在Amazon Linux上安装https和www重定向Rails Passenger和Apache安装在Apache上

Question

我想要http://www.example.com，http://example.com重定向到https://example.com。

托管于https://example.com的应用程序是Rails Passenger应用程序。

我在/var/www/html/blog有一个WordPress安装，我已使用别名/blog到/var/www/html/blog，这样https://example.com/blog将运行WordPress博客。眼下

：

然而，并非一切工作，因为我想

1. http://www.example.com是要https://example.com，这是件好事。
2. http://example.com不会去https://example.com。
3. https://www.example.com不会https://example.com
4. https://example.com/blog被抛出异常在控制台这样的：Mixed Content: The page at 'https://example.com/blog/' was loaded over HTTPS, but requested an insecure script 'http://xx.xx.xxx.xxx/blog/wp-includes/js/wp-emoji-release.min.js?ver=4.6.1'. This request has been blocked; the content must be served over HTTPS. e @ (index):23
5. http://example.com/blog运行正常，但我需要它重定向到https://example.com/blog **
6. http://www.example.com/blog重定向到http://example.com/blog **

**要点5和6，这可能是因为我已将WordPress网址设置为http://example.com。如果我将它设置为https://example.com，我会陷入无限循环。

我可以获得关于如何修改我的apache配置的建议吗？

/etc/httpd/conf/httpd.conf

LoadModule passenger_module /usr/local/rvm/gems/ruby-2.3.3/gems/passenger-5.1.0/buildout/apache2/mod_passenger.so 
<IfModule mod_passenger.c> 
PassengerRoot /usr/local/rvm/gems/ruby-2.3.3/gems/passenger-5.1.0 
PassengerDefaultRuby /usr/local/rvm/gems/ruby-2.3.3/wrappers/ruby 
</IfModule> 

<VirtualHost *:80> 
    ProxyPreserveHost On 
    # Tell Apache and Passenger where your app's 'public' directory is 
    DocumentRoot /var/www/example/public 
    # Redirect/https://example.com 

    PassengerRuby /usr/local/rvm/gems/ruby-2.3.3/wrappers/ruby 
    PassengerFriendlyErrorpages on 

    # JkMount /tc* node1 
    # JkMount /intro* node1 

    # Relax Apache security settings 
    <Directory /var/www/example/public> 
     RailsEnv production 
     Allow from all 
     Options -MultiViews 
     # Uncomment this if you're on Apache >= 2.4: 
     # Require all granted 

     RewriteEngine On 
     RewriteBase/
     RewriteCond %{HTTP_HOST} ^www\.(.*)$ [NC] OR 
     RewriteRule ^(.*)$ https://%1/$1 [R=301,L] 
    </Directory> 

    <Directory /var/www/html/blog> 
     PassengerEnabled off 
     # Makes Wordpress's .htaccess file work 
     AllowOverride all 
    </Directory> 
</VirtualHost> 

Alias /blog /var/www/html/blog 
Alias /.well-known/acme-challenge/ /var/www/example/.well-known/acme-challenge/ 
` 

/etc/httpd/conf.d/ssl.conf

LoadModule ssl_module modules/mod_ssl.so 

Listen 443 

SSLPassPhraseDialog builtin 

SSLSessionCache   shmcb:/var/cache/mod_ssl/scache(512000) 
SSLSessionCacheTimeout 300 

SSLMutex default 

SSLRandomSeed startup file:/dev/urandom 256 
SSLRandomSeed connect builtin 

SSLCryptoDevice builtin 

<VirtualHost _default_:443> 

ErrorLog logs/ssl_error_log 
TransferLog logs/ssl_access_log 
LogLevel warn 

SSLProxyProtocol all -SSLv3 

SSLEngine on 
SSLCertificateFile /etc/letsencrypt/live/example.com/cert.pem 
SSLCertificateKeyFile /etc/letsencrypt/live/example.com/privkey.pem 
SSLCertificateChainFile /etc/letsencrypt/live/example.com/chain.pem 
SSLProtocol All -SSLv2 -SSLv3 
SSLHonorCipherOrder on 
SSLCipherSuite "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH+aRSA+RC4 EECDH EDH+aRSA !RC4 !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS" 

<Files ~ "\.(cgi|shtml|phtml|php3?)$"> 
    SSLOptions +StdEnvVars 
</Files> 
<Directory "/var/www/cgi-bin"> 
    SSLOptions +StdEnvVars 
</Directory> 

SetEnvIf User-Agent ".*MSIE.*" \ 
     nokeepalive ssl-unclean-shutdown \ 
     downgrade-1.0 force-response-1.0 

CustomLog logs/ssl_request_log \ 
      "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b" 

