logo标签列表

使用Nginx配置子域名时,如何实现子域名网站与根域名网站不同的功能?

nginxsubdomain
3

我在sites-available中有以下配置(并有一个符号链接进行启用):

#subdomain site
server {
    listen 443 ssl http2;
    server_name dokuwiki.[censored].org;

    root /var/www/html/dokuwiki;
    index index.php index.html;

    include /etc/nginx/templates/ssl.tmpl;
    location / {
        try_files $uri $uri/ @dokuwiki;
    }

    location @dokuwiki {
        rewrite ^/_media/(.*) /lib/exe/fetch.php?media=$1 last;
        rewrite ^/_detail/(.*) /lib/exe/detail.php?media=$1 last;
        rewrite ^/_export/([^/]+)/(.*) /doku.php?do=export_$1&id=$2 last;
        rewrite ^/(.*) /doku.php?id=$1&$args last;
    }

    location ~ \.php$ {
        # Caution: be sure the php7.2-fpm.sock matches your version
        include snippets/fastcgi-php.conf;
        fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        include fastcgi_params;
    }
    location ~ /(data|conf|bin|inc|vendor)/ {
      deny all;
    }
}

我希望将不同的站点放置在网站根目录下:
#root site
server {
    listen 80;
    server_name [censored].org;

    root /var/www/html/site;
    index index.html;
}

当前根站点只是一个虚拟的站点。当我尝试加载它时,浏览器会尝试加载子域站点,但会发出警告,因为SSL证书(已设置为子域)不匹配。

显然我做错了什么,但是是什么呢?

嗨,也许这个配置可能会引起您的兴趣 https://serverfault.com/questions/655483/nginx-ssl-certificate-served-for-all-server-name-resolving-the-server-ip - jspcal
1个回答
0

尝试将配置缩小到没有SSL的最小配置,确保首先针对2个域名正常工作:

server {
  listen 80;
  server_name example.com;
  return 200 "example.com";
}

server {
  listen 80;
  server_name 1.example.com;
  return 200 "1.example.com";
}


$ curl http://example.com/
example.com

$ curl http://1.example.com/
1.example.com

接着,将 SSL 添加到 HTTPs 端点以确保其正常工作:

server {
  listen 443 ssl http2;
  ssl_certificate     example.com.crt;
  ssl_certificate_key example.com.key;

  server_name example.com;
  return 200 "example.com";
}


$ curl https://example.com/
example.com
太棒了。这个练习揭示了我的无知,即我不知道需要明确禁止其他除我定义的子域之外的子域。把整个东西拆开让我看到了这一点。谢谢! - riserperson
网页内容由stack overflow 提供, 点击上面的
可以查看英文原文,
原文链接