我想要http://www.example.com,http://example.com重定向到https://example.com。在Amazon Linux上安装https和www重定向Rails Passenger和Apache安装在Apache上
托管于https://example.com的应用程序是Rails Passenger应用程序。
我在/var/www/html/blog
有一个WordPress安装,我已使用别名/blog
到/var/www/html/blog
,这样https://example.com/blog将运行WordPress博客。眼下
:
然而,并非一切工作,因为我想
- http://www.example.com是要https://example.com,这是件好事。
- http://example.com不会去https://example.com。
- https://www.example.com不会https://example.com
- https://example.com/blog被抛出异常在控制台这样的:
Mixed Content: The page at 'https://example.com/blog/' was loaded over HTTPS, but requested an insecure script 'http://xx.xx.xxx.xxx/blog/wp-includes/js/wp-emoji-release.min.js?ver=4.6.1'. This request has been blocked; the content must be served over HTTPS. e @ (index):23
- http://example.com/blog运行正常,但我需要它重定向到https://example.com/blog **
- http://www.example.com/blog重定向到http://example.com/blog **
**要点5和6,这可能是因为我已将WordPress网址设置为http://example.com。如果我将它设置为https://example.com,我会陷入无限循环。
我可以获得关于如何修改我的apache配置的建议吗?
/etc/httpd/conf/httpd.conf
LoadModule passenger_module /usr/local/rvm/gems/ruby-2.3.3/gems/passenger-5.1.0/buildout/apache2/mod_passenger.so
<IfModule mod_passenger.c>
PassengerRoot /usr/local/rvm/gems/ruby-2.3.3/gems/passenger-5.1.0
PassengerDefaultRuby /usr/local/rvm/gems/ruby-2.3.3/wrappers/ruby
</IfModule>
<VirtualHost *:80>
ProxyPreserveHost On
# Tell Apache and Passenger where your app's 'public' directory is
DocumentRoot /var/www/example/public
# Redirect/https://example.com
PassengerRuby /usr/local/rvm/gems/ruby-2.3.3/wrappers/ruby
PassengerFriendlyErrorpages on
# JkMount /tc* node1
# JkMount /intro* node1
# Relax Apache security settings
<Directory /var/www/example/public>
RailsEnv production
Allow from all
Options -MultiViews
# Uncomment this if you're on Apache >= 2.4:
# Require all granted
RewriteEngine On
RewriteBase/
RewriteCond %{HTTP_HOST} ^www\.(.*)$ [NC] OR
RewriteRule ^(.*)$ https://%1/$1 [R=301,L]
</Directory>
<Directory /var/www/html/blog>
PassengerEnabled off
# Makes Wordpress's .htaccess file work
AllowOverride all
</Directory>
</VirtualHost>
Alias /blog /var/www/html/blog
Alias /.well-known/acme-challenge/ /var/www/example/.well-known/acme-challenge/
`
/etc/httpd/conf.d/ssl.conf
LoadModule ssl_module modules/mod_ssl.so
Listen 443
SSLPassPhraseDialog builtin
SSLSessionCache shmcb:/var/cache/mod_ssl/scache(512000)
SSLSessionCacheTimeout 300
SSLMutex default
SSLRandomSeed startup file:/dev/urandom 256
SSLRandomSeed connect builtin
SSLCryptoDevice builtin
<VirtualHost _default_:443>
ErrorLog logs/ssl_error_log
TransferLog logs/ssl_access_log
LogLevel warn
SSLProxyProtocol all -SSLv3
SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/example.com/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/example.com/privkey.pem
SSLCertificateChainFile /etc/letsencrypt/live/example.com/chain.pem
SSLProtocol All -SSLv2 -SSLv3
SSLHonorCipherOrder on
SSLCipherSuite "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH+aRSA+RC4 EECDH EDH+aRSA !RC4 !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS"
<Files ~ "\.(cgi|shtml|phtml|php3?)$">
SSLOptions +StdEnvVars
</Files>
<Directory "/var/www/cgi-bin">
SSLOptions +StdEnvVars
</Directory>
SetEnvIf User-Agent ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
CustomLog logs/ssl_request_log \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
# to run in dev mode
RailsEnv production
# Be sure to point to 'public'!
DocumentRoot /var/www/example/public
# define server details
ServerName example.com
#ServerAlias www.example.com
# rails needs the header for its own processing
RequestHeader set X_FORWARDED_PROTO 'https'
# this is just passing a proxy to a localhost server
# ProxyRequests Off
# ProxyPreserveHost On
# <Proxy *>
# Order deny,allow
# Allow from all
# </Proxy>
# ProxyPass/http://localhost/
# ProxyPassReverse/http://localhost/
#<Directory /var/www/html/blog>
# Options Indexes FollowSymLinks MultiViews
# AllowOverride All
# allow from all
# Require all granted
#</Directory>
</VirtualHost>
,您应该设置你的[WordPress博客正确](http://www.wpbeginner.com/ wp-tutorials/how-to-add-ssl-and-https-in-wordpress /),以便它使用HTTPs。我仍然可以在任何一天的WP堆垃圾上使用Radiant或Refinery。 – max
我认为,因为我不得不反向代理,并且还希望/博客指向WordPress安装,它不是那么简单。 WordPress提供的定制主题和插件在这些鲜为人知的引擎中并不容易获得。 –