# to run in dev mode 
RailsEnv production 

# Be sure to point to 'public'! 
DocumentRoot /var/www/example/public 

# define server details 
ServerName example.com 
#ServerAlias www.example.com 

# rails needs the header for its own processing 
RequestHeader set X_FORWARDED_PROTO 'https' 

# this is just passing a proxy to a localhost server 
# ProxyRequests Off 
# ProxyPreserveHost On 
# <Proxy *> 
# Order deny,allow 
# Allow from all 
# </Proxy> 
# ProxyPass/http://localhost/ 
# ProxyPassReverse/http://localhost/ 

#<Directory /var/www/html/blog> 
# Options Indexes FollowSymLinks MultiViews 
# AllowOverride All 
# allow from all 
# Require all granted 
#</Directory> 

</VirtualHost> 

Answer 1

我得到了以下为重定向一切https://example.com工作，但我不能让HTTPS为/博客工作：

httpd.conf

LoadModule passenger_module /usr/local/rvm/gems/ruby-2.3.3/gems/passenger-5.1.0/buildout/apache2/mod_passenger.so 
<IfModule mod_passenger.c> 
PassengerRoot /usr/local/rvm/gems/ruby-2.3.3/gems/passenger-5.1.0 
PassengerDefaultRuby /usr/local/rvm/gems/ruby-2.3.3/wrappers/ruby 
</IfModule> 

<VirtualHost *:80> 
    ServerName example.com 
    ServerAlias www.example.com 
    ProxyPreserveHost On 
    # Tell Apache and Passenger where your app's 'public' directory is 
    DocumentRoot /var/www/example/public 

    PassengerRuby /usr/local/rvm/gems/ruby-2.3.3/wrappers/ruby 
    PassengerFriendlyErrorpages on 

    # Relax Apache security settings 
    <Directory /var/www/example/public> 
     RailsEnv production 
     Allow from all 
     Options -MultiViews 
     # Uncomment this if you're on Apache >= 2.4: 
     # Require all granted 

     RewriteEngine On 
     RewriteCond %{SERVER_NAME} =www.adintern.com 
     RewriteRule ^(.*)$  https://adintern.com/$1 [L,R=301] 

     RewriteCond %{HTTPS} off 
     RewriteRule (.*)   https://adintern.com/$1 

     RewriteCond %{HTTP_HOST} ^www\.(.*)$ [NC] 
     RewriteRule ^(.*)$ https://%1/$1 [R=301,L] 
    </Directory> 

    <Directory /var/www/html/blog> 
     PassengerEnabled off 
     # Makes Wordpress's .htaccess file work 
     AllowOverride all 
     Order allow,deny 
     Allow from all 
    </Directory> 
</VirtualHost> 

Alias /blog /var/www/html/blog 
Alias /.well-known/acme-challenge/ /var/www/example/.well-known/acme-challenge/ 

ssl.conf

LoadModule ssl_module modules/mod_ssl.so 

Listen 443 

SSLPassPhraseDialog builtin 

SSLSessionCache   shmcb:/var/cache/mod_ssl/scache(512000) 
SSLSessionCacheTimeout 300 

SSLMutex default 

SSLRandomSeed startup file:/dev/urandom 256 
SSLRandomSeed connect builtin 

SSLCryptoDevice builtin 

<VirtualHost _default_:443> 

ErrorLog logs/ssl_error_log 
TransferLog logs/ssl_access_log 
LogLevel warn 

SSLProxyProtocol all -SSLv3 

SSLEngine on 
SSLCertificateFile /etc/letsencrypt/live/www.example.com/cert.pem 
SSLCertificateKeyFile /etc/letsencrypt/live/www.example.com/privkey.pem 
SSLProtocol All -SSLv2 -SSLv3 
SSLHonorCipherOrder on 
SSLCipherSuite "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH+aRSA+RC4 EECDH EDH+aRSA !RC4 !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS" 

<Files ~ "\.(cgi|shtml|phtml|php3?)$"> 
    SSLOptions +StdEnvVars 
</Files> 
<Directory "/var/www/cgi-bin"> 
    SSLOptions +StdEnvVars 
</Directory> 

SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0 

CustomLog logs/ssl_request_log "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b" 

# to run in dev mode 
RailsEnv production 

# Be sure to point to 'public'! 
DocumentRoot /var/www/example/public 

# define server details 
ServerName example.com 

# rails needs the header for its own processing 
RequestHeader set X_FORWARDED_PROTO 'https' 

# this is just passing a proxy to a localhost server 
# ProxyRequests Off 
# ProxyPreserveHost On 
# <Proxy *> 
# Order deny,allow 
# Allow from all 
# </Proxy> 
# ProxyPass/http://localhost/ 
# ProxyPassReverse/http://localhost/ 

SSLCertificateChainFile /etc/letsencrypt/live/www.example.com/chain.pem 

</VirtualHost> 

WordPress的，设置HOME和SITEURL这样：

define('WP_HOME','https://example.com/blog'); 
define('WP_SITEURL','https://example.com/blog');