locations would be hidden by .htaccess normally 
    # location ^~ /app/    { deny all; } 
    # location ^~ /includes/   { deny all; } 
    # location ^~ /lib/    { deny all; } 
    # location ^~ /media/downloadable/ { deny all; } 
    # location ^~ /pkginfo/   { deny all; } 
    # location ^~ /report/config.xml { deny all; } 
    # location ^~ /var/    { deny all; } 

    location /var/export/ { ## Allow admins only to view export folder 
     auth_basic   "Restricted"; ## Message shown in login window 
     auth_basic_user_file htpasswd; ## See /etc/nginx/htpassword 
     autoindex   on; 
    } 

    location /. { ## Disable .htaccess and other hidden files 
     return 404; 
    } 

    location @handler { ## Magento uses a common front handler 
     rewrite//index.php; 
    } 

    location ~ .php/ { ## Forward paths like /js/index.php/x.js to relevant handler 
     rewrite ^(.*.php)/ $1 last; 
    } 
location ~ .php$ { ## Execute PHP scripts 
     if (!-e $request_filename) { rewrite//index.php last; } ## Catch 404s that try_files miss 

     expires  off; ## Do not cache dynamic content 
     fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock; 
     fastcgi_param HTTPS $fastcgi_https; 
     fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; 
     fastcgi_param MAGE_RUN_CODE default; 
     fastcgi_param MAGE_RUN_TYPE store; 
     include  fastcgi_params; ## See /etc/nginx/fastcgi_params 
    } 
} 

nginx的错误日志告诉我：

2013/05/27 21:07:01 [error] 18489＃0：* 4规则禁止访问，客户端：54.xxx.x.xx，服务器：www.domain.de，请求：“POST/app/etc /local.xml HTTP/1.1“，主机：”www.domain.de“

对我来说，我限制了某处的访问。我已经改变了这一点：

## These locations would be hidden by .htaccess normally 
    # location ^~ /app/    { deny all; } 
    # location ^~ /includes/   { deny all; } 
    # location ^~ /lib/    { deny all; } 
    # location ^~ /media/downloadable/ { deny all; } 
    # location ^~ /pkginfo/   { deny all; } 
    # location ^~ /report/config.xml { deny all; } 
    # location ^~ /var/    { deny all; } 

我打破了我的头。有人给我一个小费在哪里看？

在此先感谢！

编辑1：

在我看来，有一个混淆的地方。如果我删除了listen：8080;有用！ Varnish Server（on：80）每两次尝试输入一个错误消息（设置为ELB - Varnish - Nginx，通常），但基本上我可以访问扩展。清漆可能以某种方式重定向它吗？

这是default.vcl

# 
backend default { 
    .host = "xx.xxx.xxx.xx"; 
    .port = "8080"; # We will then configure apache to listen to port 8080 
} 

acl trusted { 
    "127.0.0.1"; 
    "127.0.1.1"; 
    "xx.xxx.xxx.xx"; 
    # Add other ips that are allowed to purge cache 
} 

# 
# http://www.varnish-cache.org/docs/2.1/tutorial/vcl.html#vcl-recv 
# @param req Request object 
sub vcl_recv { 
    if (req.http.x-forwarded-for) { 
     set req.http.X-Forwarded-For = req.http.X-Forwarded-For+","+client.ip; 
    } 
    else { 
     set req.http.X-Forwarded-For = client.ip; 
    } 

    if (req.request == "PURGE") { 
     # Allow requests from trusted IPs to purge the cache 
     if (!client.ip ~ trusted) { 
      error 405 "Not allowed."; 
     } 
     ban("req.url ~ " + req.url); 
     error 200 "Ok"; #We don't go to backend 
     #return(lookup); # @see vcl_hit 
    } 

    if (req.request != "GET" && 
     req.request != "HEAD" && 
     req.request != "PUT" && 
     req.request != "POST" && 
     req.request != "TRACE" && 
     req.request != "OPTIONS" && 
     req.request != "DELETE") { 
     /* Non-RFC2616 or CONNECT which is weird. */ 
     return (pipe); 
    } 

