php - 无法从局域网上的 apache 访问 wp-admin - nginx rev 代理
问题描述
我被困住了。我在树莓派上运行 nginx 作为反向代理服务器。我有 xampp 作为我在 win svr 2019 上安装 wordpress 的 apache 服务器。我自托管两个站点。它们在 xampp/htdocs 中都有自己独立的安装文件夹。我无法访问 wp-admin(“抱歉,您无权访问此页面。”),并且在尝试加载站点时收到重定向错误。我已经从各个站点的论坛和指南中拼凑了我所能做的。我是新手,有任何建议或更好的指南来使我的配置正常工作,以及任何安全问题吗?
运行 Nginx 的树莓派
192.168.1.10
我的网站 - win srv 2019 上的 xampp - 单独的 wp 安装
192.168.1.11:80/site1
192.168.1.11:80/site2
/etc/nginx/ssl.conf - 所有 ssl 设置
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
ssl_certificate /etc/letsencrypt/live/mrcmrsn.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/mrcmrsn.com/privkey.pem;
ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
ssl_dhparam /etc/letsencrypt/live/mrcmrsn.com/dhparam.pem;
ssl_prefer_server_ciphers on;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;
ssl_session_tickets off;
ssl_stapling on;
ssl_stapling_verify on;
/etc/nginx/proxy-settings.conf - 所有代理设置
proxy_hide_header Origin;
proxy_hide_header Referer;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Real-IP $remote_addr;
/etc/nginx/servers.conf - 所有监听服务器 - 通过端口 9090 的 http - 通过端口 9443 的 ssl
server {
listen 9090;
listen [::]:9090;
server_name *.mydomain.com;
return 301 https://$host$request_uri;
}
server {
listen 9443 http2 ssl;
listen [::]:9443 http2 ssl;
include ssl.conf;
server_name site1.mydomain.com www.site1.mydomain.com;
location / {
include proxy-settings.conf;
proxy_pass http://192.168.1.11:80/site1/;
}
}
server {
listen 9443 http2 ssl;
listen [::]:9443 http2 ssl;
include ssl.conf;
server_name site2.mydomain.com www.site2.mydomain.com;
location / {
include proxy-settings.conf;
proxy_pass http://192.168.1.11:80/site2/;
}
}
/etc/nginx/nginx.conf
user www-data;
worker_processes auto;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;
events {
worker_connections 768;
# multi_accept on;
}
http {
##
# Basic Settings
##
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
server_tokens off;
server_names_hash_bucket_size 64;
# server_name_in_redirect off;
include /etc/nginx/mime.types;
default_type application/octet-stream;
##
# SSL Settings
##
##
# Logging Settings
##
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
##
# Gzip Settings
##
gzip on;
# gzip_vary on;
# gzip_proxied any;
# gzip_comp_level 6;
# gzip_buffers 16 8k;
# gzip_http_version 1.1;
# gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
##
# Virtual Host Configs
##
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}
#mail {
# # See sample authentication script at:
# # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript
#
# # auth_http localhost/auth.php;
# # pop3_capabilities "TOP" "USER";
# # imap_capabilities "IMAP4rev1" "UIDPLUS";
#
# server {
# listen localhost:110;
# protocol pop3;
# proxy on;
# }
#
# server {
# listen localhost:143;
# protocol imap;
# proxy on;
# }
#}
/xampp/htdocs/site1/wp-config.php - 添加以下行
if ( isset( $_SERVER['HTTP_X_FORWARDED_FOR'] ) ) {
$http_x_headers = explode( ',', $_SERVER['HTTP_X_FORWARDED_FOR'] );
$_SERVER['REMOTE_ADDR'] = $http_x_headers[0];
}
define('WP_HOME','https://192.168.1.11:80/site1/');
define('WP_SITEURL','https://192.168.1.11:80/site1/');
解决方案
推荐阅读
- javascript - 如何防止 GeolocateControl 缩小
- assembly - 将 ARM7 机器语言解码为 ARM 指令
- r - 将文本变量分配给r中的数字字段
- javascript - 最后一个 AsyncCallback 项目在 React Native 中消失
- c++ - 复制构造函数在委托期间调用默认构造函数而不是适当的构造函数
- electron - 如何将电子应用程序发布到 Windows 商店
- c - 在 C 中修改 AST 树并编译新的 AST 树
- python - Python对字典列表进行排序
- parsing - 将 SEC 10-K 年度报告文本保存到文件(解码问题)
- reactjs - 在 Fetch JSON 中反应原生 this.props