问题描述
我在运行两个 python Flask 网站时遇到问题。端口转发不适用于第二个网站。
我的出发点是两个可通过域名访问的 html hello-world 网站。 我删除了 HTML 索引文件并启动了 python flask
waitress-serve --port 8080 --call "mysite_1:myflaskentrypoint"
mysite_1.com:8080 -> 可访问(现在可以)
我在 Plesk -> Home -> Domains -> mysite_1 -> Appache & Nginx Settings -> Additional Nginx 指令中输入了以下配置。
location / {
proxy_set_header Accept-Encoding "";
proxy_pass http://0.0.0.0:8080;
}
https://mysite_1.com 可访问(很棒)
现在是第二个网站的问题。
waitress-serve --port 9080 --call "mysite_2:myflaskentrypoint"
mysite_2.com:9080 -> 可访问(暂时可以)
Plesk -> 主页 -> 域 -> mysite_2 -> Appache 和 Nginx 设置 -> 其他 Nginx 指令。
location / {
proxy_set_header Accept-Encoding "";
proxy_pass http://0.0.0.0:9080;
}
https://mywebsite_2.com 可访问 -> 错误 403 禁止
错误日志
403 GET / HTTP/2.0 Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:85.0) ... 795 Nginx
SSL/TLS access
Error ... 11691#0: *386 directory index of "/var/www/vhosts/<mysite_2>.de/httpdocs/"
is forbidden Nginx error
欢迎任何提示
----
Nginx -T
root@localhost:~# Nginx -T
Nginx: the configuration file /etc/Nginx/Nginx.conf Syntax is ok
Nginx: configuration file /etc/Nginx/Nginx.conf test is successful
# configuration file /etc/Nginx/Nginx.conf:
#user Nginx;
worker_processes 1;
#error_log /var/log/Nginx/error.log;
#error_log /var/log/Nginx/error.log notice;
#error_log /var/log/Nginx/error.log info;
#pid /var/run/Nginx.pid;
include /etc/Nginx/modules.conf.d/*.conf;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
#access_log /var/log/Nginx/access.log main;
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 65;
#tcp_nodelay on;
#gzip on;
#gzip_disable "MSIE [1-6]\.(?!.*SV1)";
server_tokens off;
include /etc/Nginx/conf.d/*.conf;
}
# override global parameters e.g. worker_rlimit_nofile
include /etc/Nginx/*global_params;
# configuration file /etc/Nginx/mime.types:
types {
text/html html htm shtml;
text/css css;
text/xml xml;
image/gif gif;
image/jpeg jpeg jpg;
application/javascript js;
application/atom+xml atom;
application/RSS+xml RSS;
text/mathml mml;
text/plain txt;
text/vnd.sun.j2me.app-descriptor jad;
text/vnd.wap.wml wml;
text/x-component htc;
image/png png;
image/svg+xml svg svgz;
image/tiff tif tiff;
image/vnd.wap.wbmp wbmp;
image/webp webp;
image/x-icon ico;
image/x-jng jng;
image/x-ms-bmp bmp;
font/woff woff;
font/woff2 woff2;
application/java-archive jar war ear;
application/json json;
application/mac-binhex40 hqx;
application/msword doc;
application/pdf pdf;
application/postscript ps eps ai;
application/rtf rtf;
application/vnd.apple.mpegurl m3u8;
application/vnd.google-earth.kml+xml kml;
application/vnd.google-earth.kmz kmz;
application/vnd.ms-excel xls;
application/vnd.ms-fontobject eot;
application/vnd.ms-powerpoint ppt;
application/vnd.oasis.opendocument.graphics odg;
application/vnd.oasis.opendocument.presentation odp;
application/vnd.oasis.opendocument.spreadsheet ods;
application/vnd.oasis.opendocument.text odt;
application/vnd.openxmlformats-officedocument.presentationml.presentation
pptx;
application/vnd.openxmlformats-officedocument.spreadsheetml.sheet
xlsx;
application/vnd.openxmlformats-officedocument.wordprocessingml.document
