在CentOS 7中部署的Nodejs应用程序,域无法访问Apache

ut6juiuv  于 2022-11-07  发布在  Apache
关注(0)|答案(1)|浏览(141)

我尝试在CentOS 7中使用Apache部署我的应用程序,但即使应用程序正在运行,域也无法访问它。
当我尝试访问该域时,它显示为Forbidden You don't have permission to access this resource
请注意,我可以使用ip:port访问网站。
以下是sites-available目录中文件名为example.com.conf的Apache的配置:

<VirtualHost *:80>
        ServerName  example.com
        ProxyRequests On
        ProxyPass / http://server-ip:3000
        ProxyPassReverse / http://server-ip:3000
</VirtualHost>

我还在httpd.conf文件中添加了IncludeOptional sites-enabled/*.conf
我不习惯CentOS 7,也不习惯Apache,所以我不知道我在这里做错了什么。还要注意的是,该域配置了CloudFlare,我认为该域安装了SSL,正如我在浏览器中看到的那样,它没有说“不安全”。还值得一提的是,服务器主机是带有DirectAdmin的私有云服务器。
===============更新=======================================================================================================================================================================================
这是我尝试后,Alaindeseine建议:

<VirtualHost example.com:80>
        RewriteEngine on
        RewriteCond %{SERVER_PORT} ^80$
        RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [R=301,L]
</VirtualHost>

<VirtualHost *:443>
        Header always set Strict-Transport-Security "max-age=31536000"

        ServerName example.com

        SetOutputFilter DEFLATE
        SetEnvIfNoCase Request_URI "\.(?:gif|jpe?g|png)$"no-gzip
        AddOutputFilterByType DEFLATE text/html text/plain text/xml text/css text/javascript application/javascript

        ExpiresActive On
        ProxyRequests off
        RequestHeader add original-protocol-ssl 1
        <Proxy *>
                Order deny,allow
                Allow from all
        </Proxy>
        <Location />
                ProxyPass http://ip:3000/
                ProxyPassReverse http://ip:3000/
                ProxyPreserveHost On
        </Location>
        # SSLCertificateFile /etc/letsencrypt/live/xxx.example.com/cert.pem
        # SSLCertificateKeyFile /etc/letsencrypt/live/xxx.example.com/privkey.pem
        # Include /etc/letsencrypt/options-ssl-apache.conf
        # SSLCertificateChainFile /etc/letsencrypt/live/xxx.example.com/chain.pem
</VirtualHost>
centos

1条答案

按热度按时间
8ftvxx2r

8ftvxx2r1#

如果您认为需要将IP地址更改为本地主机
下面是一个使用SSL的Apache虚拟主机的完整示例:

<VirtualHost xxx.example.com:80>
        RewriteEngine on
        RewriteCond %{SERVER_PORT} ^80$
        RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [R=301,L]
</VirtualHost>

<VirtualHost *:443>
        Header always set Strict-Transport-Security "max-age=31536000"

        ServerName xxx.example.com

        SetOutputFilter DEFLATE
        SetEnvIfNoCase Request_URI "\.(?:gif|jpe?g|png)$"no-gzip
        AddOutputFilterByType DEFLATE text/html text/plain text/xml text/css text/javascript application/javascript

        ExpiresActive On
        ProxyRequests off
        RequestHeader add original-protocol-ssl 1
        <Proxy *>
                Order deny,allow
                Allow from all
        </Proxy>
        <Location />
                ProxyPass http://localhost:3511/
                ProxyPassReverse http://localhost:3511/
                ProxyPreserveHost On
        </Location>
        SSLCertificateFile /etc/letsencrypt/live/xxx.example.com/cert.pem
        SSLCertificateKeyFile /etc/letsencrypt/live/xxx.example.com/privkey.pem
        Include /etc/letsencrypt/options-ssl-apache.conf
        SSLCertificateChainFile /etc/letsencrypt/live/xxx.example.com/chain.pem
</VirtualHost>

您可以自然地删除所有SSL配置。
此外,不要将ProxyRequest设置为On,因为如果开放代理不安全,则可能会造成危险:https://httpd.apache.org/docs/2.4/fr/mod/mod_proxy.html#proxyrequests

赞(0)分享  回复(0)举报  2022-11-07
我来回答

相关问题

    查看更多

    热门标签

    更多
    JavaquerypythonNode开发语言requestUtil数据库Table后端算法LoggerMessageElementParser

    最新问答

    更多
    • 蜀ICP备2022004421号-2 NULL123 https://www.null123.com © All rights reserved
    • 本站内容来源互联网,如果侵犯您的权益请联系我们删除, 联系方式:448109455@qq.com