問題描述

在一臺服務(wù)器設(shè)置了Nginx多站點，但是訪問這些站點的域名均無法訪問，錯誤如下圖：

通過ip會跳轉(zhuǎn)到其中一個站點，具體表現(xiàn)為：

全部配置開啟的情況下所有域名無法訪問，ip訪問顯示的是siteD去除siteD后跳轉(zhuǎn)siteB,去除siteB后404，去除siteB后跳轉(zhuǎn)siteA，去除siteA后跳轉(zhuǎn)siteC

檢查了半天還是不知道是啥問題，請各位大神幫忙排查下/w

以下為具體配置文件：

nginx.conf

user nginx;worker_processes 1;error_log /var/log/nginx/error.log warn;pid/var/run/nginx.pid;events { worker_connections 1024;}http { include /etc/nginx/mime.types; default_type application/octet-stream; log_format main ’$remote_addr - $remote_user [$time_local] '$request' ’ ’$status $body_bytes_sent '$http_referer' ’ ’'$http_user_agent' '$http_x_forwarded_for'’; access_log /var/log/nginx/access.log main; sendfileon; #tcp_nopush on; server_tokens off; underscores_in_headers off; keepalive_timeout 65; #gzip on; include /etc/nginx/conf.d/*.conf;}

default.conf

server { listen 80; server_name _; location / {return 404; }}

siteA.conf

server { listen 80; server_name siteA.domain.com; access_log /var/log/nginx/siteA.access.log main; location / {root /usr/share/nginx/html/siteA;index index.php index.html index.htm; } error_page 500 502 503 504 /50x.html; location = /50x.html {root /usr/share/nginx/html; } location ~ .php$ { #try_files $uri =404; #root /usr/share/nginx/html/siteA; fastcgi_split_path_info ^(.+.php)(/.+)$; fastcgi_pass unix:/dev/shm/php5.6-fpm.sock; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_index index.php; include fastcgi_params; }}

siteB.conf

server { listen 80; server_name siteB.domain.com; access_log /var/log/nginx/siteB.access.log main; location / {root /usr/share/nginx/html/siteB;index index.php index.html index.htm; } error_page 500 502 503 504 /50x.html; location = /50x.html {root /usr/share/nginx/html; } location ~ .php$ { try_files $uri =404; root /usr/share/nginx/html/siteB; fastcgi_split_path_info ^(.+.php)(/.+)$; fastcgi_pass unix:/dev/shm/php5.6-fpm.sock; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_index index.php; include fastcgi_params; }}

siteC.conf

server { listen 80; server_name siteC.domain.com; access_log /var/log/nginx/siteC.access.log main; location / {root /usr/share/nginx/html/siteC/;index index.php index.html index.htm; } error_page 500 502 503 504 /50x.html; location = /50x.html {root /usr/share/nginx/html; } location ~ .php$ { try_files $uri =404; root /usr/share/nginx/html/siteC/; fastcgi_split_path_info ^(.+.php)(/.+)$; fastcgi_pass unix:/dev/shm/php5.6-fpm.sock; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_index index.php; include fastcgi_params; }}

siteD.conf

server { listen 80; server_name siteD.domain.com; access_log /var/log/nginx/siteD.access.log main; location ~ ^/(baidu|webscan|yx_scan) {root /usr/share/nginx/siteD; } location / { proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header User-Agent $http_user_agent; proxy_set_header Accept-Encoding ''; proxy_redirect off; proxy_pass http://127.0.0.1:8080/siteD/; rewrite ^/WebGoat/(.*)$ /$1 last; } error_page 500 502 503 504 /50x.html; location = /50x.html {root /usr/share/nginx/html; }}

Nginx Info (使用apt安裝，mainline)

nginx version: nginx/1.11.9built by gcc 4.8.4 (Ubuntu 4.8.4-2ubuntu1~14.04.3) built with OpenSSL 1.0.1f 6 Jan 2014TLS SNI support enabledconfigure arguments: --prefix=/etc/nginx --sbin-path=/usr/sbin/nginx --modules-path=/usr/lib/nginx/modules --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --pid-path=/var/run/nginx.pid --lock-path=/var/run/nginx.lock --http-client-body-temp-path=/var/cache/nginx/client_temp --http-proxy-temp-path=/var/cache/nginx/proxy_temp --http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp --http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp --http-scgi-temp-path=/var/cache/nginx/scgi_temp --user=nginx --group=nginx --with-compat --with-file-aio --with-threads --with-http_addition_module --with-http_auth_request_module --with-http_dav_module --with-http_flv_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_mp4_module --with-http_random_index_module --with-http_realip_module --with-http_secure_link_module --with-http_slice_module --with-http_ssl_module --with-http_stub_status_module --with-http_sub_module --with-http_v2_module --with-mail --with-mail_ssl_module --with-stream --with-stream_realip_module --with-stream_ssl_module --with-stream_ssl_preread_module --with-cc-opt=’-g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wformat -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -fPIC’ --with-ld-opt=’-Wl,-Bsymbolic-functions -Wl,-z,relro -Wl,-z,now -Wl,--as-needed -pie’

