我很困。将不胜感激一些帮助。
AWS EC2 Ubuntu 上的两个网站(wordpress 和另一个 php 工具)
18.04 实例运行 LAMP 堆栈。
我的目的是实现:
http://www.example.com http://example.com https://www.example.com 至:
https://example.com .和
http://app.example.com 至:
https://app.example.com .我已经配置了虚拟主机并按预期工作,然后我通过letsencrypt创建了https证书,该证书设置了HTTP到HTTPS的重定向......但是......出了点问题:
HTTP全部重定向到HTTPS。
https://app.example.com解析到预期的网站 - website1。https://example.com不解析到 website2 - 它解析到 website1 - 注意它没有重定向到 app.但在 https://example.com 上显示 website1 .我有两个虚拟主机配置文件,每个站点一个。两者都包含每个站点 80 和 443 配置,它们在下面。
SSL 证书的通用名称为 example.com,并列出了
app.example.com 的替代名称, www.example.com和 example.com .DNS 有 example.com
A到服务器 IP,www.和 app.是 CNAME至example.com .app.example.com.conf - 网站 1
<VirtualHost *:80>
ServerAdmin jimmy@example.com
DocumentRoot /var/www/website1/
ServerName example.com
ServerAlias app.example.com
<Directory /var/www/website1/>
Options FollowSymlinks
AllowOverride All
Require all granted
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
RewriteEngine on
RewriteCond %{SERVER_NAME} =app.example.com [OR]
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerAdmin jimmy@example.com
DocumentRoot /var/www/website1
ServerName example.com
ServerAlias app.example.com
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
<Directory /var/www/website1/>
Options FollowSymlinks
AllowOverride All
Require all granted
</Directory>
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/example.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/example.com/privkey.pem
</VirtualHost>
</IfModule>
example.com.conf - 网站 2
<VirtualHost *:80>
ServerAdmin jim@example.com
ServerName example.com
ServerAlias example.com
DocumentRoot /var/www/website2
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
<Directory /var/www/website2/>
AllowOverride All
</Directory>
RewriteEngine on
RewriteCond %{SERVER_NAME} =example.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
<VirtualHost *:80>
ServerAdmin jim@example.com
ServerName example.com
ServerAlias www.example.com
DocumentRoot /var/www/website2
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
<Directory /var/www/website2/>
AllowOverride All
</Directory>
RewriteEngine on
RewriteCond %{SERVER_NAME} =www.example.com [OR]
RewriteCond %{SERVER_NAME} =example.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerAdmin jim@example.com
ServerName example.com
ServerAlias example.com
DocumentRoot /var/www/website2
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
<Directory /var/www/website2/>
AllowOverride All
</Directory>
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/example.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/example.com/privkey.pem
</VirtualHost>
</IfModule>
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerAdmin jim@example.com
ServerName example.com
ServerAlias www.example.com
DocumentRoot /var/www/website2
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
<Directory /var/www/website2/>
AllowOverride All
</Directory>
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/example.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/example.com/privkey.pem
</VirtualHost>
</IfModule>
我非常感谢任何帮助、建议和任何其他想法!
最佳答案
https://example.comdoesn't resolve to website2 - it resolves to website1 - note it's not redirecting to app. but showing website1 onhttps://example.com
是的,因为您所有的虚拟主机都定义了
example.com作为 ServerName我希望 website1 首先出现在配置中。对于 app.example.com.conf (网站1)你应该设置
ServerName app.example.com并删除 ServerAlias完全针对 vhost:80 和 vhost:443 容器的指令。vhost:80 容器中的 HTTP 到 HTTPS 重定向:
RewriteEngine on RewriteCond %{SERVER_NAME} =app.example.com [OR] RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
可以简化为单个 mod_alias
Redirect指示:Redirect 301 / https://app.example.com/
对于 example.com.conf (网站 2)您复制了 vhost:80 和 vhost:443 容器并定义了相同的
ServerName example.com在每个 - 这是一个错误。完全有可能拥有 4 个这样的容器(并使用 mod_alias Redirect 指令),但您需要唯一的 ServerName每个 vHost 的指令并减少重复。从您的角度来看,最简单的方法可能只是删除第二个(重复的) vhost:80 和 vhost:443 容器,并在保留的 vhost:80 和 vhost:443 容器中设置以下内容。
ServerName example.com
ServerAlias www.example.com
I then created the https cert through letsencrypt which setup the HTTP to HTTPS redirects
使用 LetsEncrypt 创建 SSL 证书不应该“设置 HTTP 到 HTTPS 重定向”?
关于Apache 虚拟主机根、www 和子域设置,包括 http 到 https,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/59849656/