Для новичков как вообще в Linux, так и в конкретной теме, к которой относится вопрос.
Модератор: Bizdelnick
Extrim25
Сообщения: 87
ОС: Windows / Ubuntu Server
Сообщение
Extrim25 » 22.05.2018 21:32
Доброго времени суток
Столкнулся с непонятным моментом nginx. Связка nginx + php7.0-fpm на debian 9. При просмотре access.log конкретного домена увидел там строки с запросами, которые должны быть в access.log от двух других доменов. Логирование в настройках каждого домена вызываю так:
Код: Выделить всё
access_log /var/log/nginx/domain.com.access.log;
error_log /var/log/nginx/domain.com.error.log warn;
Почему в данном случае может возникать подобное явление? Заранее благодарю.
Bizdelnick
Модератор
Сообщения: 20794
Статус: nulla salus bello
ОС: Debian GNU/Linux
Сообщение
Bizdelnick » 22.05.2018 22:13
Давайте больше конкретики. В идеале — конфиги соответствующих servers полностью и проблемные фрагменты логов.
Пишите правильно:
в консоли
вк у́пе (с чем-либо)
в о бщем
воо бще в течение (часа)
новичо к
ню анс
по у молчанию приемле мо
проблем а
пробо вать
траф ик
Extrim25
Сообщения: 87
ОС: Windows / Ubuntu Server
Сообщение
Extrim25 » 22.05.2018 22:52
В логах смущает следующее:
Код: Выделить всё
54.215.254.26 - - [22/May/2018:12:11:43 +0200] "GET / HTTP/1.1" 200 18121 "https://www.drugoidomen.ru/" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36"
и
Код: Выделить всё
62.141.105.203 - - [22/May/2018:12:22:09 +0200] "GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 HTTP/1.1" 200 4067 "https://domain.com/moda/svobodnyj-kroj-i-svobodnyj-siluet-stil-oversize-v-odezhde/" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.181 Safari/537.36"
62.141.105.203 - - [22/May/2018:12:22:09 +0200] "GET /wp-content/plugins/kk-star-ratings/js.min.js?ver=2.6.1 HTTP/1.1" 200 1394 "https://domain.com/moda/svobodnyj-kroj-i-svobodnyj-siluet-stil-oversize-v-odezhde/" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.181 Safari/537.36"
62.141.105.203 - - [22/May/2018:12:22:09 +0200] "GET /wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.7 HTTP/1.1" 200 18682 "https://domain.com/moda/svobodnyj-kroj-i-svobodnyj-siluet-stil-oversize-v-odezhde/" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.181 Safari/537.36"
62.141.105.203 - - [22/May/2018:12:22:09 +0200] "GET /wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=5.4.5 HTTP/1.1" 200 49883 "https://domain.com/moda/svobodnyj-kroj-i-svobodnyj-siluet-stil-oversize-v-odezhde/" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.181 Safari/537.36"
62.141.105.203 - - [22/May/2018:12:22:09 +0200] "GET /wp-content/themes/Newspaper/style.css?ver=8.7.2 HTTP/1.1" 200 137481 "https://domain.com/moda/svobodnyj-kroj-i-svobodnyj-siluet-stil-oversize-v-odezhde/" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.181 Safari/537.36"
Во втором варианте домен указан тот что должен, но урлы принадлежат другому домену, расположенному на этом же хосте.
