1. 首页
  2. 问答
  3. Nginx 1.10和WordPress 3.6.1永久链接问题

Nginx 1.10和WordPress 3.6.1永久链接问题

2016-11-17 41 views
0

我在使用nginx的时候遇到了WordPress的固定链接问题。 我试图加入我的nginx的配置文件中的以下行,但我仍然是无法获得这些固定链接工作:Nginx 1.10和WordPress 3.6.1永久链接问题

location/{ 
try_files $uri $uri/ /en/index.php?$args; 
}

我得到404错误,当我能够在WordPress控制面板固定链接。

这里是我的nginx conf文件,如果这可以帮助调查这个问题,因为我已经尝试了网络上的几乎所有东西。我想在我的配置东西是搞乱:

server { 

     server_name blog.domain.com www.blog.domain.com; 

     listen 161.122.20.14; 

     return 301 https://$server_name$request_uri; 
       ssl_certificate /home/domain/domains/blog.domain.com/ssl.cert; 
       ssl_certificate_key /home/domain/domains/blog.domain.com/ssl.key; 
     } 

     server { 
       server_name blog.domain.com www.blog.domain.com; 

       listen 161.122.20.14:443 ssl http2; 

       root /home/domain/domains/blog.domain.com/public_html; 

       index index.html index.htm index.php; 

       access_log /var/log/virtualmin/blog.domain.com_access_log; 
       error_log /var/log/virtualmin/blog.domain.com_error_log; 

     fastcgi_param GATEWAY_INTERFACE CGI/1.1; 
       fastcgi_param SERVER_SOFTWARE nginx; 
       fastcgi_param QUERY_STRING $query_string; 
       fastcgi_param REQUEST_METHOD $request_method; 
       fastcgi_param CONTENT_TYPE $content_type; 
       fastcgi_param CONTENT_LENGTH $content_length; 
       fastcgi_param SCRIPT_FILENAME /home/domain/domains/blog.domain.com/public_html$fastcgi_script_name; 
       fastcgi_param SCRIPT_NAME $fastcgi_script_name; 
       fastcgi_param REQUEST_URI $request_uri; 
       fastcgi_param DOCUMENT_URI $document_uri; 
       fastcgi_param DOCUMENT_ROOT /home/domain/domains/blog.domain.com/public_html; 
       fastcgi_param SERVER_PROTOCOL $server_protocol; 
       fastcgi_param REMOTE_ADDR $remote_addr; 
       fastcgi_param REMOTE_PORT $remote_port; 
       fastcgi_param SERVER_ADDR $server_addr; 
       fastcgi_param SERVER_PORT $server_port; 
       fastcgi_param SERVER_NAME $server_name; 
       fastcgi_param HTTPS $https; 

       location ~ \.php$ { 
         try_files $uri =404; 
         fastcgi_pass unix:/var/php-nginx/14765596504348.sock/socket; 
       } 

       location = /favicon.ico { 
       log_not_found off; 
       access_log off; 
       } 

       location = /robots.txt { 
       allow all; 
       log_not_found off; 
       access_log off; 
       } 

     location ~* .(js|css|png|jpg|jpeg|gif|ico)$ { 
       access_log  off; 
       log_not_found  off; 
       expires 365d; 
       } 

       location ~* /(?:uploads|files)/.*\.php$ { 
       deny all; 
       } 

       location ~* \.(engine|inc|info|install|make|module|profile|test|po|sh|.*sql|theme|tpl(\.php)?|xtmpl)$|^(\..*|Entries.*|Repository|Root|Tag|Template)$|\.php_ { 
       return 444; 
       } 

       location ~* \.(pl|cgi|py|sh|lua)\$ { 
       return 444; 
       } 

       location ~ /(\.|wp-config\.php|readme\.html|license\.txt) { deny all; } 

     ssl_certificate /home/domain/domains/blog.domain.com/ssl.cert; 
       ssl_certificate_key /home/domain/domains/blog.domain.com/ssl.key; 
       ssl_trusted_certificate /home/domain/domains/blog.domain.com/ssl.ca; 
       ssl_protocols TLSv1 TLSv1.1 TLSv1.2; 
       ssl_prefer_server_ciphers on; 
       ssl_dhparam /etc/nginx/dhparam.pem; 
       ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA'; 

       add_header Accept-Ranges bytes; 
       add_header X-Frame-Options "SAMEORIGIN" always; 
       add_header X-Content-Type-Options "nosniff" always; 
       add_header X-XSS-Protection "1; mode=block" always; 
       add_header Strict-Transport-Security "max-age=15768000" always; 
       add_header Public-Key-Pins 'pin-sha256="Niasdcu1LQAzCK234v6aJLcwJFCcWATc4asdIBhio7XpIQ="; pin-sha256="75h33riR+PAtOJcVKNfn2y1/N1ARLqJ213YDX5bnAi1Q="; max-age=2592000;'; 
     }

来源

2016-11-17 Ivanovich

回答

3

让我们来看看您重定向服务器块......由于的WordPress是不会允许或类似您同时使用www和根域的事实网站的网址,你必须选择一个。让我们假设你不想www和要使用的域本身,你第一重定向服务器块应该是这样的:

server { 
    listen 161.122.20.14; 
    server_name blog.domain.com www.blog.domain.com; 
    return 301 https://blog.domain.com$request_uri; 
}