    # Cache only GET or HEAD requests 
    if (req.request != "GET" && req.request != "HEAD") { 
     /* We only deal with GET and HEAD by default */ 
     return (pass); 
    } 

    # parse accept encoding rulesets to normalize 
if (req.http.Accept-Encoding) { 
     if (req.http.Accept-Encoding ~ "gzip") { 
      set req.http.Accept-Encoding = "gzip"; 
     } elsif (req.http.Accept-Encoding ~ "deflate") { 
      set req.http.Accept-Encoding = "deflate"; 
     } else { 
      # unkown algorithm 
      remove req.http.Accept-Encoding; 
     } 
    } 

    # Rules for static files 
    if (req.url ~ "\.(jpeg|jpg|png|gif|ico|swf|js|css|gz|rar|txt|bzip|pdf)(\?.*|)$") { 
     set req.http.staticmarker = "1"; 
     unset req.http.Cookie; 

     return (lookup); 
    } 

    # Don't cache pages for Magento Admin 
    # change this rule if you use custom url in admin 
    if (req.url ~ "^/(index.php/)?admin") { 
     return(pass); 
    } 

    # Don't cache checkout/customer pages, product compare 
    if (req.url ~ "^/(index.php/)?(checkout|customer|catalog/product_compare|wishlist)") { 
     return(pass); 
    } 

    # Don't cache till session end 
    if (req.http.cookie ~ "nocache_stable") { 
     return(pass); 
    } 

    # Unique identifier witch tell Varnish use cache or not 
    if (req.http.cookie ~ "nocache") { 
     return(pass); 
    } 

    # Remove cookie 
    unset req.http.Cookie; 
    set req.http.magicmarker = "1"; #Instruct varnish to remove cache headers received from backend 
    return(lookup); 
} 

sub vcl_pipe { 
#  # Note that only the first request to the backend will have 
#  # X-Forwarded-For set. If you use X-Forwarded-For and want to 
#  # have it set for all requests, make sure to have: 
#  # set req.http.connection = "close"; 
#  # here. It is not set by default as it might break some broken web 
#  # applications, like IIS with NTLM authentication. 
    return (pipe); 
} 

#sub vcl_pass { 
#  return (pass); 
#} 

#sub vcl_hash { 
#  set req.hash += req.url; 
#  if (req.http.host) { 
#   set req.hash += req.http.host; 
#  } else { 
#   set req.hash += server.ip; 
#  } 
#  return (hash); 
# } 

# Called after a cache lookup if the req. document was found in the cache. 
sub vcl_hit { 
    if (req.request == "PURGE") { 
     ban_url(req.url); 
     error 200 "Purged"; 
    } 

    if (!(obj.ttl > 0s)) { 
     return (pass); 
    } 
    return (deliver); 
} 

# Called after a cache lookup and odc was not found in cache. 
sub vcl_miss { 
    if (req.request == "PURGE"){ 
     error 200 "Not in cache"; 
    } 
    return (fetch); 
} 

# Called after document was retreived from backend 
# @var req  Request object. 
# @var beresp Backend response (contains HTTP headers from backend) 
sub vcl_fetch { 
    set req.grace = 30s; 

    # Current response should not be cached 
    if(beresp.http.Set-Cookie ~ "nocache=1") { 
     return (deliver); 
    } 

    # Flag set when we want to delete cache headers received from backend 
    if (req.http.magicmarker){ 
     unset beresp.http.magicmarker; 
     unset beresp.http.Cache-Control; 
     unset beresp.http.Expires; 
     unset beresp.http.Pragma; 
     unset beresp.http.Cache; 
     unset beresp.http.Server; 
     unset beresp.http.Set-Cookie; 
     unset beresp.http.Age; 

     # default ttl for pages 
     set beresp.ttl = 1d; 
    } 
    if (req.http.staticmarker) { 
     set beresp.ttl = 30d; # static file cache expires in 30 days 
     unset beresp.http.staticmarker; 
     unset beresp.http.ETag; # Removes Etag in case we have multiple frontends 
    } 

    return (deliver); 
} 

# Called after a cached document is delivered to the client. 
sub vcl_deliver { 
    if (obj.hits > 0) { 
     set resp.http.X-Cache = "HIT ("+obj.hits+")"; 
    } else { 
     set resp.http.X-Cache = "MISS"; 
     # set resp.http.X-Cache-Hash = obj.http.hash; 
    } 
    return (deliver); 
} 