nginx.conf:
Код: Выделить всё
user www-data;
worker_processes auto;
pid /run/nginx.pid;
events {
worker_connections 1024;
# multi_accept on;
use epoll;
multi_accept on;
}
http {
##
# Basic Settings
##
sendfile on;
sendfile_max_chunk 128k;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 200;
types_hash_max_size 2048;
client_max_body_size 200m;
server_tokens off;
reset_timedout_connection on;
client_header_timeout 3;
client_body_timeout 5;
send_timeout 3;
client_header_buffer_size 2k;
client_body_buffer_size 256k;
# server_names_hash_bucket_size 64;
# server_name_in_redirect off;
include /etc/nginx/mime.types;
default_type application/octet-stream;
##
# SSL Settings
##
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
ssl_prefer_server_ciphers on;
##
# Logging Settings
##
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
fastcgi_cache_path /etc/nginx-cache levels=1:2 keys_zone=phpcache:100m inactive=60m;
fastcgi_cache_key "$scheme$request_method$host$request_uri";
##
# Gzip Settings
##
gzip on;
gzip_disable "msie6";
gzip_vary on;
gzip_proxied any;
gzip_comp_level 4;
gzip_buffers 16 8k;
gzip_min_length 0;
gzip_http_version 1.1;
gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
##
# Virtual Host Configs
##
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}
#mail {
# # See sample authentication script at:
# # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript
#
# # auth_http localhost/auth.php;
# # pop3_capabilities "TOP" "USER";
# # imap_capabilities "IMAP4rev1" "UIDPLUS";
#
# server {
# listen localhost:110;
# protocol pop3;
# proxy on;
# }
#
# server {
# listen localhost:143;
# protocol imap;
# proxy on;
# }
#}
domain.com:
Код: Выделить всё
server {
server_name www.domain.com;
return 301 https://domain.com$request_uri;
}
server {
listen 80;
root /var/www/domain.com;
index index.php index.html index.htm;
server_name domain.com;
add_header Strict-Transport-Security max-age=15768000;
location / {
try_files $uri $uri/ /index.php?$args;
}
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php5-fpm-domain-com.sock;
fastcgi_index index.php;
fastcgi_buffers 16 16k;
fastcgi_buffer_size 32k;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
fastcgi_cache phpcache; # The name of the cache key-zone to use
fastcgi_cache_valid 200 30m; # What to cache: 'Code 200' responses, for half an hour
fastcgi_cache_methods GET HEAD; # What to cache: only GET and HEAD requests (not POST)
add_header X-Fastcgi-Cache $upstream_cache_status; # Add header so we can see if the cache hits or misses
}
location ~* \.(js|png|jpg|jpeg|gif|ico)$ {
expires 1y;
}
location ~* \.(css)$ {
expires 4w;
}
rewrite /wp-admin$ $scheme://$host$uri/ permanent;
access_log /var/log/nginx/domain.com.access.log;
error_log /var/log/nginx/domain.com.error.log warn;
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/domain.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/domain.com/privkey.pem; # managed by Certbot
ssl_session_cache shared:le_nginx_SSL:1m; # managed by Certbot
ssl_session_timeout 1440m; # managed by Certbot
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # managed by Certbot
ssl_prefer_server_ciphers on; # managed by Certbot
ssl_ciphers "ECDHE-ECDSA-AES128-GCM-SHA256 ECDHE-ECDSA-AES256-GCM-SHA384 ECDHE-ECDSA-AES128-SHA ECDHE-ECDSA-AES256-SHA ECDHE-ECDSA-AES128-SHA256 ECDHE-ECDSA ECDHE-RSA-AES128-SHA ECDHE-RSA-AES128-SHA256 ECDHE-RSA-AES256-SHA384 DHE-RSA-AES128-GCM-SHA256 DHE-RSA-AES256-GCM-SHA384 DHE-RSA-AES128-SHA DHE-RSA-AES256-SHA DHE-RSA-AES128-SHA256 DHE-RSA-AES256-SHA256 EDH-RSA-DES-CBC3-SHA"; # managed by Certbot
# Redirect non-https traffic to https
if ($scheme != "https") {
return 301 https://$host$request_uri;
} # managed by Certbot
}
Bizdelnick
Модератор
Сообщения: 20794
Статус: nulla salus bello
ОС: Debian GNU/Linux
Сообщение
Bizdelnick » 22.05.2018 23:11
А конфиг drugoidomen.com?