docx;
application/vnd.wap.wmlc wmlc;
application/x-7z-compressed 7z;
application/x-cocoa cco;
application/x-java-archive-diff jardiff;
application/x-java-jnlp-file jnlp;
application/x-makeself run;
application/x-perl pl pm;
application/x-pilot prc pdb;
application/x-rar-compressed rar;
application/x-redhat-package-manager rpm;
application/x-sea sea;
application/x-shockwave-flash swf;
application/x-stuffit sit;
application/x-tcl tcl tk;
application/x-x509-ca-cert der pem crt;
application/x-xpinstall xpi;
application/xhtml+xml xhtml;
application/xspf+xml xspf;
application/zip zip;
application/octet-stream bin exe dll;
application/octet-stream deb;
application/octet-stream dmg;
application/octet-stream iso img;
application/octet-stream msi msp msm;
audio/midi mid midi kar;
audio/mpeg mp3;
audio/ogg ogg;
audio/x-m4a m4a;
audio/x-realaudio ra;
video/3gpp 3gpp 3gp;
video/mp2t ts;
video/mp4 mp4;
video/mpeg mpeg mpg;
video/quicktime mov;
video/webm webm;
video/x-flv flv;
video/x-m4v m4v;
video/x-mng mng;
video/x-ms-asf asx asf;
video/x-ms-wmv wmv;
video/x-msvideo avi;
}
# configuration file /etc/Nginx/conf.d/ssl.conf:
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-poly1305:ECDHE-RSA-CHACHA20-poly1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
ssl_prefer_server_ciphers on;
# configuration file /etc/Nginx/conf.d/zz010_psa_Nginx.conf:
#ATTENTION!
#
#DO NOT MODIFY THIS FILE BECAUSE IT WAS GENERATED AUTOMATICALLY,#SO ALL YOUR CHANGES WILL BE LOST THE NEXT TIME THE FILE IS GENERATED.
include /etc/Nginx/plesk.conf.d/server.conf;
include /etc/Nginx/plesk.conf.d/webmails/*.conf;
include /etc/Nginx/plesk.conf.d/vhosts/*.conf;
include /etc/Nginx/plesk.conf.d/forwarding/*.conf;
include /etc/Nginx/plesk.conf.d/wildcards/*.conf;
# configuration file /etc/Nginx/plesk.conf.d/server.conf:
#ATTENTION!
#
#DO NOT MODIFY THIS FILE BECAUSE IT WAS GENERATED AUTOMATICALLY,#SO ALL YOUR CHANGES WILL BE LOST THE NEXT TIME THE FILE IS GENERATED.
include "/etc/Nginx/plesk.conf.d/ip_default/*.conf";
server {
listen <vps_ip>:443 ssl;
ssl_certificate /opt/psa/var/certificates/scfK6DJ8w;
ssl_certificate_key /opt/psa/var/certificates/scfK6DJ8w;
location ^~ /plesk-site-preview/ {
proxy_pass http://127.0.0.1:8880;
proxy_set_header Host plesk-site-preview.local;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_cookie_domain plesk-site-preview.local $host;
access_log off;
}
location / {
proxy_pass https://<vps_ip>:7081;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
server {
listen <vps_ip>:80;
location ^~ /plesk-site-preview/ {
proxy_pass http://127.0.0.1:8880;
proxy_set_header Host plesk-site-preview.local;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_cookie_domain plesk-site-preview.local $host;
access_log off;
}
location / {
proxy_pass http://<vps_ip>:7080;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
# configuration file /etc/Nginx/plesk.conf.d/ip_default/<website_1>.conf:
#ATTENTION!
#
#DO NOT MODIFY THIS FILE BECAUSE IT WAS GENERATED AUTOMATICALLY,#SO ALL YOUR CHANGES WILL BE LOST THE NEXT TIME THE FILE IS GENERATED.
