我已经使用Nginx,Php-Fpm和APC设置了我的新服务器。我也使用外部清漆缓存和MySQL数据库。
由于我正在使用该设置,我的一个扩展程序停止工作。如果我尝试在后端访问它,Magento会将我退出,我将被重定向到magento admin登录。
这是我的Nginx conf:
1。)nginx.conf
user nginx;
worker_processes 1;
error_log /var/log/nginx/error.log;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request "'
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
autoindex off;
map $scheme $fastcgi_https { ## Detect when HTTPS is used
default off;
https on;
}
keepalive_timeout 10;
gzip on;
gzip_comp_level 2;
gzip_proxied any;
gzip_types text/plain text/html text/css application/x-javascript text/xml application/xml application/xml+rss text/javascript;
# Load config files from the /etc/nginx/conf.d directory
include /etc/nginx/conf.d/*.conf;
2。)domain.conf
server {
listen 8080;
server_name domain.de;
rewrite / $scheme://www.$host$request_uri permanent; ## Forcibly prepend a www
}
server {
listen 8080 default;
# SSL directives might go here
server_name www.domain.de *.domain.de; ## Domain is here twice so server_name_in_redirect will favour the www
root /var/www/html;
location / {
index index.html index.php; ## Allow a static html file to be shown first
try_files $uri $uri/ @handler; ## If missing pass the URI to Magento's front handler
expires 30d; ## Assume all files are cachable
}
## These locations would be hidden by .htaccess normally
# location ^~ /app/ { deny all; }
# location ^~ /includes/ { deny all; }
# location ^~ /lib/ { deny all; }
# location ^~ /media/downloadable/ { deny all; }
# location ^~ /pkginfo/ { deny all; }
# location ^~ /report/config.xml { deny all; }
# location ^~ /var/ { deny all; }
location /var/export/ { ## Allow admins only to view export folder
auth_basic "Restricted"; ## Message shown in login window
auth_basic_user_file htpasswd; ## See /etc/nginx/htpassword
autoindex on;
}
location /. { ## Disable .htaccess and other hidden files
return 404;
}
location @handler { ## Magento uses a common front handler
rewrite / /index.php;
}
location ~ .php/ { ## Forward paths like /js/index.php/x.js to relevant handler
rewrite ^(.*.php)/ $1 last;
}
location ~ .php$ { ## Execute PHP scripts
if (!-e $request_filename) { rewrite / /index.php last; } ## Catch 404s that try_files miss
expires off; ## Do not cache dynamic content
fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
fastcgi_param HTTPS $fastcgi_https;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param MAGE_RUN_CODE default;
fastcgi_param MAGE_RUN_TYPE store;
include fastcgi_params; ## See /etc/nginx/fastcgi_params
}
}
nginx错误日志告诉我:
2013/05/27 21:07:01 [错误] 18489#0:* 4禁止访问规则,客户端:54.xxx.x.xx,服务器:www.domain.de,请求:“POST / app / etc / local.xml HTTP / 1.1“,主持人:”www.domain.de“
对我来说,我限制了某处的访问权限。我已经改变了这个:
## These locations would be hidden by .htaccess normally
# location ^~ /app/ { deny all; }
# location ^~ /includes/ { deny all; }
# location ^~ /lib/ { deny all; }
# location ^~ /media/downloadable/ { deny all; }
# location ^~ /pkginfo/ { deny all; }
# location ^~ /report/config.xml { deny all; }
# location ^~ /var/ { deny all; }
我正在打破这个问题。有人给我一个小费的地方吗?
提前致谢!
编辑1:
在某个地方似乎有混淆。如果我删除listen:8080;有用! Varnish Server(on:80)每两次尝试进入页面就会发出错误消息(设置为ELB - Varnish - Nginx,通常),但基本上我可以访问扩展名。 Varnish有可能以某种方式重定向吗?
