python - nginx 小白, nginx 启动后 80 端口无法访问
问题描述
环境:阿里云 centos7
flask web 应用, gunicorn 已经启动,访问ip:8888正常访问
nginx 正常启动,无法直接访问 ip ,浏览器显示: This site can ’ t be reached
我有两个配置文件conf/nginx.conf, site-enable/kaoshixing.conf,内容分别如下:
user root;worker_processesauto;# worker_cpu_affinity auto;error_log /home/admin/kaoshixing/nginx/logs/error.log;pid /home/admin/kaoshixing/nginx/logs/nginx.pid;worker_rlimit_nofile 65535;events { use epoll; worker_connections 20480;}http { include mime.types; default_type application/octet-stream; fastcgi_intercept_errors on; log_format milog ’$server_addrt$hostnamet$remote_addrt$http_x_forwarded_fort$time_localt$request_urit$request_lengtht$bytes_sentt$request_timet$statust$upstream_addrt$upstream_cache_statust$upstream_response_timet$http_user_agentt’; ####full-format log for debug log_format debug_log ’$remote_addrt$server_addrt$hostnamet$time_localt$hostt$requestt$statust$body_bytes_sentt$http_referert$http_user_agentt$http_x_forwarded_fort$request_urit$request_lengtht$bytes_sentt$request_bodyt$request_timet$upstream_response_timet$upstream_addrt$upstream_cache_status’; access_log /home/admin/kaoshixing/log/nginx/access.log milog; sendfileon; keepalive_timeout 65; client_max_body_size 120m; server_names_hash_bucket_size 128; proxy_headers_hash_bucket_size 128; proxy_headers_hash_max_size 8192; proxy_connect_timeout 10; proxy_read_timeout 120; proxy_send_timeout 120; proxy_buffer_size16k; proxy_buffers 4 64k; proxy_busy_buffers_size 128k; proxy_temp_file_write_size 128k; gzip on; gzip_types application/json application/x-json text/plain application/x-javascript text/css text/javascript application/xml text/xml image/jpeg image/gif image/png; gzip_proxied expired no-cache no-store private auth; gzip_min_length 1k; gzip_buffers 16 64k; gzip_http_version 1.1; gzip_comp_level 6; gzip_vary on; limit_req_zone $server_port zone=tp:500m rate=1700r/s; limit_req_zone $server_port zone=tps:500m rate=1100r/s; limit_req_zone $binary_remote_addr zone=tip:500m rate=100r/s; include /home/admin/kaoshixing/nginx/site-enable/*.conf;}
*
upstream kaoshixing.com_backend{ server 0.0.0.0:8888 weight=1 max_fails=2 fail_timeout=30s;}server { listen 80; server_name www.kaoshixing.com; access_log /home/admin/kaoshixing/nginx/logs/ksxing.com.log milog; location / { proxy_set_header Host $host; proxy_set_header X-Forwarded-For $remote_addr; proxy_pass http://kaoshixing.com_backend; }}server { listen 443 ssl; server_name www.kaoshixing.com; access_log /home/admin/kaoshixing/nginx/logs/ksxing.com.log milog; ssl on; ssl_certificate ssl/kaoshixing.com.crt; ssl_certificate_key ssl/kaoshixing.com.key; ssl_session_cache shared:SSL:80m; ssl_session_timeout 5m; ssl_protocols SSLv2 SSLv3 TLSv1; ssl_ciphers RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP; ssl_prefer_server_ciphers on; location / { proxy_set_header Host $host; proxy_set_header X-Forwarded-For $remote_addr; proxy_pass http://kaoshixing.com_backend; proxy_redirect http://www.kaoshixing.com https://www.kaoshixing.com; }}server { listen 80; server_name kaoshixing.com; access_log /home/admin/kaoshixing/nginx/logs/ksxing.com.log milog; location / { rewrite ^(.*) http://www.$host$1 redirect; }}
问题解答
回答1:有试过nginx -t检查配置文件是否正确么
回答2:看你这http和https都配置了相同的server_name。 试试看将80端口也配置到https中,看看行不行server {listen 80;listen 443 ssl;......}
回答3:因为你设置了 server_name ,所以nginx只监听域名,不监听ip。换句话说,nginx不知道自己的外网ip,它会从配置文件中获得信息。简单的解决办法是删除 server_name 。也可以这样 server_name 1.1.1.1 www.kaoshixing.com; 只是这样就不能泛域名解析了。
回答4:因为你在所有server块都设置了server_name,当浏览器访问时,nginx会一个个匹配server_name,如果都不匹配(用ip访问),nginx就会使用default_server,但你没设置default_server,问题可能就出在这,把一个server块改成这样试试?
server { listen 80 default_server; server_name www.kaoshixing.com;
(还有就是80端口可能被其他程序占用着)
回答5:考虑阿里云的安全策略以及CentOS7的防火墙策略.CentOS7默认是不开放80端口的.
回答6:确认下是配置问题导致nginx起不来 还是外网telnet 80不通。我遇到的一般是防火墙设置的或者80被默认vps装的apache占用。
回答7:国内云厂商的80端口都需要备案才能放通的。另外单独检查一下安全组策略和VPC的防火墙什么的。
网公网安备