server {
listen <vps_ip>:443 ssl;
ssl_certificate /opt/psa/var/certificates/scf9FAuU9;
ssl_certificate_key /opt/psa/var/certificates/scf9FAuU9;
server_name www.<website_1>;
location / {
return 301 https://<website_1>$request_uri;
}
}
server {
listen <vps_ip>:443 default_server ssl http2;
server_name <website_1>;
server_name ipv4.<website_1>;
ssl_certificate /opt/psa/var/certificates/scf9FAuU9;
ssl_certificate_key /opt/psa/var/certificates/scf9FAuU9;
error_page 400 "/error_docs/bad_request.html";
error_page 401 "/error_docs/unauthorized.html";
error_page 403 "/error_docs/forbidden.html";
error_page 404 "/error_docs/not_found.html";
error_page 500 "/error_docs/internal_server_error.html";
error_page 405 "/error_docs/method_not_allowed.html";
error_page 406 "/error_docs/not_acceptable.html";
error_page 407 "/error_docs/proxy_authentication_required.html";
error_page 412 "/error_docs/precondition_Failed.html";
error_page 414 "/error_docs/request_uri_too_long.html";
error_page 415 "/error_docs/unsupported_media_type.html";
error_page 501 "/error_docs/not_implemented.html";
error_page 502 "/error_docs/bad_gateway.html";
error_page 503 "/error_docs/maintenance.html";
location ^~ /error_docs {
root "/var/www/vhosts/<website_1>";
}
client_max_body_size 128m;
root "/var/www/vhosts/<website_1>/httpdocs";
access_log "/var/www/vhosts/system/<website_1>/logs/proxy_access_ssl_log";
error_log "/var/www/vhosts/system/<website_1>/logs/proxy_error_log";
location ^~ /plesk-site-preview/ {
proxy_pass http://127.0.0.1:8880;
proxy_set_header Host plesk-site-preview.local;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_cookie_domain plesk-site-preview.local $host;
access_log off;
}
#extension letsencrypt begin
location ^~ /.well-kNown/acme-challenge/ {
root /var/www/vhosts/default/htdocs;
types { }
default_type text/plain;
satisfy any;
auth_basic off;
allow all;
location ~ ^/\.well-kNown/acme-challenge.*/\. {
deny all;
}
}
#extension letsencrypt end
#extension sslit begin
#extension sslit end
location ~ /\.ht {
deny all;
}
location ~ ^/(plesk-stat|awstats-icon|webstat|webstat-ssl|ftpstat|anon_ftpstat) {
auth_basic "Domain statistics";
auth_basic_user_file "/var/www/vhosts/system/<website_1>/pd/d..httpdocs@plesk-stat";
autoindex on;
location ~ ^/plesk-stat(.*) {
alias /var/www/vhosts/system/<website_1>/statistics/$1;
}
location ~ ^/awstats-icon(.*) {
alias /usr/share/awstats/icon/$1;
}
location ~ ^/(.*) {
alias /var/www/vhosts/system/<website_1>/statistics/$1;
}
}
add_header X-Powered-By PleskLin;
include "/var/www/vhosts/system/<website_1>/conf/vhost_Nginx.conf";
}
server {
listen <vps_ip>:80;
server_name www.<website_1>;
location / {
return 301 https://<website_1>$request_uri;
}
}
server {
listen <vps_ip>:80 default_server;
server_name <website_1>;
server_name ipv4.<website_1>;
error_page 400 "/error_docs/bad_request.html";
error_page 401 "/error_docs/unauthorized.html";
error_page 403 "/error_docs/forbidden.html";
error_page 404 "/error_docs/not_found.html";
error_page 500 "/error_docs/internal_server_error.html";
error_page 405 "/error_docs/method_not_allowed.html";
error_page 406 "/error_docs/not_acceptable.html";
error_page 407 "/error_docs/proxy_authentication_required.html";
error_page 412 "/error_docs/precondition_Failed.html";
error_page 414 "/error_docs/request_uri_too_long.html";
error_page 415 "/error_docs/unsupported_media_type.html";
error_page 501 "/error_docs/not_implemented.html";
error_page 502 "/error_docs/bad_gateway.html";
error_page 503 "/error_docs/maintenance.html";
location ^~ /error_docs {
root "/var/www/vhosts/<website_1>";
}
client_max_body_size 128m;
location / {
return 301 https://$host$request_uri;
}
}
# configuration file /var/www/vhosts/system/<website_1>/conf/vhost_Nginx.conf:
location / {
proxy_set_header Accept-Encoding "";
proxy_pass http://0.0.0.0:8080;
}
# configuration file /etc/Nginx/plesk.conf.d/webmails/<website_2>_webmail.conf:
#ATTENTION!
