ПРОЕКТЫ 


  АРХИВ 


Apache-Talk @lexa.ru 

Inet-Admins @info.east.ru 

Filmscanners @halftone.co.uk 

Security-alerts @yandex-team.ru 

nginx-ru @sysoev.ru 


  СТАТЬИ 


  ПЕРСОНАЛЬНОЕ 


  ПРОГРАММЫ 



ПИШИТЕ
ПИСЬМА












     АРХИВ :: nginx-ru
Nginx-ru mailing list archive (nginx-ru@sysoev.ru)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: проблемы с конфигурацие й HTTPS - 404, 502



On Mon, Jun 14, 2010 at 03:14:03AM -0400, dedo wrote:

> привет всем!
> У меня проблемы с конфигурацией HTTPS,
> я знаю, что есть много документов, я все пересмотрел и использую дефолтный 
> конфиг, все работает по хттп, хттпс не пашет,
> Я просто хочу понять, это проблема в Nginx или что-то еще ...или просто нада 
> выспаться....

Конфигурация потрясает. Начиная с вот такого форматирования

          location /lib/ {
     allow 127.0.0.1/32;
     deny all;
}

и кончая всей логикой работы.
Где этот конфиг используется как _дефолтный_ ?

> пожалуйста, ребята, просто посмотрите на мой конфиг и некоторые ошибки из 
> лога.
> 
> где копать?
> я не могу запустить магазин без шифровки :)
> 
> 
> спасибо.
> 
> [code]
> user          nginx;
> worker_processes  1;
> error_log         /var/log/nginx/error.log;
> pid               /var/run/nginx.pid;
> 
> events {
>     worker_connections  1024;
> }
> 
> http {
>     include       /etc/nginx/mime.types;
>     default_type  application/octet-stream;
> 
>     log_format  main  '$remote_addr - $remote_user [$time_local] $request '
>                       '"$status" $body_bytes_sent "$http_referer" '
>                       '"$http_user_agent" "$http_x_forwarded_for"';
> 
>     access_log  /var/log/nginx/access.log  main;
>     sendfile        on;
>     keepalive_timeout  65;
> 
>     # fastcgi nodes
>     upstream  backend  {
>         server unix:/tmp/fcgi.sock;
>     }
> 
> 
> 
>    server {
>         listen       80;
>         server_name  domain.com www.domain.com;
>         root   /var/www/html;
>         autoindex off;
> 
>         gzip on; # use gzip compression
>         gzip_proxied any; # enable proxy for the fcgi requests
>         gzip_types text/plain text/html text/css text/javascript;
> 
>         # protection (we have no .htaccess)
>         location ~ 
> (/(app/|includes/|/pkginfo/|var/|report/config.xml)|/\.svn/|/.hta.+) {
>             deny all;
>         }
>           location /lib/ {
>     allow 127.0.0.1/32;
>     deny all;
> }
> 
> 
> 
> 
>         # handle all .php files, /downloader and /report
>         location ~ (\.php|/downloader/?|/report/?)$ {
>             if ($request_uri ~ /(downloader|report)$){ # no trailing /, 
> redirecting
>                 rewrite  ^(.*)$ $1/ permanent;
>             }
>             fastcgi_index index.php;
>             include /etc/nginx/fastcgi_params;
>             fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
>             if (-e $request_filename) { # check if requested path exists
>                 fastcgi_pass backend;
>             }
> 
>         }
> 
>         # handle
>         location /
>         {
>             # set expire headers
>             if ($request_uri ~* "\.(ico|css|js|gif|jpe?g|png)$") {
>                 expires max;
>             }
>             # set fastcgi settings, not allowed in the "if" block
>             include /etc/nginx/fastcgi_params;
>             fastcgi_param SCRIPT_FILENAME $document_root/index.php;
>             fastcgi_param SCRIPT_NAME /index.php;
>             # rewrite - if file not found, pass it to the backend
>             if (!-f $request_filename) {
>                 fastcgi_pass backend;
>                 break;
>             }
>  }
> 
>     }
> 
>   server {
>         listen     443;
>         server_name  domain.com www.domain.com;
> 
>          access_log  /var/log/nginx/access.log  main;
>         error_log         /var/log/nginx/error.log;
> 
>         ssl                  on;
>         ssl_certificate      /etc/nginx/cert/mysuper-bundle.crt;
>         ssl_certificate_key  /etc/nginx/cert/myserver.key;
> 
>         ssl_session_timeout  5m;
> 
>         ssl_protocols   SSLv3 TLSv1;
>         ssl_ciphers  AES256-SHA:AES128-SHA:DES-CBC3-SHA:RC4-SHA:RC4-MD5;
>         ssl_prefer_server_ciphers   on;
> 
>         keepalive_timeout 70;
>         add_header Front-End-Https on;
> 
>         root /var/www/html;
>         index  index.html index.htm index.php index.xml;
> 
>         location ~ \.php$ {
>           root   /var/www/html;
>           fastcgi_index index.php;
>           fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
>           fastcgi_param HTTPS on;
>           include /etc/nginx/fastcgi_params;
>     }
> }
> 
> }
> [/code]
> 
> 
> 
> [code]
> 2010/06/12 13:14:06 [error] 20335#0: *1 open() 
> "/var/www/html/index.php/customer/account" failed (20: Not a directory), 
> client: 84.52.48.xxx, server: domain.com, request: "GET 
> /index.php/customer/account HTTP/1.1", host: "www.domain.com"
> 
> 2010/06/12 13:14:08 [error] 20335#0: *1 open() 
> "/var/www/html/index.php/customer/account" failed (20: Not a directory), 
> client: 84.52.48.xxx, server: domain.com, request: "GET 
> /index.php/customer/account HTTP/1.1", host: "www.domain.com"
> 
> 2010/06/12 13:15:06 [error] 20335#0: *1 open() 
> "/var/www/html/index.php/customer/account" failed (20: Not a directory), 
> client: 84.52.48.xxx, server: domain.com, request: "GET 
> /index.php/customer/account HTTP/1.1", host: "www.domain.com"
> 
> 2010/06/12 13:17:19 [error] 20335#0: *14 
> "/var/www/html/index.php/customer/account/login/index.html" is not found (20: 
> Not a di
> [/code]
> 
> Posted at Nginx Forum: 
> http://forum.nginx.org/read.php?21,97892,97892#msg-97892
> 
> 
> _______________________________________________
> nginx-ru mailing list
> nginx-ru@xxxxxxxxx
> http://nginx.org/mailman/listinfo/nginx-ru

-- 
Игорь Сысоев
http://sysoev.ru

_______________________________________________
nginx-ru mailing list
nginx-ru@xxxxxxxxx
http://nginx.org/mailman/listinfo/nginx-ru


 




Copyright © Lexa Software, 1996-2009.