Пишите правильно:
в консоли
вк у́пе (с чем-либо)
в о бщем
воо бще в течение (часа)
новичо к
ню анс
по у молчанию приемле мо
проблем а
пробо вать
траф ик
Extrim25
Сообщения: 87
ОС: Windows / Ubuntu Server
Сообщение
Extrim25 » 22.05.2018 23:26
drugoidomen
Код: Выделить всё
server {
server_name www.drugoidomen.ru;
return 301 https://drugoidomen.ru$request_uri;
}
server {
listen 80;
root /var/www/drugoidomen.ru;
index index.php index.html index.htm;
server_name drugoidomen.ru;
location / {
try_files $uri $uri/ /index.php?$args;
}
rewrite /wp-admin$ $scheme://$host$uri/ permanent;
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php5-fpm-drugoidomen-ru.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
location ~* \.(js|png|jpg|jpeg|gif|ico)$ {
expires 1y;
}
# BEGIN iThemes Security - Не меняйте и не удаляйте эту строку
# iThemes Security Config Details: 2
# Включить черный список HackRepair.com - Безопасность > Настройки > Бан пользователей > Черный список по умолчанию
# Start HackRepair.com Blacklist
# Start Abuse Agent Blocking
if ($http_user_agent ~* "^Mozilla.*Indy"){return 403;}
if ($http_user_agent ~* "^Mozilla.*NEWT"){return 403;}
if ($http_user_agent ~* "^$"){return 403;}
if ($http_user_agent ~* "^Maxthon$"){return 403;}
if ($http_user_agent ~* "^SeaMonkey$"){return 403;}
if ($http_user_agent ~* "^Acunetix"){return 403;}
if ($http_user_agent ~* "^binlar"){return 403;}
if ($http_user_agent ~* "^BlackWidow"){return 403;}
if ($http_user_agent ~* "^Bolt 0"){return 403;}
if ($http_user_agent ~* "^BOT for JCE"){return 403;}
if ($http_user_agent ~* "^Bot mailto\:craftbot@yahoo\.com"){return 403;}
if ($http_user_agent ~* "^casper"){return 403;}
if ($http_user_agent ~* "^checkprivacy"){return 403;}
if ($http_user_agent ~* "^ChinaClaw"){return 403;}
if ($http_user_agent ~* "^clshttp"){return 403;}
if ($http_user_agent ~* "^cmsworldmap"){return 403;}
if ($http_user_agent ~* "^comodo"){return 403;}
if ($http_user_agent ~* "^Custo"){return 403;}
if ($http_user_agent ~* "^Default Browser 0"){return 403;}
if ($http_user_agent ~* "^diavol"){return 403;}
if ($http_user_agent ~* "^DIIbot"){return 403;}
if ($http_user_agent ~* "^DISCo"){return 403;}
if ($http_user_agent ~* "^dotbot"){return 403;}
if ($http_user_agent ~* "^Download Demon"){return 403;}
if ($http_user_agent ~* "^eCatch"){return 403;}
if ($http_user_agent ~* "^EirGrabber"){return 403;}
if ($http_user_agent ~* "^EmailCollector"){return 403;}
if ($http_user_agent ~* "^EmailSiphon"){return 403;}
if ($http_user_agent ~* "^EmailWolf"){return 403;}
if ($http_user_agent ~* "^Express WebPictures"){return 403;}
if ($http_user_agent ~* "^extract"){return 403;}
if ($http_user_agent ~* "^ExtractorPro"){return 403;}
if ($http_user_agent ~* "^EyeNetIE"){return 403;}
if ($http_user_agent ~* "^feedfinder"){return 403;}
if ($http_user_agent ~* "^FHscan"){return 403;}
if ($http_user_agent ~* "^FlashGet"){return 403;}
if ($http_user_agent ~* "^flicky"){return 403;}
if ($http_user_agent ~* "^g00g1e"){return 403;}
if ($http_user_agent ~* "^GetRight"){return 403;}
if ($http_user_agent ~* "^GetWeb\!"){return 403;}
if ($http_user_agent ~* "^Go\!Zilla"){return 403;}
if ($http_user_agent ~* "^Go\-Ahead\-Got\-It"){return 403;}
if ($http_user_agent ~* "^grab"){return 403;}
if ($http_user_agent ~* "^GrabNet"){return 403;}
if ($http_user_agent ~* "^Grafula"){return 403;}
if ($http_user_agent ~* "^harvest"){return 403;}