#
#DO NOT MODIFY THIS FILE BECAUSE IT WAS GENERATED AUTOMATICALLY,#SO ALL YOUR CHANGES WILL BE LOST THE NEXT TIME THE FILE IS GENERATED.
server {
listen <vps_ip>:443 ssl;
server_name "webmail.<website_2>";
ssl_certificate /opt/psa/var/certificates/scfETmI6V;
ssl_certificate_key /opt/psa/var/certificates/scfETmI6V;
client_max_body_size 128m;
#extension sslit begin
#extension sslit end
location / {
proxy_pass https://<vps_ip>:7081;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
server {
listen <vps_ip>:80;
server_name "webmail.<website_2>";
client_max_body_size 128m;
#extension sslit begin
#extension sslit end
location / {
proxy_pass http://<vps_ip>:7080;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
# configuration file /etc/Nginx/plesk.conf.d/webmails/<website_1>_webmail.conf:
#ATTENTION!
#
#DO NOT MODIFY THIS FILE BECAUSE IT WAS GENERATED AUTOMATICALLY,#SO ALL YOUR CHANGES WILL BE LOST THE NEXT TIME THE FILE IS GENERATED.
# Webmail is not enabled on the domain
# Webmail is not enabled on the domain
# configuration file /etc/Nginx/plesk.conf.d/vhosts/<website_2>.conf:
#ATTENTION!
#
#DO NOT MODIFY THIS FILE BECAUSE IT WAS GENERATED AUTOMATICALLY,#SO ALL YOUR CHANGES WILL BE LOST THE NEXT TIME THE FILE IS GENERATED.
server {
listen <vps_ip>:443 ssl;
ssl_certificate /opt/psa/var/certificates/scfETmI6V;
ssl_certificate_key /opt/psa/var/certificates/scfETmI6V;
server_name www.<website_2>;
location / {
return 301 https://<website_2>$request_uri;
}
}
server {
listen <vps_ip>:443 ssl http2;
server_name <website_2>;
server_name ipv4.<website_2>;
ssl_certificate /opt/psa/var/certificates/scfETmI6V;
ssl_certificate_key /opt/psa/var/certificates/scfETmI6V;
error_page 400 "/error_docs/bad_request.html";
error_page 401 "/error_docs/unauthorized.html";
error_page 403 "/error_docs/forbidden.html";
error_page 404 "/error_docs/not_found.html";
error_page 500 "/error_docs/internal_server_error.html";
error_page 405 "/error_docs/method_not_allowed.html";
error_page 406 "/error_docs/not_acceptable.html";
error_page 407 "/error_docs/proxy_authentication_required.html";
error_page 412 "/error_docs/precondition_Failed.html";
error_page 414 "/error_docs/request_uri_too_long.html";
error_page 415 "/error_docs/unsupported_media_type.html";
error_page 501 "/error_docs/not_implemented.html";
error_page 502 "/error_docs/bad_gateway.html";
error_page 503 "/error_docs/maintenance.html";
location ^~ /error_docs {
root "/var/www/vhosts/<website_2>";
}
client_max_body_size 128m;
root "/var/www/vhosts/<website_2>/httpdocs";
access_log "/var/www/vhosts/system/<website_2>/logs/proxy_access_ssl_log";
error_log "/var/www/vhosts/system/<website_2>/logs/proxy_error_log";
#extension letsencrypt begin
location ^~ /.well-kNown/acme-challenge/ {
root /var/www/vhosts/default/htdocs;
types { }
default_type text/plain;
satisfy any;
auth_basic off;
allow all;
location ~ ^/\.well-kNown/acme-challenge.*/\. {
deny all;
}
}
#extension letsencrypt end
#extension sslit begin
#extension sslit end
location ~ /\.ht {
deny all;
}
location ~ ^/(plesk-stat|awstats-icon|webstat|webstat-ssl|ftpstat|anon_ftpstat) {
auth_basic "Domain statistics";
auth_basic_user_file "/var/www/vhosts/system/<website_2>/pd/d..httpdocs@plesk-stat";
autoindex on;
location ~ ^/plesk-stat(.*) {
alias /var/www/vhosts/system/<website_2>/statistics/$1;
}
location ~ ^/awstats-icon(.*) {
alias /usr/share/awstats/icon/$1;
}
location ~ ^/(.*) {
alias /var/www/vhosts/system/<website_2>/statistics/$1;
}
}
location ~ ^/~(.+?)(/.*?\.PHP)(/.*)?$ {
alias /var/www/vhosts/<website_2>/web_users/$1/$2;
fastcgi_split_path_info ^((?U).+\.PHP)(/?.+)$;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_pass "unix:///var/www/vhosts/system/<website_2>/PHP-fpm.sock";
include /etc/Nginx/fastcgi.conf;
}
location ~ \.PHP(/.*)?$ {
fastcgi_split_path_info ^((?U).+\.PHP)(/?.+)$;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_pass "unix:///var/www/vhosts/system/<website_2>/PHP-fpm.sock";
