nginx 报400 bad request 解决方法
需求:要求域名强制使用https,从80端口跳转到443端口
bug出现版本:nginx 1.10.2以上版本
好多网上版本如下:
server {
listen 443 ssl;
server_name xxx.xxx.com;
root /data/wwwroot/web;
ssl on;
ssl_certificate /etc/nginx/certs/xxx.xxx.com/fullchain1.pem; #证书
ssl_certificate_key /etc/nginx/certs/xxx.xxx.com/privkey1.pem; #key
location / {
index index.html index.php;
if (!-e $request_filename) {
rewrite ^(.*)$ /index.php/$1 last;
break;
}
}
location ~ .+\.php($|/) {
include php-fpm.conf;
include fastcgi_params;
}
include expires.conf;
}
server {
listen 80;
server_name xxx.xxx.com;
rewrite ^/(.*) https://xxx.xxx.com/$1 permanent;
}
多次试验后发现,在某些特定的情况下,整个服务器会报出400 bad requst。
修改方法如下:
server {
listen 443 ssl;
server_name xxx.xxx.com;
root /data/wwwroot/web;
ssl_certificate /etc/nginx/certs/xxx.xxx.com/fullchain1.pem;
ssl_certificate_key /etc/nginx/certs/xxx.xxx.com/privkey1.pem;
location / {
index index.html index.php;
if (!-e $request_filename) {
rewrite ^(.*)$ /index.php/$1 last;
break;
}
}
location ~ .+\.php($|/) {
include php-fpm.conf;
include fastcgi_params;
}
include expires.conf;
}
server {
listen 80;
server_name xxx.xxx.com;
rewrite ^/(.*) https://xxx.xxx.com/$1 permanent;
}
去掉ssl on;
即可。