完全陌生nginx,需要一些指导。我正在支持一个新站点,该企业在开发过程中命名了一个东西,然后购买了一个不同的主机名。并且css的申请被拒绝了。这是一个现场制作网站,因此可以通过@https ://mh.lhfs.com访问。测试服务器(不同的机器)和本地开发服务器工作正常,所以我假设它与服务器相关。任何帮助,将不胜感激。
这是配置文件。之前的开发者喜欢复制和粘贴。我清理了 Content-Security-Policy 部分,但没有解决问题。
server {
listen 80;
# listen [::]:80 default_server ipv6only=on;
root /var/www/vhosts/lhfs.com/webpages/manufactured.lhfs.com;
index index.php index.html index.htm;
listen 443 ssl;
listen [::]:443 ssl;
server_name mh.lhfs.com;
#server_name localhost;
location / {
try_files $uri $uri/ /index.php?$args;
}
#return 301 https://$server_name$request_uri;
server_tokens off;
add_header X-Frame-Options SAMEORIGIN;
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";
add_header Content-Security-Policy "script-src 'self' 'unsafe-inline' 'unsafe-eval' data:; style-src 'self' 'unsafe-inline' data:; frame-src img-src 'self' font-src 'self' default-src 'self' object-src 'none' https://*.typekit.net https://mh.lhfs.com https://lhfs.com https://mortgage.lhfs.com https://cdn.lhfs.com https://lhfs.com https://lhfscdn.com https://seal-goldengate.bbb.org http://seal-goldengate.bbb.org https://*.mylivechat.com https://mylivechat.com https://code.jquery.com https://maxcdn.bootstrapcdn.com http://ajax.googleapis.com http://www.google-analytics.com http://www.google.com http://ajax.googleapis.com https://maps.googleapis.com https://ssl.google-analytics.com https://maps.googleapis.com https://fonts.googleapis.com https://themes.googleusercontent.com https://tautt.zendesk.com https://assets.zendesk.com https://connect.facebook.net https://s-static.ak.facebook.com https://www.facebook.com https://s-static.ak.facebook.com http://0.gravatar.com https://www.gstatic.com http://1.gravatat.com https://fonts.gstatic.com https://maps.gstatic.com https://csi.gstatic.com";
add_header Access-Control-Allow-Origin "*";
#try_files $uri $uri/ =404;
#try_files $uri $uri/ /index.php?$args;
access_log /var/www/vhosts/lhfs.com/webpages/manufactured.lhfs.com/logs/access.log;
error_log /var/www/vhosts/lhfs.com/webpages/manufactured.lhfs.com/logs/error.log;
error_page 404 /404.html;
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
location ~ \.php$ {
root /var/www/vhosts/lhfs.com/webpages/manufactured.lhfs.com;
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
fastcgi_read_timeout 300;
}
ssl_certificate /var/www/vhosts/system/sslcerts/cert-lhfscom/lhfs.com.chained.crt;
ssl_certificate_key /var/www/vhosts/system/sslcerts/cert-lhfscom/lhfscom_frommt.key;
ssl_dhparam /etc/nginx/ssl/dhparam.pem;
ssl_stapling on;
ssl_stapling_verify on;
ssl_trusted_certificate /var/www/vhosts/system/sslcerts/cert-lhfscom/lhfs.com.chained.crt;
try_files $uri $uri/ /index.php?$args;
access_log /var/www/vhosts/lhfs.com/webpages/manufactured.lhfs.com/logs/access.log;
error_log /var/www/vhosts/lhfs.com/webpages/manufactured.lhfs.com/logs/error.log;
location ~ \.php$ {
root /var/www/vhosts/lhfs.com/webpages/manufactured.lhfs.com;
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
fastcgi_read_timeout 300;
}
}
更新 1:
我尝试了一些我在其他帖子中看到的不同的东西,但它们没有帮助
- 我从 index.php 文件中的样式表声明中删除了 type='text/css' 但得到了相同的结果。
- 我检查了 mime.types 配置文件并定义了类型。
- 我检查了 nginx.config 并验证了 mime.types 配置被包括在内。
我可能会补充说,这不是该服务器上唯一提供这些错误的站点。他们都在某种程度上做到了。一个区别是该站点在站点路径上有 css。其他站点显示 CSS 没有问题。开发人员决定从另一个服务器 WordPress 站点引用 css 样式表。(别问!每个人,如果一个人离线,他们是否希望他们所有的网站都崩溃,不是吗?他不在的原因之一。)
更新 2:我决定注释掉 CSP 部分并重试。网站加载成功。我会暂时搁置这个问题,我会进一步调查。它似乎配置正确,但显然不是。如果您对导致该部分问题的原因有任何想法,请发布。