HTTPS funciona, o HTTP não

Question

HTTPS funciona, o HTTP não

#1 resposta do (0 votos)
#2 resposta do (0 votos)

2

Eu uso o NGINX 1.5.12 no Ubuntu 13.10 e o HTTPS funciona bem e as páginas são servidas (tanto no HHVM quanto no PHP5-FPM) tentando carregar o site no HTTP e o WGET retorna isso:

HTTP request sent, awaiting response... 200 No headers, assuming HTTP/0.9
Length: unspecified
Saving to: ‘index.html’

    [                                <=>    ] 44          --.-K/s   in 29s     

2014-04-05 11:55:37 (1.49 B/s) - ‘index.html’ saved [44]

e cURL retornam isso:

?d???? ???

enquanto executo o cURL no HTTPS eu recebo isto:

HTTP/1.1 200 OK
Server: nginx
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: HHVM/3.1.0-dev+2014.04.04

Minha configuração

nginx.conf

user www-data www-data;
pid /var/run/nginx.pid;
worker_rlimit_nofile 100000;

events {
    worker_connections  4096;
    multi_accept on;
}

http {
    default_type application/octet-stream;

    access_log off;
    error_log  /var/log/nginx/error.log crit;

    sendfile on;
    tcp_nopush on;

    keepalive_timeout 20;
    client_header_timeout 20;
    client_body_timeout 20;
    reset_timedout_connection on;
    send_timeout 20;

    types_hash_max_size 2048;

    gzip on;
    gzip_disable "msie6";
    gzip_proxied any;
    gzip_min_length 256;
    gzip_comp_level 4;
    gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript application/javascript text/x-js;

    server_names_hash_bucket_size 128;

    include mime.conf;
    charset UTF-8;

    open_file_cache max=100000 inactive=20s;
    open_file_cache_valid 30s;
    open_file_cache_min_uses 2;
    open_file_cache_errors on;

    server_tokens off;

    include proxy.conf;
    include fcgi.conf;

    include conf.d/*.conf;
    include /etc/nginx.custom.d/*.conf;
}

conf.d / example-com.conf

server {
    listen *:80;
    listen *:443 ssl;
    ssl_certificate /srv/example.com/example.com.unified.crt;
    ssl_certificate_key /srv/example.com/example.com.key;
    server_name example.com www.example.com;

    access_log /var/log/nginx/example-com.access.log;
    error_log /var/log/nginx/example-com.error.log;

    root /srv/example.com/root;
    index index.html index.htm index.php;

    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-RC4-SHA:ECDHE-RSA-RC4-SHA:ECDH-ECDSA-RC4-SHA:ECDH-RSA-RC4-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:RC4-SHA;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;



    location  / {

        try_files $uri $uri/ /index.php?$query_string;

    }


    location ~ \.php$ {

        gzip off;

fastcgi_keep_conn on;
fastcgi_pass   127.0.0.1:9000;
fastcgi_index  index.php;
fastcgi_param  SCRIPT_FILENAME $document_root$fastcgi_script_name;
include        fcgi.conf;


    }


    location ^~ \.(jpg|jpeg|gif|css|png|js|ico|html)$ {

        access_log off;



    }

}

Eu não entendo porque o HTTPS funciona e o HTTP não?

tentou alterar o aplicativo / octet-stream para text / html, mas não houve diferença alguma.

nginx

por Sam Pettersson 05.04.2014 / 12:03

2 respostas

Tags nginx

Disco rígido USB do servidor não listado em / dev, mas aparece em lsusb Bloquear pedidos com base no nome do host

score 0 · Answer 1

Eu tive o mesmo problema. Verifique sua diretiva de escuta para a porta 80. Ela não deve conter 'spdy' ou 'http2'

score 0 · Answer 2

divida seus blocos de servidor (embora seja válido, recomendado a ser usado blocos separados).

(supondo que você quer apenas SSL, caso contrário copie o conteúdo.)

301 para SSL

server {
        listen 80;
        listen [::]:80;
        location / {
                return 301 https://$host$request_uri;
        }
}

server {
        listen 443 ssl;
.....

dividir com a mesma configuração

server {
    listen *:80;
    server_name example.com www.example.com;

    access_log /var/log/nginx/example-com.access.log;
    error_log /var/log/nginx/example-com.error.log;

    root /srv/example.com/root;
    index index.html index.htm index.php;


    location  / {

        try_files $uri $uri/ /index.php?$query_string;

    }


    location ~ \.php$ {

        gzip off;

fastcgi_keep_conn on;
fastcgi_pass   127.0.0.1:9000;
fastcgi_index  index.php;
fastcgi_param  SCRIPT_FILENAME $document_root$fastcgi_script_name;
include        fcgi.conf;


    }


    location ^~ \.(jpg|jpeg|gif|css|png|js|ico|html)$ {

        access_log off;



    }

}
server {
    listen *:443 ssl;
    ssl_certificate /srv/example.com/example.com.unified.crt;
    ssl_certificate_key /srv/example.com/example.com.key;
    server_name example.com www.example.com;

    access_log /var/log/nginx/example-com.access.log;
    error_log /var/log/nginx/example-com.error.log;

    root /srv/example.com/root;
    index index.html index.htm index.php;

    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-RC4-SHA:ECDHE-RSA-RC4-SHA:ECDH-ECDSA-RC4-SHA:ECDH-RSA-RC4-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:RC4-SHA;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;



    location  / {

        try_files $uri $uri/ /index.php?$query_string;

    }


    location ~ \.php$ {

        gzip off;

fastcgi_keep_conn on;
fastcgi_pass   127.0.0.1:9000;
fastcgi_index  index.php;
fastcgi_param  SCRIPT_FILENAME $document_root$fastcgi_script_name;
include        fcgi.conf;


    }


    location ^~ \.(jpg|jpeg|gif|css|png|js|ico|html)$ {

        access_log off;



    }

}