if ($http_user_agent ~* "^HMView"){return 403;}
if ($http_user_agent ~* "^Image Stripper"){return 403;}
if ($http_user_agent ~* "^Image Sucker"){return 403;}
if ($http_user_agent ~* "^InterGET"){return 403;}
if ($http_user_agent ~* "^Internet Ninja"){return 403;}
if ($http_user_agent ~* "^InternetSeer\.com"){return 403;}
if ($http_user_agent ~* "^jakarta"){return 403;}
if ($http_user_agent ~* "^Java"){return 403;}
if ($http_user_agent ~* "^JetCar"){return 403;}
if ($http_user_agent ~* "^JOC Web Spider"){return 403;}
if ($http_user_agent ~* "^kanagawa"){return 403;}
if ($http_user_agent ~* "^kmccrew"){return 403;}
if ($http_user_agent ~* "^larbin"){return 403;}
if ($http_user_agent ~* "^LeechFTP"){return 403;}
if ($http_user_agent ~* "^libwww"){return 403;}
if ($http_user_agent ~* "^Mass Downloader"){return 403;}
if ($http_user_agent ~* "^microsoft\.url"){return 403;}
if ($http_user_agent ~* "^MIDown tool"){return 403;}
if ($http_user_agent ~* "^miner"){return 403;}
if ($http_user_agent ~* "^Mister PiX"){return 403;}
if ($http_user_agent ~* "^MSFrontPage"){return 403;}
if ($http_user_agent ~* "^Navroad"){return 403;}
if ($http_user_agent ~* "^NearSite"){return 403;}
if ($http_user_agent ~* "^Net Vampire"){return 403;}
if ($http_user_agent ~* "^NetAnts"){return 403;}
if ($http_user_agent ~* "^NetSpider"){return 403;}
if ($http_user_agent ~* "^NetZIP"){return 403;}
if ($http_user_agent ~* "^nutch"){return 403;}
if ($http_user_agent ~* "^Octopus"){return 403;}
if ($http_user_agent ~* "^Offline Explorer"){return 403;}
if ($http_user_agent ~* "^Offline Navigator"){return 403;}
if ($http_user_agent ~* "^PageGrabber"){return 403;}
if ($http_user_agent ~* "^Papa Foto"){return 403;}
if ($http_user_agent ~* "^pavuk"){return 403;}
if ($http_user_agent ~* "^pcBrowser"){return 403;}
if ($http_user_agent ~* "^PeoplePal"){return 403;}
if ($http_user_agent ~* "^planetwork"){return 403;}
if ($http_user_agent ~* "^psbot"){return 403;}
if ($http_user_agent ~* "^purebot"){return 403;}
if ($http_user_agent ~* "^pycurl"){return 403;}
if ($http_user_agent ~* "^RealDownload"){return 403;}
if ($http_user_agent ~* "^ReGet"){return 403;}
if ($http_user_agent ~* "^Rippers 0"){return 403;}
if ($http_user_agent ~* "^sitecheck\.internetseer\.com"){return 403;}
if ($http_user_agent ~* "^SiteSnagger"){return 403;}
if ($http_user_agent ~* "^skygrid"){return 403;}
if ($http_user_agent ~* "^SmartDownload"){return 403;}
if ($http_user_agent ~* "^sucker"){return 403;}
if ($http_user_agent ~* "^SuperBot"){return 403;}
if ($http_user_agent ~* "^SuperHTTP"){return 403;}
if ($http_user_agent ~* "^Surfbot"){return 403;}
if ($http_user_agent ~* "^tAkeOut"){return 403;}
if ($http_user_agent ~* "^Teleport Pro"){return 403;}
if ($http_user_agent ~* "^Toata dragostea mea pentru diavola"){return 403;}
if ($http_user_agent ~* "^turnit"){return 403;}
if ($http_user_agent ~* "^vikspider"){return 403;}
if ($http_user_agent ~* "^VoidEYE"){return 403;}
if ($http_user_agent ~* "^Web Image Collector"){return 403;}
if ($http_user_agent ~* "^WebAuto"){return 403;}
if ($http_user_agent ~* "^WebBandit"){return 403;}
if ($http_user_agent ~* "^WebCopier"){return 403;}
if ($http_user_agent ~* "^WebFetch"){return 403;}
if ($http_user_agent ~* "^WebGo IS"){return 403;}
if ($http_user_agent ~* "^WebLeacher"){return 403;}
if ($http_user_agent ~* "^WebReaper"){return 403;}
