在负载均衡器前面使用 Nginx 作为反向代理时,我遇到了重定向循环问题。我的设置如下:
域名:aarohisilks.com DNS:Cloudflare,指向我的代理服务器 IP 的记录,SSL 模式设置为“完全严格” 代理服务器(Nginx):终止 SSL,将流量转发到端口 80 上的负载均衡器 负载均衡器(Nginx):将流量分配到后端服务器
我的代理服务器内的代理配置
/etc/nginx/sites-available/reverse-proxy.conf
# Temporary configuration for ACME challenge
server {
listen 80;
server_name ~^.*$;
location /.well-known/acme-challenge/ {
root /var/www/html;
allow all;
}
location / {
return 404;
}
}
#Redirect HTTP to HTTPS for all domains
server {
listen 80;
server_name ~^.*$;
return 301 https://$host$request_uri;
}
# SSL configuration for proxy subdomain
server {
listen 443 ssl;
server_name gateway.enlivendesigners.com;
ssl_certificate /etc/letsencrypt/live/gateway.enlivendesigners.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/gateway.enlivendesigners.com/privkey.pem;
location / {
proxy_pass http://load_backend;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
# SSL configuration for staging subdomains
server {
listen 443 ssl;
server_name staging.aarohisilks.com;
ssl_certificate /etc/letsencrypt/live/staging.aarohisilks.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/staging.aarohisilks.com/privkey.pem;
location / {
proxy_pass http://staging_backend;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
# SSL configuration for production subdomains
server {
listen 443 ssl;
server_name aarohisilks.com;
ssl_certificate /etc/letsencrypt/live/aarohisilks.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/aarohisilks.com/privkey.pem;
location / {
proxy_pass http://load_backend;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
代理上游配置 /etc/nginx/conf.d/upstream.conf
upstream load_backend {
#server 194.163.168.18; # Prod1 server
server 148.135.73.76; #loadbalncer
}
upstream staging_backend {
server 81.0.218.72; # Staging server
}
负载均衡器配置(/etc/nginx/sites-available/load_balancer.conf
server {
listen 80;
server_name aarohisilks.com;
location / {
proxy_pass http://production_backend;
# ... (proxy headers)
}
}
负载均衡器上游配置(/etc/nginx/conf.d/upstream.conf)
upstream production_backend {
server 194.163.168.18;
server 194.163.166.206;
}
当我尝试访问我的网站时,出现错误“ERR_TOO_MANY_REDIRECTS。”或者无法完全加载。我怀疑这是由于以下原因导致的重定向循环造成的:
- 代理将所有 HTTP 流量重定向到 HTTPS。这会导致 Cloudflare 和代理之间不断出现重定向循环。
我已经验证后端服务器(194.163.168.18 和 194.163.166.206)运行正常。
另外,我仅将请求发送到没有任何负载均衡器的代理,我在上游配置中声明了我的服务器 IP。
在我的实时服务器(IP 为 194.163.168.18、194.163.166.206)中,我安装了 cyberpanel,并使用 cyberpanel 托管 wordpress 网站。没有负载平衡器,网站运行良好。
我是否应该对我的代理服务器、负载均衡器或 Cloudflare 设置进行任何潜在的配置更改?
所有端口均开放443,80,22
1
–
|