这是default.vcl
#
backend default {
.host = "xx.xxx.xxx.xx";
.port = "8080"; # We will then configure apache to listen to port 8080
}
acl trusted {
"127.0.0.1";
"127.0.1.1";
"xx.xxx.xxx.xx";
# Add other ips that are allowed to purge cache
}
#
# http://www.varnish-cache.org/docs/2.1/tutorial/vcl.html#vcl-recv
# @param req Request object
sub vcl_recv {
if (req.http.x-forwarded-for) {
set req.http.X-Forwarded-For = req.http.X-Forwarded-For+","+client.ip;
}
else {
set req.http.X-Forwarded-For = client.ip;
}
if (req.request == "PURGE") {
# Allow requests from trusted IPs to purge the cache
if (!client.ip ~ trusted) {
error 405 "Not allowed.";
}
ban("req.url ~ " + req.url);
error 200 "Ok"; #We don't go to backend
#return(lookup); # @see vcl_hit
}
if (req.request != "GET" &&
req.request != "HEAD" &&
req.request != "PUT" &&
req.request != "POST" &&
req.request != "TRACE" &&
req.request != "OPTIONS" &&
req.request != "DELETE") {
/* Non-RFC2616 or CONNECT which is weird. */
return (pipe);
}
# Cache only GET or HEAD requests
if (req.request != "GET" && req.request != "HEAD") {
/* We only deal with GET and HEAD by default */
return (pass);
}
# parse accept encoding rulesets to normalize
if (req.http.Accept-Encoding) {
if (req.http.Accept-Encoding ~ "gzip") {
set req.http.Accept-Encoding = "gzip";
} elsif (req.http.Accept-Encoding ~ "deflate") {
set req.http.Accept-Encoding = "deflate";
} else {
# unkown algorithm
remove req.http.Accept-Encoding;
}
}
# Rules for static files
if (req.url ~ "\.(jpeg|jpg|png|gif|ico|swf|js|css|gz|rar|txt|bzip|pdf)(\?.*|)$") {
set req.http.staticmarker = "1";
unset req.http.Cookie;
return (lookup);
}
# Don't cache pages for Magento Admin
# change this rule if you use custom url in admin
if (req.url ~ "^/(index.php/)?admin") {
return(pass);
}
# Don't cache checkout/customer pages, product compare
if (req.url ~ "^/(index.php/)?(checkout|customer|catalog/product_compare|wishlist)") {
return(pass);
}
# Don't cache till session end
if (req.http.cookie ~ "nocache_stable") {
return(pass);
}
# Unique identifier witch tell Varnish use cache or not
if (req.http.cookie ~ "nocache") {
return(pass);
}
# Remove cookie
unset req.http.Cookie;
set req.http.magicmarker = "1"; #Instruct varnish to remove cache headers received from backend
return(lookup);
}
sub vcl_pipe {
# # Note that only the first request to the backend will have
# # X-Forwarded-For set. If you use X-Forwarded-For and want to
# # have it set for all requests, make sure to have:
# # set req.http.connection = "close";
# # here. It is not set by default as it might break some broken web
# # applications, like IIS with NTLM authentication.
return (pipe);
}
#sub vcl_pass {
# return (pass);
#}
#sub vcl_hash {
# set req.hash += req.url;
# if (req.http.host) {
# set req.hash += req.http.host;
# } else {
# set req.hash += server.ip;
# }
# return (hash);
# }
# Called after a cache lookup if the req. document was found in the cache.
sub vcl_hit {
if (req.request == "PURGE") {
ban_url(req.url);
error 200 "Purged";
}
if (!(obj.ttl > 0s)) {
return (pass);
}
return (deliver);
}
# Called after a cache lookup and odc was not found in cache.
sub vcl_miss {
if (req.request == "PURGE"){
error 200 "Not in cache";
}
return (fetch);