if ($http_user_agent ~* "^WebSauger"){return 403;}
if ($http_user_agent ~* "^Website eXtractor"){return 403;}
if ($http_user_agent ~* "^Website Quester"){return 403;}
if ($http_user_agent ~* "^WebStripper"){return 403;}
if ($http_user_agent ~* "^WebWhacker"){return 403;}
if ($http_user_agent ~* "^WebZIP"){return 403;}
if ($http_user_agent ~* "^Widow"){return 403;}
if ($http_user_agent ~* "^WPScan"){return 403;}
if ($http_user_agent ~* "^WWW\-Mechanize"){return 403;}
if ($http_user_agent ~* "^WWWOFFLE"){return 403;}
if ($http_user_agent ~* "^Xaldon WebSpider"){return 403;}
if ($http_user_agent ~* "^Zeus"){return 403;}
if ($http_user_agent ~* "^zmeu"){return 403;}
if ($http_user_agent ~* "360Spider"){return 403;}
if ($http_user_agent ~* "AhrefsBot"){return 403;}
if ($http_user_agent ~* "CazoodleBot"){return 403;}
if ($http_user_agent ~* "discobot"){return 403;}
if ($http_user_agent ~* "EasouSpider"){return 403;}
if ($http_user_agent ~* "ecxi"){return 403;}
if ($http_user_agent ~* "GT\:\:WWW"){return 403;}
if ($http_user_agent ~* "heritrix"){return 403;}
if ($http_user_agent ~* "HTTP\:\:Lite"){return 403;}
if ($http_user_agent ~* "HTTrack"){return 403;}
if ($http_user_agent ~* "ia_archiver"){return 403;}
if ($http_user_agent ~* "id\-search"){return 403;}
if ($http_user_agent ~* "IDBot"){return 403;}
if ($http_user_agent ~* "Indy Library"){return 403;}
if ($http_user_agent ~* "IRLbot"){return 403;}
if ($http_user_agent ~* "ISC Systems iRc Search 2\.1"){return 403;}
if ($http_user_agent ~* "LinksCrawler"){return 403;}
if ($http_user_agent ~* "LinksManager\.com_bot"){return 403;}
if ($http_user_agent ~* "linkwalker"){return 403;}
if ($http_user_agent ~* "lwp\-trivial"){return 403;}
if ($http_user_agent ~* "MFC_Tear_Sample"){return 403;}
if ($http_user_agent ~* "Microsoft URL Control"){return 403;}
if ($http_user_agent ~* "Missigua Locator"){return 403;}
if ($http_user_agent ~* "MJ12bot"){return 403;}
if ($http_user_agent ~* "panscient\.com"){return 403;}
if ($http_user_agent ~* "PECL\:\:HTTP"){return 403;}
if ($http_user_agent ~* "PHPCrawl"){return 403;}
if ($http_user_agent ~* "PleaseCrawl"){return 403;}
if ($http_user_agent ~* "SBIder"){return 403;}
if ($http_user_agent ~* "SearchmetricsBot"){return 403;}
if ($http_user_agent ~* "SeznamBot"){return 403;}
if ($http_user_agent ~* "Snoopy"){return 403;}
if ($http_user_agent ~* "Steeler"){return 403;}
if ($http_user_agent ~* "URI\:\:Fetch"){return 403;}
if ($http_user_agent ~* "urllib"){return 403;}
if ($http_user_agent ~* "Web Sucker"){return 403;}
if ($http_user_agent ~* "webalta"){return 403;}
if ($http_user_agent ~* "WebCollage"){return 403;}
if ($http_user_agent ~* "Wells Search II"){return 403;}
if ($http_user_agent ~* "WEP Search"){return 403;}
if ($http_user_agent ~* "XoviBot"){return 403;}
if ($http_user_agent ~* "YisouSpider"){return 403;}
if ($http_user_agent ~* "zermelo"){return 403;}
if ($http_user_agent ~* "ZyBorg"){return 403;}
# End Abuse Agent Blocking
# Start Abuse HTTP Referrer Blocking
if ($http_referer ~* "^https?://(?:[^/]+\.)?semalt\.com"){return 403;}
if ($http_referer ~* "^https?://(?:[^/]+\.)?kambasoft\.com"){return 403;}
if ($http_referer ~* "^https?://(?:[^/]+\.)?savetubevideo\.com"){return 403;}
# End Abuse HTTP Referrer Blocking
# End HackRepair.com Blacklist, http://pastebin.com/u/hackrepair
# Спрятать бэкэнд - Безопасность > Настройки > Спрятать экран входа > Спрятать бэкэнд
rewrite ^(/)?loghrdie23/?$ /wp-login.php?$query_string break;
