Moodle 3.7&Apache和反向代理结果ERR_TOO_MANY_REDIRECTS

问题描述 投票:0回答:1

带有反向代理结果ERR_TOO_MANY_REDIRECTS的Moodle 3.7 Apache。

我有一个带有以下vhosts文件的SSL站点:

<VirtualHost *:80>
    RewriteCond %{HTTPS} off
    RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
</VirtualHost>     


<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerName moodle.site.com:443

SSLEngine on
SecAuditEngine On
RewriteEngine On

    ProxyPreserveHost On
    ProxyPass / http://101.102.103.104:80/
    ProxyPassReverse / http://101.102.103.104:80/

</VirtualHost>                                  
</IfModule>

我还将所有80个端口请求都重定向到SSL端口。

命令

curl -I https://moodle.site.com/

结果:

HTTP/1.1 303 See Other
Date: Fri, 09 Aug 2019 19:13:33 GMT
Server: Apache/2.4.38 (Debian)
Strict-Transport-Security: max-age=15768000; includeSubDomains
Location: https://moodle.site.com
Content-Language: en
Content-Type: text/html; charset=UTF-8

在Moodle config.php中,我有:

$CFG->wwwroot   = 'https://moodle.site.com';
$CFG->reverseproxy = true;
$CFG->sslproxy  = 1;

[当我尝试打开https://moodle.site.com URL时,为什么我会在Google Chrome浏览器中看到“ ERR_TOO_MANY_REDIRECTS”错误?

apache reverse-proxy moodle
1个回答
0
投票

我有4个问题,所以我必须解决它们(命令行命令应以root身份执行或使用sudo):

1] mod_ssl Apache模块未激活。如果mod_ssl是活动的,请在命令行中进行测试:

apache2ctl -M | grep ssl

应该显示它(如果激活):

ssl_module (shared)

FIX(在命令行中启用mod_ssl):

a2enmod ssl
# Considering dependency setenvif for ssl:
# Module setenvif already enabled
# Considering dependency mime for ssl:
# Module mime already enabled
# Considering dependency socache_shmcb for ssl:
# Enabling module socache_shmcb.
# Enabling module ssl.
# See /usr/share/doc/apache2/README.Debian.gz on how to configure SSL and create self-signed certificates.
# To activate the new configuration, you need to run:
# systemctl restart apache2

2)我在Apache SSL conf文件中使用Header指令,如下所示:

# Guarantee HTTPS for 180 days including sub domains 
Header always set Strict-Transport-Security "max-age=15768000; includeSubDomains"

由于此mod_headers Apache模块是必需的,因此未激活。如果mod_headers是否处于活动状态,请在命令行中进行测试:

apache2ctl -M | grep headers

应该显示它(如果激活):

headers_module (shared)

FIX(在命令行中启用mod_headers):

a2enmod headers

3)我必须在Apache vhost conf文件中使用https ProxyPass URL代替http:

错误:

ProxyPass / http://101.102.103.104:80/
ProxyPassReverse / http://101.102.103.104:80/

GOOD:

ProxyPass / https://101.102.103.104/
ProxyPassReverse / https://101.102.103.104/

4)必须打开SSLProxyEngine指令以在Apache vhost conf文件的ProxyPass中使用SSL。

FIX:在/etc/apache2/sites-available/myvhost.conf中添加了SSLProxyEngine

SSLProxyEngine on
最新问题
© www.soinside.com 2019 - 2024. All rights reserved.