0

已编辑!

我在 Debian 7 上使用 Nginx、Postfix、Postfixadmin、Dovecot 和 Roundcube 设置了一个邮件服务器。

我尝试创建一个别名来使用我的域 example.org 的 SSL 证书(当然,这里的域是一个示例)用于 webmail。访问以下 URL https://example.org/support/webmail/时- Nginx 不会重定向到 index.php 文件,我收到以下消息403 Forbidden。仅当我在 URL 末尾手动添加 .php 文件时它才有效。

这是我的配置:

server {
    listen 80;
    server_name example.org;
    return 301 https://$server_name$request_uri;
}

server {
    listen 80;
    server_name www.example.org;
    return 301 https://$server_name$request_uri;
}

server {
    listen 443 ssl;
    ssl on;

    server_name example.org;
    root /var/www/soon;

    server_tokens off;

    ssl_certificate /etc/ssl/certs/example.org.certchain.crt;
    ssl_certificate_key /etc/ssl/private/example.org.key;

    ssl_session_cache shared:SSL:20m;
    ssl_session_timeout 10m;

    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256;
    ssl_prefer_server_ciphers on;

    # HSTS
    add_header Strict-Transport-Security max-age=15768000;

    location /support/webmail/ {
        alias /var/www/webmail/;
        autoindex off;

        location ~ \.php$ {
          include       /etc/nginx/fastcgi_params;
          # include       fastcgi_params;
          fastcgi_pass  unix:/var/run/php5-fpm.sock;
          fastcgi_index index.php;
          # fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
          fastcgi_param SCRIPT_FILENAME $request_filename;
        }
    }
}

谢谢你。:)

4

2 回答 2

2

解决了。

这是适合我的配置:

server {
    listen 80;
    server_name example.org;
    return 301 https://$server_name$request_uri;
}

server {
    listen 80;
    server_name www.example.org;
    return 301 https://$server_name$request_uri;
}

server {
    listen 443 ssl;
    ssl on;

    server_name example.org;
    root /var/www/soon;

    server_tokens off;

    ssl_certificate /etc/ssl/certs/example.org.certchain.crt;
    ssl_certificate_key /etc/ssl/private/example.org.key;

    ssl_session_cache shared:SSL:20m;
    ssl_session_timeout 10m;

    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256;
    ssl_prefer_server_ciphers on;

    # HSTS
    add_header Strict-Transport-Security max-age=15768000;

    location /support/webmail/ {
        alias /var/www/webmail/;
        autoindex off;
        index index.php;

        location ~ \.php$ {
          fastcgi_split_path_info ^(.+\.php)(/.+)$;
          include       /etc/nginx/fastcgi_params;
          fastcgi_pass  unix:/var/run/php5-fpm.sock;
          fastcgi_index index.php;
          fastcgi_param SCRIPT_FILENAME $request_filename;
        }
    }
}
于 2015-06-18T15:46:49.583 回答
0

添加

location / {
    try_files $uri $uri/ index.php;
}

部分配置不起作用,然后关闭autoindex.

于 2015-06-17T20:17:46.263 回答