Problems caused by nginx optimal configuration priority #6125
Open
Description
location /.well-known/acme-challenge/ {
default_type "text/plain; charset=utf-8";
root /www/wwwroot/java_node_ssl;
try_files $uri =404;
}
Use webroot to manually configure the above configuration, which can be successful.
But when you use --nginx, you will find that one challege fails, and the route of that challege never takes effect, reporting 404. The result of the investigation is that my site uses the Pagoda reverse proxy, and nginx has a higher priority configuration. What causes constant access is the proxy.
error config:
location ^~ / {
proxy_pass http://127.0.0.1:8081;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Real-Port $remote_port;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header REMOTE-HOST $remote_addr;
proxy_connect_timeout 60s;
proxy_send_timeout 600s;
proxy_read_timeout 600s;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
}
#PROXY-CONF-END
modified config:
location / {
proxy_pass http://127.0.0.1:8081;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Real-Port $remote_port;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header REMOTE-HOST $remote_addr;
proxy_connect_timeout 60s;
proxy_send_timeout 600s;
proxy_read_timeout 600s;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
}
#PROXY-CONF-END
In this way, the priority of the challege route will be higher.
Metadata
Assignees
Labels
No labels