rewrite ^(/)?wp-register-php/?$ /loghereordie45?action=register break;
# END iThemes Security - Не меняйте и не удаляйте эту строку
access_log /var/log/nginx/drugoidomen.ru.access.log;
error_log /var/log/nginx/drugoidomen.ru.error.log warn;
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/drugoidomen.ru/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/drugoidomen.ru/privkey.pem; # managed by Certbot
ssl_session_cache shared:le_nginx_SSL:1m; # managed by Certbot
ssl_session_timeout 1440m; # managed by Certbot
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # managed by Certbot
ssl_prefer_server_ciphers on; # managed by Certbot
ssl_ciphers "ECDHE-ECDSA-AES128-GCM-SHA256 ECDHE-ECDSA-AES256-SHA ECDHE-ECDSA-AES128-SHA256 ECDHE-ECDSA-AES256-SHA384 ECDHE-RSA-AES128-GCM-SHA256 ECDHE-RSA-AES256-GCM-SHA384 ECDHE-RSA-AES128-SHA ECDHE-RSA-AES128-SHA256 ECDHE-RSA-AES256-SHA384 DHE-RSA-AES128-GCM-SHA256 DHE-RSA-AES256-GCM-SHA384 DHE-RSA-AES128-SHA DHE-RSA-AES256-SHA DHE-RSA-AES128-SHA256 DHE-RSA-AES256-SHA256 EDH-RSA-DES-CBC3-SHA"; # managed by Certbot
# Redirect non-https traffic to https
if ($scheme != "https") {
return 301 https://$host$request_uri;
} # managed by Certbot
}
Конфиг сайта, урлы которого проскакивают:
Код: Выделить всё
server {
server_name www.tretiydomen.ru;
return 301 https://tretiydomen.ru$request_uri;
}
server {
listen 80;
root /var/www/tretiydomen.ru;
index index.php index.html index.htm;
server_name tretiydomen.ru;
location / {
try_files $uri $uri/ /index.php?$args;
}
rewrite /wp-admin$ $scheme://$host$uri/ permanent;
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php5-fpm-tretiydomen-ru.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
rewrite ^/(/)?eximin20/?$ /wp-login.php break;
access_log /var/log/nginx/tretiydomen.ru.access.log;
error_log /var/log/nginx/tretiydomen.ru.error.log warn;
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/tretiydomen.ru/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/tretiydomen.ru/privkey.pem; # managed by Certbot
ssl_session_cache shared:le_nginx_SSL:1m; # managed by Certbot
ssl_session_timeout 1440m; # managed by Certbot
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # managed by Certbot
ssl_prefer_server_ciphers on; # managed by Certbot
ssl_ciphers "ECDHE-ECDSA-AES128-GCM-SHA256 ECDHE-ECDSA-AES256-GCM-SHA384 ECDHE-ECDSA-AES128-SHA ECDHE-ECDSA-AES256-SHA ECDHE-ECDSA-AES128-SHA256 ECDHE-ECDSA-AES256-SHA384 ECDHE-RSA-AES128-GCM-SHA256 ECDHE-RSA-AES256-GCM-SHA384 ECDHE-RSA-AES128-SHA ECDHE-RSA-AES128-SHA256 ECDHE-RSA-AES256-SHA384 DHE-RSA-AES128-GCM-SHA256 DHE-RSA-AES256-GCM-SHA384 DHE-RSA-AES128-SHA DHE-RSA-AES256-SHA DHE-RSA-AES128-SHA256"; # managed by Certbot
# Redirect non-https traffic to https
if ($scheme != "https") {
return 301 https://$host$request_uri;
} # managed by Certbot
}
Bizdelnick
Модератор
Сообщения: 20794
Статус: nulla salus bello
ОС: Debian GNU/Linux
Сообщение
Bizdelnick » 22.05.2018 23:50
В порядке бреда — у клиента может отсутствовать или быть некорректным SNI (например для обхода блокировок), поэтому все запросы попадают на дефолтный сервер. Но странно, что в таком случае статус 200, должна бы быть ошибка.
Пишите правильно:
в консоли
вк у́пе (с чем-либо)
в о бщем
воо бще в течение (часа)
новичо к
ню анс
по у молчанию приемле мо
проблем а
пробо вать
траф ик