这将有效地听上给定的IP,端口80用于两个博客.domain.com和www.blog.domain.com将它们重定向到https://blog.domain.com

现在为什么我说第一个?因为您可能希望让另一个重定向服务器块在www域捕获所有https。在这种情况下,您需要确保您的服务器块具有有效的ssl配置集。如果没有更多的调查和采取只弗朗你的配置,你的SSL重定向应该是这样的:

server { 
    listen 161.122.20.14:443 ssl http2; 
    server_name www.blog.domain.com; 

    ssl_certificate /home/domain/domains/blog.domain.com/ssl.cert; 
    ssl_certificate_key /home/domain/domains/blog.domain.com/ssl.key; 
    ssl_trusted_certificate /home/domain/domains/blog.domain.com/ssl.ca; 

    ssl_protocols TLSv1 TLSv1.1 TLSv1.2; 
    ssl_prefer_server_ciphers on; 
    ssl_dhparam /etc/nginx/dhparam.pem; 
    ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA'; 

    return 301 https://blog.domain.com$request_uri; 
}

现在我们确信,所有的请求要么blog.domain.com或www.blog.domain.com是被作为迄今为止所采取小心,重定向,无论端口80和443上,我们的主要服务块看起来像这样:这里

server { 
    listen 161.122.20.14:443 ssl http2 deferred; 
    server_name blog.domain.com; 

    root /home/domain/domains/blog.domain.com/public_html; 
    index index.html index.htm index.php; 

    access_log /var/log/virtualmin/blog.domain.com_access_log; 
    error_log /var/log/virtualmin/blog.domain.com_error_log; 

    ssl_certificate /home/domain/domains/blog.domain.com/ssl.cert; 
    ssl_certificate_key /home/domain/domains/blog.domain.com/ssl.key; 
    ssl_trusted_certificate /home/domain/domains/blog.domain.com/ssl.ca; 
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2; 
    ssl_prefer_server_ciphers on; 
    ssl_dhparam /etc/nginx/dhparam.pem; 
    ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA'; 

    add_header Accept-Ranges bytes; 
    add_header X-Frame-Options "SAMEORIGIN" always; 
    add_header X-Content-Type-Options "nosniff" always; 
    add_header X-XSS-Protection "1; mode=block" always; 
    add_header Strict-Transport-Security "max-age=15768000" always; 
    add_header Public-Key-Pins 'pin-sha256="Niasdcu1LQAzCK234v6aJLcwJFCcWATc4asdIBhio7XpIQ="; pin-sha256="75h33riR+PAtOJcVKNfn2y1/N1ARLqJ213YDX5bnAi1Q="; max-age=2592000;'; 

    location = /favicon.ico { 
     log_not_found off; 
     access_log off; 
    } 

    location = /robots.txt { 
     allow all; 
     log_not_found off; 
     access_log off; 
    } 

    location ~* .(js|css|png|jpg|jpeg|gif|ico)$ { 
     access_log  off; 
     log_not_found  off; 
     expires 365d; 
    } 

    location ~* /(?:uploads|files)/.*\.php$ { 
     deny all; 
    } 

    location ~* \.(engine|inc|info|install|make|module|profile|test|po|sh|.*sql|theme|tpl(\.php)?|xtmpl)$|^(\..*|Entries.*|Repository|Root|Tag|Template)$|\.php_ { 
     return 444; 
    } 

    location ~* \.(pl|cgi|py|sh|lua)\$ { 
     return 444; 
    } 

    location ~ /(\.|wp-config\.php|readme\.html|license\.txt) { deny all; } 

    location/{ 
     try_files $uri $uri/ /index.php?q=$uri&$args; 
    } 

    location ~ [^/]\.php(/|$) { 
     fastcgi_split_path_info ^(.+?\.php)(/.*)$; 
     if (!-f $document_root$fastcgi_script_name) { 
      return 404; 
     } 
     include fastcgi_params; 
     fastcgi_index index.php; 
     fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; 
     fastcgi_pass unix:/var/php-nginx/14765596504348.sock/socket; 
    } 
}

关键是你try_files并添加包含默认动作/位置块。您还应该保存该php位置块并将其用于将来的配置......另一个只是,如何说,不安全。实际上,这实际上可以让你使用永久链接WordPress

location/{ 
     try_files $uri $uri/ /index.php?q=$uri&$args; 
    } 

    location ~ [^/]\.php(/|$) { 
     fastcgi_split_path_info ^(.+?\.php)(/.*)$; 
     if (!-f $document_root$fastcgi_script_name) { 
      return 404; 
     } 
     include fastcgi_params; 
     fastcgi_index index.php; 
     fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; 
     fastcgi_pass unix:/var/php-nginx/14765596504348.sock/socket; 
    }

我也想知道你把想法放在你的配置中的所有fastcgi参数..你从哪里得到这样的信息?

请注意,我已复制/粘贴您发布的内容,而不检查是否全部有效。

来源

2016-11-17 08:21:24 OldFart

相关问题

 相关问题