Nginx Debug Error Log

2017/02/22 11:29:27 [notice] 6335#6335: using the 'epoll' event method2017/02/22 11:29:27 [notice] 6335#6335: nginx/1.11.92017/02/22 11:29:27 [notice] 6335#6335: built by gcc 4.8.4 (Ubuntu 4.8.4-2ubuntu1~14.04.3)2017/02/22 11:29:27 [notice] 6335#6335: OS: Linux 3.13.0-100-generic2017/02/22 11:29:27 [notice] 6335#6335: getrlimit(RLIMIT_NOFILE): 1000000:10000002017/02/22 11:29:27 [notice] 6336#6336: start worker processes2017/02/22 11:29:27 [notice] 6336#6336: start worker process 63372017/02/22 11:30:27 [info] 6337#6337: *1 client timed out (110: Connection timed out) while waiting for request, client: 117.34.28.13, server: 0.0.0.0:802017/02/22 11:30:49 [info] 6337#6337: *2 client timed out (110: Connection timed out) while waiting for request, client: 47.90.50.49, server: 0.0.0.0:802017/02/22 11:38:44 [info] 6337#6337: *3 client timed out (110: Connection timed out) while waiting for request, client: 183.61.236.14, server: 0.0.0.0:802017/02/22 11:38:44 [info] 6337#6337: *4 client timed out (110: Connection timed out) while waiting for request, client: 124.95.168.140, server: 0.0.0.0:802017/02/22 11:38:45 [info] 6337#6337: *5 client timed out (110: Connection timed out) while waiting for request, client: 61.182.137.6, server: 0.0.0.0:802017/02/22 11:38:46 [info] 6337#6337: *6 client timed out (110: Connection timed out) while waiting for request, client: 117.27.149.14, server: 0.0.0.0:802017/02/22 11:38:50 [info] 6337#6337: *7 client timed out (110: Connection timed out) while waiting for request, client: 42.236.7.68, server: 0.0.0.0:802017/02/22 11:38:58 [info] 6337#6337: *8 client timed out (110: Connection timed out) while waiting for request, client: 124.95.168.140, server: 0.0.0.0:802017/02/22 11:38:59 [info] 6337#6337: *9 client timed out (110: Connection timed out) while waiting for request, client: 61.182.137.6, server: 0.0.0.0:802017/02/22 11:38:59 [info] 6337#6337: *10 client timed out (110: Connection timed out) while waiting for request, client: 183.61.236.14, server: 0.0.0.0:802017/02/22 11:39:02 [info] 6337#6337: *11 client timed out (110: Connection timed out) while waiting for request, client: 117.27.149.14, server: 0.0.0.0:802017/02/22 11:39:12 [info] 6337#6337: *12 client timed out (110: Connection timed out) while waiting for request, client: 124.95.168.140, server: 0.0.0.0:802017/02/22 11:39:12 [info] 6337#6337: *13 client timed out (110: Connection timed out) while waiting for request, client: 61.182.137.6, server: 0.0.0.0:802017/02/22 11:39:15 [info] 6337#6337: *14 client timed out (110: Connection timed out) while waiting for request, client: 183.61.236.14, server: 0.0.0.0:80

問題解答

此問題已在v2ex獲得解答，由@Showfom 解答，原因為域名沒有備案，被機房屏蔽了

貌似缺省值的default，不用通配符比較好

server { listen 80 default; return 404 ’no site found’;}回答3：

檢查域名是否被有效的解析到服務(wù)器, 若未被正確解析, 在域名運營商處設(shè)置正確解析.

檢查服務(wù)器防火墻設(shè)置, 時候開啟 80 端口訪問限制, 另也檢查服務(wù)器運營商是否也有設(shè)置防火墻設(shè)定.

在配置好 nginx 后, 可在服務(wù)器進行測試是否可用.

curl siteA.domain.com

若域名處于未解析狀態(tài)

echo ’127.0.0.1 siteA.domain.com’ >> /etc/hostssystemctl restart nginxcurl siteA.domain.com

服務(wù)器若不能正常訪問, 則問題出現(xiàn)在 nginx 配置上.服務(wù)器若能訪問, 而本地不行, 則問題就發(fā)生在域名解析或防火墻.

從我所知不多的 nginx 配置知識上來看, 沒有太大毛病.