我很困。将不胜感激一些帮助。
AWS EC2 Ubuntu 上的两个网站(wordpress 和另一个 php 工具)
18.04 实例运行 LAMP 堆栈。
我的目的是实现:
http://www.example.com
http://example.com
https://www.example.com
至:
https://example.com
.和
http://app.example.com
至:
https://app.example.com
.我已经配置了虚拟主机并按预期工作,然后我通过letsencrypt创建了https证书,该证书设置了HTTP到HTTPS的重定向......但是......出了点问题:
HTTP全部重定向到HTTPS。
https://app.example.com
解析到预期的网站 - website1。https://example.com
不解析到 website2 - 它解析到 website1 - 注意它没有重定向到 app.但在 https://example.com
上显示 website1 .我有两个虚拟主机配置文件,每个站点一个。两者都包含每个站点 80 和 443 配置,它们在下面。
SSL 证书的通用名称为 example.com,并列出了
app.example.com
的替代名称, www.example.com
和 example.com
.DNS 有 example.com
A
到服务器 IP,www.
和 app.
是 CNAME
至example.com
.app.example.com.conf - 网站 1
<VirtualHost *:80>
ServerAdmin jimmy@example.com
DocumentRoot /var/www/website1/
ServerName example.com
ServerAlias app.example.com
<Directory /var/www/website1/>
Options FollowSymlinks
AllowOverride All
Require all granted
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
RewriteEngine on
RewriteCond %{SERVER_NAME} =app.example.com [OR]
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerAdmin jimmy@example.com
DocumentRoot /var/www/website1
ServerName example.com
ServerAlias app.example.com
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
<Directory /var/www/website1/>
Options FollowSymlinks
AllowOverride All
Require all granted
</Directory>
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/example.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/example.com/privkey.pem
</VirtualHost>
</IfModule>
example.com.conf - 网站 2
<VirtualHost *:80>
ServerAdmin jim@example.com
ServerName example.com
ServerAlias example.com
DocumentRoot /var/www/website2
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
<Directory /var/www/website2/>
AllowOverride All
</Directory>
RewriteEngine on
RewriteCond %{SERVER_NAME} =example.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
<VirtualHost *:80>
ServerAdmin jim@example.com
ServerName example.com
ServerAlias www.example.com
DocumentRoot /var/www/website2
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
<Directory /var/www/website2/>
AllowOverride All
</Directory>
RewriteEngine on
RewriteCond %{SERVER_NAME} =www.example.com [OR]
RewriteCond %{SERVER_NAME} =example.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerAdmin jim@example.com
ServerName example.com
ServerAlias example.com
DocumentRoot /var/www/website2
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
<Directory /var/www/website2/>
AllowOverride All
</Directory>
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/example.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/example.com/privkey.pem
</VirtualHost>
</IfModule>
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerAdmin jim@example.com
ServerName example.com
ServerAlias www.example.com
DocumentRoot /var/www/website2
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
<Directory /var/www/website2/>
AllowOverride All
</Directory>
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/example.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/example.com/privkey.pem
</VirtualHost>
</IfModule>
我非常感谢任何帮助、建议和任何其他想法!
最佳答案
https://example.com
doesn't resolve to website2 - it resolves to website1 - note it's not redirecting to app. but showing website1 onhttps://example.com
是的,因为您所有的虚拟主机都定义了
example.com
作为 ServerName
我希望 website1 首先出现在配置中。对于 app.example.com.conf (网站1)你应该设置
ServerName app.example.com
并删除 ServerAlias
完全针对 vhost:80 和 vhost:443 容器的指令。vhost:80 容器中的 HTTP 到 HTTPS 重定向:
RewriteEngine on RewriteCond %{SERVER_NAME} =app.example.com [OR] RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
可以简化为单个 mod_alias
Redirect
指示:Redirect 301 / https://app.example.com/
对于 example.com.conf (网站 2)您复制了 vhost:80 和 vhost:443 容器并定义了相同的
ServerName example.com
在每个 - 这是一个错误。完全有可能拥有 4 个这样的容器(并使用 mod_alias Redirect
指令),但您需要唯一的 ServerName
每个 vHost 的指令并减少重复。从您的角度来看,最简单的方法可能只是删除第二个(重复的) vhost:80 和 vhost:443 容器,并在保留的 vhost:80 和 vhost:443 容器中设置以下内容。
ServerName example.com
ServerAlias www.example.com
I then created the https cert through letsencrypt which setup the HTTP to HTTPS redirects
使用 LetsEncrypt 创建 SSL 证书不应该“设置 HTTP 到 HTTPS 重定向”?
关于Apache 虚拟主机根、www 和子域设置,包括 http 到 https,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/59849656/