}
# Called after document was retreived from backend
# @var req Request object.
# @var beresp Backend response (contains HTTP headers from backend)
sub vcl_fetch {
set req.grace = 30s;
# Current response should not be cached
if(beresp.http.Set-Cookie ~ "nocache=1") {
return (deliver);
}
# Flag set when we want to delete cache headers received from backend
if (req.http.magicmarker){
unset beresp.http.magicmarker;
unset beresp.http.Cache-Control;
unset beresp.http.Expires;
unset beresp.http.Pragma;
unset beresp.http.Cache;
unset beresp.http.Server;
unset beresp.http.Set-Cookie;
unset beresp.http.Age;
# default ttl for pages
set beresp.ttl = 1d;
}
if (req.http.staticmarker) {
set beresp.ttl = 30d; # static file cache expires in 30 days
unset beresp.http.staticmarker;
unset beresp.http.ETag; # Removes Etag in case we have multiple frontends
}
return (deliver);
}
# Called after a cached document is delivered to the client.
sub vcl_deliver {
if (obj.hits > 0) {
set resp.http.X-Cache = "HIT ("+obj.hits+")";
} else {
set resp.http.X-Cache = "MISS";
# set resp.http.X-Cache-Hash = obj.http.hash;
}
return (deliver);
}
答案 0 :(得分:0)
确实是varnish default.vcl文件出错了!我不能确切地说这是错的,但我用提供的那个交换了它。
# default backend definition. Set this to point to your content server.
backend default {
.host = "127.0.0.1";
.port = "8080";
}
# admin backend with longer timeout values. Set this to the same IP & port as your default server.
backend admin {
.host = "127.0.0.1";
.port = "8080";
.first_byte_timeout = 18000s;
.between_bytes_timeout = 18000s;
}
# add your Magento server IP to allow purges from the backend
acl purge {
"localhost";
"127.0.0.1";
}
import std;
sub vcl_recv {
if (req.restarts == 0) {
if (req.http.x-forwarded-for) {
set req.http.X-Forwarded-For =
req.http.X-Forwarded-For + ", " + client.ip;
} else {
set req.http.X-Forwarded-For = client.ip;
}
}
if (req.request != "GET" &&
req.request != "HEAD" &&
req.request != "PUT" &&
req.request != "POST" &&
req.request != "TRACE" &&
req.request != "OPTIONS" &&
req.request != "DELETE" &&
req.request != "PURGE") {
/* Non-RFC2616 or CONNECT which is weird. */
return (pipe);
}
# purge request
if (req.request == "PURGE") {
if (!client.ip ~ purge) {
error 405 "Not allowed.";
}
ban("obj.http.X-Purge-Host ~ " + req.http.X-Purge-Host + " && obj.http.X-Purge-URL ~ " + req.http.X-Purge-Regex + " && obj.http.Content-Type ~ " + req.http.X-Purge-Content-Type);
error 200 "Purged.";
}
# switch to admin backend configuration
if (req.http.cookie ~ "adminhtml=") {
set req.backend = admin;
}
# we only deal with GET and HEAD by default
if (req.request != "GET" && req.request != "HEAD") {
return (pass);
}
# normalize url in case of leading HTTP scheme and domain
set req.url = regsub(req.url, "^http[s]?://[^/]+", "");
# collect all cookies
std.collect(req.http.Cookie);
# static files are always cacheable. remove SSL flag and cookie
if (req.url ~ "^/(media|js|skin)/.*\.(png|jpg|jpeg|gif|css|js|swf|ico)$") {
unset req.http.Https;
unset req.http.Cookie;
}
# not cacheable by default
if (req.http.Authorization || req.http.Https) {
return (pass);
}
# do not cache any page from index files
if (req.url ~ "^/(index)") {
return (pass);
}
# as soon as we have a NO_CACHE cookie pass request
if (req.http.cookie ~ "NO_CACHE=") {
return (pass);
}
# remove Google gclid parameters
set req.url = regsuball(req.url,"\?gclid=[^&]+$",""); # strips when QS = "?gclid=AAA"
set req.url = regsuball(req.url,"\?gclid=[^&]+&","?"); # strips when QS = "?gclid=AAA&foo=bar"
set req.url = regsuball(req.url,"&gclid=[^&]+",""); # strips when QS = "?foo=bar&gclid=AAA" or QS = "?foo=bar&gclid=AAA&bar=baz"
return (lookup);