include /etc/Nginx/fastcgi.conf;
}
location ~ /$ {
index "index.html" "index.cgi" "index.pl" "index.PHP" "index.xhtml" "index.htm" "index.shtml";
}
add_header X-Powered-By PleskLin;
include "/var/www/vhosts/system/<website_2>/conf/vhost_Nginx.conf";
}
server {
listen <vps_ip>:80;
server_name www.<website_2>;
location / {
return 301 http://<website_2>$request_uri;
}
}
server {
listen <vps_ip>:80;
server_name <website_2>;
server_name ipv4.<website_2>;
error_page 400 "/error_docs/bad_request.html";
error_page 401 "/error_docs/unauthorized.html";
error_page 403 "/error_docs/forbidden.html";
error_page 404 "/error_docs/not_found.html";
error_page 500 "/error_docs/internal_server_error.html";
error_page 405 "/error_docs/method_not_allowed.html";
error_page 406 "/error_docs/not_acceptable.html";
error_page 407 "/error_docs/proxy_authentication_required.html";
error_page 412 "/error_docs/precondition_Failed.html";
error_page 414 "/error_docs/request_uri_too_long.html";
error_page 415 "/error_docs/unsupported_media_type.html";
error_page 501 "/error_docs/not_implemented.html";
error_page 502 "/error_docs/bad_gateway.html";
error_page 503 "/error_docs/maintenance.html";
location ^~ /error_docs {
root "/var/www/vhosts/<website_2>";
}
client_max_body_size 128m;
root "/var/www/vhosts/<website_2>/httpdocs";
access_log "/var/www/vhosts/system/<website_2>/logs/proxy_access_log";
error_log "/var/www/vhosts/system/<website_2>/logs/proxy_error_log";
#extension letsencrypt begin
location ^~ /.well-kNown/acme-challenge/ {
root /var/www/vhosts/default/htdocs;
types { }
default_type text/plain;
satisfy any;
auth_basic off;
allow all;
location ~ ^/\.well-kNown/acme-challenge.*/\. {
deny all;
}
}
#extension letsencrypt end
#extension sslit begin
#extension sslit end
location ~ /\.ht {
deny all;
}
location ~ ^/(plesk-stat|awstats-icon|webstat|webstat-ssl|ftpstat|anon_ftpstat) {
return 301 https://$host$request_uri;
}
location ~ ^/~(.+?)(/.*?\.PHP)(/.*)?$ {
alias /var/www/vhosts/<website_2>/web_users/$1/$2;
fastcgi_split_path_info ^((?U).+\.PHP)(/?.+)$;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_pass "unix:///var/www/vhosts/system/<website_2>/PHP-fpm.sock";
include /etc/Nginx/fastcgi.conf;
}
location ~ \.PHP(/.*)?$ {
fastcgi_split_path_info ^((?U).+\.PHP)(/?.+)$;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_pass "unix:///var/www/vhosts/system/<website_2>/PHP-fpm.sock";
include /etc/Nginx/fastcgi.conf;
}
location ~ /$ {
index "index.html" "index.cgi" "index.pl" "index.PHP" "index.xhtml" "index.htm" "index.shtml";
}
add_header X-Powered-By PleskLin;
include "/var/www/vhosts/system/<website_2>/conf/vhost_Nginx.conf";
}
# configuration file /etc/Nginx/fastcgi.conf:
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param QUERY_STRING $query_string;
fastcgi_param REQUEST_METHOD $request_method;
fastcgi_param CONTENT_TYPE $content_type;
fastcgi_param CONTENT_LENGTH $content_length;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
fastcgi_param REQUEST_URI $request_uri;
fastcgi_param DOCUMENT_URI $document_uri;
fastcgi_param DOCUMENT_ROOT $document_root;
fastcgi_param SERVER_PROTOCOL $server_protocol;
fastcgi_param REQUEST_SCHEME $scheme;
fastcgi_param HTTPS $https if_not_empty;
fastcgi_param GATEWAY_INTERFACE CGI/1.1;
fastcgi_param SERVER_SOFTWARE Nginx/$Nginx_version;
fastcgi_param REMOTE_ADDR $remote_addr;
fastcgi_param REMOTE_PORT $remote_port;
fastcgi_param SERVER_ADDR $server_addr;
fastcgi_param SERVER_PORT $server_port;
fastcgi_param SERVER_NAME $server_name;
# PHP only,required if PHP was built with --enable-force-cgi-redirect
fastcgi_param REDIRECT_STATUS 200;
# https://httpoxy.org/
fastcgi_param HTTP_PROXY "";
# configuration file /var/www/vhosts/system/<website_2>/conf/vhost_Nginx.conf:
location / { return 200 "OK \n"; }
root@localhost:~#
curl -v
curl -v https://<website_2.de>
* Trying <plesk IP>:443...