Answer 1

是确实清漆default.vcl文件所做的错误！我不能确切地说这是错的，但我用提供的一个交换了它。

# default backend definition. Set this to point to your content server. 
backend default { 
    .host = "127.0.0.1"; 
    .port = "8080"; 
} 

# admin backend with longer timeout values. Set this to the same IP & port as your default server. 
backend admin { 
    .host = "127.0.0.1"; 
    .port = "8080"; 
    .first_byte_timeout = 18000s; 
    .between_bytes_timeout = 18000s; 
} 

# add your Magento server IP to allow purges from the backend 
acl purge { 
    "localhost"; 
    "127.0.0.1"; 
} 

import std; 

sub vcl_recv { 
    if (req.restarts == 0) { 
     if (req.http.x-forwarded-for) { 
      set req.http.X-Forwarded-For = 
      req.http.X-Forwarded-For + ", " + client.ip; 
     } else { 
      set req.http.X-Forwarded-For = client.ip; 
     } 
    } 

    if (req.request != "GET" && 
     req.request != "HEAD" && 
     req.request != "PUT" && 
     req.request != "POST" && 
     req.request != "TRACE" && 
     req.request != "OPTIONS" && 
     req.request != "DELETE" && 
     req.request != "PURGE") { 
     /* Non-RFC2616 or CONNECT which is weird. */ 
     return (pipe); 
    } 

    # purge request 
    if (req.request == "PURGE") { 
     if (!client.ip ~ purge) { 
      error 405 "Not allowed."; 
     } 
     ban("obj.http.X-Purge-Host ~ " + req.http.X-Purge-Host + " && obj.http.X-Purge-URL ~ " + req.http.X-Purge-Regex + " && obj.http.Content-Type ~ " + req.http.X-Purge-Content-Type); 
     error 200 "Purged."; 
    } 

    # switch to admin backend configuration 
    if (req.http.cookie ~ "adminhtml=") { 
     set req.backend = admin; 
    } 

    # we only deal with GET and HEAD by default 
    if (req.request != "GET" && req.request != "HEAD") { 
     return (pass); 
    } 

    # normalize url in case of leading HTTP scheme and domain 
    set req.url = regsub(req.url, "^http[s]?://[^/]+", ""); 

    # collect all cookies 
    std.collect(req.http.Cookie); 

    # static files are always cacheable. remove SSL flag and cookie 
    if (req.url ~ "^/(media|js|skin)/.*\.(png|jpg|jpeg|gif|css|js|swf|ico)$") { 
     unset req.http.Https; 
     unset req.http.Cookie; 
    } 

    # not cacheable by default 
    if (req.http.Authorization || req.http.Https) { 
     return (pass); 
    } 

    # do not cache any page from index files 
    if (req.url ~ "^/(index)") { 
     return (pass); 
    } 

    # as soon as we have a NO_CACHE cookie pass request 
    if (req.http.cookie ~ "NO_CACHE=") { 
     return (pass); 
    } 

    # remove Google gclid parameters 
    set req.url = regsuball(req.url,"\?gclid=[^&]+$",""); # strips when QS = "?gclid=AAA" 
    set req.url = regsuball(req.url,"\?gclid=[^&]+&","?"); # strips when QS = "?gclid=AAA&foo=bar" 
    set req.url = regsuball(req.url,"&gclid=[^&]+",""); # strips when QS = "?foo=bar&gclid=AAA" or QS = "?foo=bar&gclid=AAA&bar=baz" 

    return (lookup); 
} 

# sub vcl_pipe { 
#  # Note that only the first request to the backend will have 
#  # X-Forwarded-For set. If you use X-Forwarded-For and want to 
#  # have it set for all requests, make sure to have: 
#  # set bereq.http.connection = "close"; 
#  # here. It is not set by default as it might break some broken web 
#  # applications, like IIS with NTLM authentication. 
#  return (pipe); 
# } 
# 
# sub vcl_pass { 
#  return (pass); 
# } 
# 
sub vcl_hash { 
    hash_data(req.url); 
    if (req.http.host) { 
     hash_data(req.http.host); 
    } else { 
     hash_data(server.ip); 
    } 