}
# sub vcl_pipe {
# # Note that only the first request to the backend will have
# # X-Forwarded-For set. If you use X-Forwarded-For and want to
# # have it set for all requests, make sure to have:
# # set bereq.http.connection = "close";
# # here. It is not set by default as it might break some broken web
# # applications, like IIS with NTLM authentication.
# return (pipe);
# }
#
# sub vcl_pass {
# return (pass);
# }
#
sub vcl_hash {
hash_data(req.url);
if (req.http.host) {
hash_data(req.http.host);
} else {
hash_data(server.ip);
}
if (req.http.cookie ~ "PAGECACHE_ENV=") {
set req.http.pageCacheEnv = regsub(
req.http.cookie,
"(.*)PAGECACHE-env=([^&]*)(.*)",
"\2"
);
hash_data(req.http.pageCacheEnv);
remove req.http.pageCacheEnv;
}
if (!(req.url ~ "^/(media|js|skin)/.*\.(png|jpg|jpeg|gif|css|js|swf|ico)$")) {
call design_exception;
}
return (hash);
}
#
# sub vcl_hit {
# return (deliver);
# }
#
# sub vcl_miss {
# return (fetch);
# }
sub vcl_fetch {
if (beresp.status == 500) {
set beresp.saintmode = 10s;
return (restart);
}
set beresp.grace = 5m;
# enable ESI feature if needed
if (beresp.http.X-Cache-DoEsi == "1") {
set beresp.do_esi = true;
}
# add ban-lurker tags to object
set beresp.http.X-Purge-URL = req.url;
set beresp.http.X-Purge-Host = req.http.host;
if (beresp.status == 200 || beresp.status == 301 || beresp.status == 404) {
if (beresp.http.Content-Type ~ "text/html" || beresp.http.Content-Type ~ "text/xml") {
if ((beresp.http.Set-Cookie ~ "NO_CACHE=") || (beresp.ttl < 1s)) {
set beresp.ttl = 0s;
return (hit_for_pass);
}
# marker for vcl_deliver to reset Age:
set beresp.http.magicmarker = "1";
# Don't cache cookies
unset beresp.http.set-cookie;
} else {
# set default TTL value for static content
set beresp.ttl = 4h;
}
return (deliver);
}
return (hit_for_pass);
}
sub vcl_deliver {
# debug info
if (resp.http.X-Cache-Debug) {
if (obj.hits > 0) {
set resp.http.X-Cache = "HIT";
set resp.http.X-Cache-Hits = obj.hits;
} else {
set resp.http.X-Cache = "MISS";
}
set resp.http.X-Cache-Expires = resp.http.Expires;
} else {
# remove Varnish/proxy header
remove resp.http.X-Varnish;
remove resp.http.Via;
remove resp.http.Age;
remove resp.http.X-Purge-URL;
remove resp.http.X-Purge-Host;
}
if (resp.http.magicmarker) {
# Remove the magic marker
unset resp.http.magicmarker;
set resp.http.Cache-Control = "no-store, no-cache, must-revalidate, post-check=0, pre-check=0";
set resp.http.Pragma = "no-cache";
set resp.http.Expires = "Mon, 31 Mar 2008 10:00:00 GMT";
set resp.http.Age = "0";
}
}
# sub vcl_error {
# set obj.http.Content-Type = "text/html; charset=utf-8";
# set obj.http.Retry-After = "5";
# synthetic {"
# <?xml version="1.0" encoding="utf-8"?>
# <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
# "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
# <html>
# <head>
# <title>"} + obj.status + " " + obj.response + {"</title>
# </head>
# <body>
# <h1>Error "} + obj.status + " " + obj.response + {"</h1>
# <p>"} + obj.response + {"</p>
# <h3>Guru Meditation:</h3>
# <p>XID: "} + req.xid + {"</p>
# <hr>
# <p>Varnish cache server</p>
# </body>
# </html>
# "};
# return (deliver);
# }
#
# sub vcl_init {
# return (ok);
# }
#
# sub vcl_fini {
# return (ok);
# }
sub design_exception {
}