curl -v <website_2.de>
* TCP_NODELAY set
* Connected to <website_2.de> (<plesk IP>) port 443 (#0)
* ALPN,offering h2
* ALPN,offering http/1.1
* successfully set certificate verify locations:
* CAfile: /etc/ssl/certs/ca-certificates.crt
CApath: /etc/ssl/certs
* TLSv1.3 (OUT),TLS handshake,Client hello (1):
* TLSv1.3 (IN),Server hello (2):
* TLSv1.3 (IN),Encrypted Extensions (8):
* TLSv1.3 (IN),Certificate (11):
* TLSv1.3 (IN),CERT verify (15):
* TLSv1.3 (IN),Finished (20):
* TLSv1.3 (OUT),TLS change cipher,Change cipher spec (1):
* TLSv1.3 (OUT),Finished (20):
* SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384
* ALPN,server accepted to use h2
* Server certificate:
* subject: CN=<website_2.de>
* start date: Feb 22 18:06:21 2021 GMT
* expire date: May 23 18:06:21 2021 GMT
* subjectAltName: host "<website_2.de>" matched cert's "<website_2.de>"
* issuer: C=US; O=Let's Encrypt; CN=R3
* SSL certificate verify ok.
* Using HTTP2,server supports multi-use
* Connection state changed (HTTP/2 confirmed)
* copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
* Using Stream ID: 1 (easy handle 0x565382a48e10)
> GET / HTTP/2
> Host: <website_2.de>
> user-agent: curl/7.68.0
> accept: */*
>
* TLSv1.3 (IN),Newsession Ticket (4):
* TLSv1.3 (IN),Newsession Ticket (4):
* old SSL session ID is stale,removing
* Connection state changed (MAX_CONCURRENT_STREAMS == 128)!
< HTTP/2 403
< server: Nginx
< date: Fri,26 Feb 2021 08:37:59 GMT
< content-type: text/html
< content-length: 795
< etag: "6033f929-31b"
<
<!DOCTYPE html>
<html lang="en">
<head>
<Meta charset="utf-8">
<Meta http-equiv="x-ua-compatible" content="ie=edge">
<Meta name="viewport" content="width=device-width,initial-scale=1,shrink-to-fit=no">
<title>403 Forbidden</title>
<link rel="stylesheet" href="/error_docs/styles.css">
</head>
<body>
<div class="page">
<div class="main">
<h1>Server Error</h1>
<div class="error-code">403</div>
<h2>Forbidden</h2>
<p class="lead">You do not have permission to access this document.</p>
<hr/>
<p>That's what you can do</p>
<div class="help-actions">
<a href="javascript:location.reload();">Reload Page</a>
<a href="javascript:history.back();">Back to PrevIoUs Page</a>
<a href="/">Home Page</a>
</div>
</div>
</div>
</body>
* Connection #0 to host <website_2.de> left intact
解决方法
我找到了适合我的配置。
首先我选中了nginx设置“代理模式”中的框 我已经设置了代理,不是在 Nginx 中,而是在附加 Apache 指令中 ->“HTTP/HTTPS 附加指令”
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
ProxyPreserveHost On
<Location "/">
ProxyPass "http://127.0.0.1:9080/"
ProxyPassReverse "http://127.0.0.1:9080/"
</Location>
这奏效了。我可以通过域名访问两个flask网站。