环境:阿里云 centos7
flask web 应用, gunicorn 已经启动,访问ip:8888
正常访问
nginx 正常启动,无法直接访问 ip ,浏览器显示: This site can ’ t be reached
我有两个配置文件conf/nginx.conf
, site-enable/kaoshixing.conf
,内容分别如下:
user root;
worker_processes auto;
# worker_cpu_affinity auto;
error_log /home/admin/kaoshixing/nginx/logs/error.log;
pid /home/admin/kaoshixing/nginx/logs/nginx.pid;
worker_rlimit_nofile 65535;
events {
use epoll;
worker_connections 20480;
}
http {
include mime.types;
default_type application/octet-stream;
fastcgi_intercept_errors on;
log_format milog '$server_addr\t$hostname\t$remote_addr\t$http_x_forwarded_for\t$time_local\t$request_uri\t$request_length\t$bytes_sent\t$request_time\t$status\t$upstream_addr\t$upstream_cache_status\t$upstream_response_time\t$http_user_agent\t';
####full-format log for debug
log_format debug_log '$remote_addr\t$server_addr\t$hostname\t$time_local\t$host\t$request\t$status\t$body_bytes_sent\t$http_referer\t$http_user_agent\t$http_x_forwarded_for\t$request_uri\t$request_length\t$bytes_sent\t$request_body\t$request_time\t$upstream_response_time\t$upstream_addr\t$upstream_cache_status';
access_log /home/admin/kaoshixing/log/nginx/access.log milog;
sendfile on;
keepalive_timeout 65;
client_max_body_size 120m;
server_names_hash_bucket_size 128;
proxy_headers_hash_bucket_size 128;
proxy_headers_hash_max_size 8192;
proxy_connect_timeout 10;
proxy_read_timeout 120;
proxy_send_timeout 120;
proxy_buffer_size 16k;
proxy_buffers 4 64k;
proxy_busy_buffers_size 128k;
proxy_temp_file_write_size 128k;
gzip on;
gzip_types application/json application/x-json text/plain application/x-javascript text/css text/javascript application/xml text/xml image/jpeg image/gif image/png;
gzip_proxied expired no-cache no-store private auth;
gzip_min_length 1k;
gzip_buffers 16 64k;
gzip_http_version 1.1;
gzip_comp_level 6;
gzip_vary on;
limit_req_zone $server_port zone=tp:500m rate=1700r/s;
limit_req_zone $server_port zone=tps:500m rate=1100r/s;
limit_req_zone $binary_remote_addr zone=tip:500m rate=100r/s;
include /home/admin/kaoshixing/nginx/site-enable/*.conf;
}
upstream kaoshixing.com_backend{
server 0.0.0.0:8888 weight=1 max_fails=2 fail_timeout=30s;
}
server {
listen 80;
server_name www.kaoshixing.com;
access_log /home/admin/kaoshixing/nginx/logs/ksxing.com.log milog;
location / {
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_pass http://kaoshixing.com_backend;
}
}
server {
listen 443 ssl;
server_name www.kaoshixing.com;
access_log /home/admin/kaoshixing/nginx/logs/ksxing.com.log milog;
ssl on;
ssl_certificate ssl/kaoshixing.com.crt;
ssl_certificate_key ssl/kaoshixing.com.key;
ssl_session_cache shared:SSL:80m;
ssl_session_timeout 5m;
ssl_protocols SSLv2 SSLv3 TLSv1;
ssl_ciphers RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
ssl_prefer_server_ciphers on;
location / {
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_pass http://kaoshixing.com_backend;
proxy_redirect http://www.kaoshixing.com https://www.kaoshixing.com;
}
}
server {
listen 80;
server_name kaoshixing.com;
access_log /home/admin/kaoshixing/nginx/logs/ksxing.com.log milog;
location / {
rewrite ^(.*) http://www.$host$1 redirect;
}
}
1
RobertYang 2017-03-08 11:37:51 +08:00 via Android 1
listen 80 后面加个 default
|
2
lhbc 2017-03-08 11:38:53 +08:00 via iPhone
0.0.0.0 不是可以访问的地址
|
3
nightv2 2017-03-08 11:40:11 +08:00 via Android
@RobertYang 这个不是必须的吧。
|
4
RobertYang 2017-03-08 11:42:07 +08:00 via Android
@nightv2 他不是想直接用 ip 访问吗
|
6
alvy OP @RobertYang 还是不行
|
7
meiyuan 2017-03-08 11:56:52 +08:00
第一反应是未备案的前提下不能访问 80 端口,阿里云可能做了限制。
|
8
tumbzzc 2017-03-08 11:59:30 +08:00
80 端口是否开启?以前用 vultr 的时候也是这个问题
|
9
zl59503020 2017-03-08 12:00:55 +08:00
看错误日志
|
10
J0022ZjV7055oN64 2017-03-08 13:02:40 +08:00
listen 80 default_server;
#listen [::]:80 default_server ipv6only=on; server_name _; 取自 lnmp nginx default conf |
11
Fedor 2017-03-08 13:04:36 +08:00
防火墙?
|
13
Ansen 2017-03-08 13:10:59 +08:00
国内云主机都是需要备案才会给你开 80, 你试试 443
|
14
ovear 2017-03-08 13:44:05 +08:00 via Android
127.0.0.1 也不通就奇怪了
先看看 ss -anp 有没有监听 80 不过先试试万能的 iptables -F |
15
RobertYang 2017-03-08 13:54:37 +08:00 via Android
@alvy default_server
|
16
fengfisher2 2017-03-08 14:31:08 +08:00
第一反应是未备案的前提下不能访问 80 端口,阿里云可能做了限制+1 ,换 81 这样的看看。
|
17
alvy OP @RobertYang 求教,我现在 listen 2017 ,可以访问,但是网站里面点解链接跳转,有时候跳到 80 端口(访问不了),我需要一直都是访问 2017 端口,请问这是什么问题?
|
18
RobertYang 2017-03-21 14:45:56 +08:00 via Android
@alvy 你链接的端口也要写成 2017 。。
|
19
alvy OP @RobertYang 这......链接太多了,好像没办法做
|