django - 带有 Gunicorn 的 Nginx 反向代理对站点名称的处理方式不同
问题描述
我们有一个使用 Nginx 和 Gunicorn 反向代理设置在生产环境中服务的 Django 项目。除了一个小细节外,一切似乎都有效。不知何故,浏览器将以下地址“视为”不同的会话。
example.com
假设我使用该地址登录该站点。然后,如果我访问https://www.example.com
,浏览器看不到用户已经登录。
当我访问时www.example.com
,我在 Nginx 的浏览器中收到 404 错误。
我怀疑这与 Nginx 或 Gunicorn 的设置方式有关。感谢您提供有关如何解决此差异的任何帮助。
Nginx 配置:
server {
root /home/example/mysite;
# Add index.php to the list if you are using PHP
index index.html index.htm;
server_name example.com www.example.com;
client_max_body_size 512M;
location /static/ {
alias /home/example/mysite/static/;
expires 30d;
add_header Vary Accept-Encoding;
access_log off;
}
location /media {
alias /home/example/mysite/media/;
expires 30d;
add_header Vary Accept-Encoding;
access_log off;
}
location / {
# try_files $uri $uri/ =404;
proxy_pass http://127.0.0.1:8080;
proxy_set_header Host $server_name;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Protocol $scheme;
proxy_connect_timeout 6000;
proxy_send_timeout 6000;
proxy_read_timeout 6000;
send_timeout 6000;
}
listen [::]:443 ssl ipv6only=on; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /home/ubuntu/ssl/example_com_chain.crt;
ssl_certificate_key /home/ubuntu/ssl/server.key;
#include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
#ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = example.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80 default_server;
listen [::]:80 default_server;
server_name example.com www.example.com;
return 404; # managed by Certbot
}
解决方案
重定向
http://www.example.com
http://example.com
https://www.example.com
到
https://example.com
您需要nginx vhost
像这样在配置文件中进行更改:
# Resirect 'http www' and 'http non-www' traffic to 'https non-www'
server {
listen 80;
server_name example.com www.example.com;
return 301 https://example.com$request_uri;
}
# Resirect 'https www' traffic to 'https non-www'
server {
listen 443 ssl;
server_name www.example.com;
return 301 https://example.com$request_uri;
}
# https://example.com
server {
listen [::]:443 ssl ipv6only=on; # managed by Certbot
listen 443 ssl; # managed by Certbot
server_name example.com;
root /home/example/mysite;
# Add index.php to the list if you are using PHP
index index.html index.htm;
client_max_body_size 512M;
location /static/ {
alias /home/example/mysite/static/;
expires 30d;
add_header Vary Accept-Encoding;
access_log off;
}
location /media {
alias /home/example/mysite/media/;
expires 30d;
add_header Vary Accept-Encoding;
access_log off;
}
location / {
# try_files $uri $uri/ =404;
proxy_pass http://127.0.0.1:8080; # HERE review this line it should be the server IP not localhost
proxy_set_header Host $server_name;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Protocol $scheme;
proxy_connect_timeout 6000;
proxy_send_timeout 6000;
proxy_read_timeout 6000;
send_timeout 6000;
}
ssl_certificate /home/ubuntu/ssl/example_com_chain.crt;
ssl_certificate_key /home/ubuntu/ssl/server.key;
# include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
# ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
该线程可能会帮助您https://www.digitalocean.com/community/questions/redirecting-https-www-domain-to-non-www-domain-with-nginx(我的答案基于)
在你的settings.py
:
ALLOWED_HOSTS = [
'example.com', # https non-www
]
# SESSION_COOKIE_SECURE = True
# CSRF_COOKIE_SECURE = True
有关更多详细信息,请参阅
推荐阅读
- ios - react native iOS add firebase with pod遇到404错误
- python - PyInstaller 和 IBM_DB,找不到 DLL
- android - 关于单击 listView 中的按钮的指示
- php - 循环数组更新mysql表
- memory - 展平设备树中内存映射声明的含义
- react-native - 尝试在 React Native 中使用 Three.js 加载 obj 和 mtl 文件
- github - 为什么我不能再通过 `svn:external` 获取 Github 存储库?
- python - 使用 ctypes 时 Dll 函数的名称错误
- node.js - node.js 中的工作池与 libuv 的线程池
- css - 相对于徽标图像的大小和垂直中心导航栏项目