    if (req.http.cookie ~ "PAGECACHE_ENV=") { 
     set req.http.pageCacheEnv = regsub(
      req.http.cookie, 
      "(.*)PAGECACHE-env=([^&]*)(.*)", 
      "\2" 
     ); 
     hash_data(req.http.pageCacheEnv); 
     remove req.http.pageCacheEnv; 
    } 

    if (!(req.url ~ "^/(media|js|skin)/.*\.(png|jpg|jpeg|gif|css|js|swf|ico)$")) { 
     call design_exception; 
    } 
    return (hash); 
} 
# 
# sub vcl_hit { 
#  return (deliver); 
# } 
# 
# sub vcl_miss { 
#  return (fetch); 
# } 

sub vcl_fetch { 
    if (beresp.status == 500) { 
     set beresp.saintmode = 10s; 
     return (restart); 
    } 
    set beresp.grace = 5m; 

    # enable ESI feature if needed 
    if (beresp.http.X-Cache-DoEsi == "1") { 
     set beresp.do_esi = true; 
    } 

    # add ban-lurker tags to object 
    set beresp.http.X-Purge-URL = req.url; 
    set beresp.http.X-Purge-Host = req.http.host; 

    if (beresp.status == 200 || beresp.status == 301 || beresp.status == 404) { 
     if (beresp.http.Content-Type ~ "text/html" || beresp.http.Content-Type ~ "text/xml") { 
      if ((beresp.http.Set-Cookie ~ "NO_CACHE=") || (beresp.ttl < 1s)) { 
       set beresp.ttl = 0s; 
       return (hit_for_pass); 
      } 

      # marker for vcl_deliver to reset Age: 
      set beresp.http.magicmarker = "1"; 

      # Don't cache cookies 
      unset beresp.http.set-cookie; 
     } else { 
      # set default TTL value for static content 
      set beresp.ttl = 4h; 
     } 
     return (deliver); 
    } 

    return (hit_for_pass); 
} 

sub vcl_deliver { 
    # debug info 
    if (resp.http.X-Cache-Debug) { 
     if (obj.hits > 0) { 
      set resp.http.X-Cache = "HIT"; 
      set resp.http.X-Cache-Hits = obj.hits; 
     } else { 
      set resp.http.X-Cache = "MISS"; 
     } 
     set resp.http.X-Cache-Expires = resp.http.Expires; 
    } else { 
     # remove Varnish/proxy header 
     remove resp.http.X-Varnish; 
     remove resp.http.Via; 
     remove resp.http.Age; 
     remove resp.http.X-Purge-URL; 
     remove resp.http.X-Purge-Host; 
    } 

    if (resp.http.magicmarker) { 
     # Remove the magic marker 
     unset resp.http.magicmarker; 

     set resp.http.Cache-Control = "no-store, no-cache, must-revalidate, post-check=0, pre-check=0"; 
     set resp.http.Pragma = "no-cache"; 
     set resp.http.Expires = "Mon, 31 Mar 2008 10:00:00 GMT"; 
     set resp.http.Age = "0"; 
    } 
} 

# sub vcl_error { 
#  set obj.http.Content-Type = "text/html; charset=utf-8"; 
#  set obj.http.Retry-After = "5"; 
#  synthetic {" 
# <?xml version="1.0" encoding="utf-8"?> 
# <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" 
# "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> 
# <html> 
# <head> 
#  <title>"} + obj.status + " " + obj.response + {"</title> 
# </head> 
# <body> 
#  <h1>Error "} + obj.status + " " + obj.response + {"</h1> 
#  <p>"} + obj.response + {"</p> 
#  <h3>Guru Meditation:</h3> 
#  <p>XID: "} + req.xid + {"</p> 
#  <hr> 
#  <p>Varnish cache server</p> 
# </body> 
# </html> 
# "}; 
#  return (deliver); 
# } 
# 
# sub vcl_init { 
# return (ok); 
# } 
# 
# sub vcl_fini { 
# return (ok); 
# } 

sub design_exception { 
}