drvxnivoqf17568697 2018-10-13 02:28
浏览 72

nginx拒绝从网站申请样式

Completely new to nginx and need some guidance. I am supporting a new site that the business named one thing during development and then purchased a different hostname. and the application of css is being refused. This is a live production site so it's accessible @ https://mh.lhfs.com. The test server (different machine) and the local dev server are working properly so I'm assuming it's server related. Any help would be appreciated.

Here is the configuration file. The prior developer loved copy and paste. I cleaned up the Content-Security-Policy section but it didn't resolve the issue.

    server {
    listen 80;
   # listen [::]:80 default_server ipv6only=on;

    root /var/www/vhosts/lhfs.com/webpages/manufactured.lhfs.com;
    index index.php index.html index.htm;

    listen 443 ssl;
    listen [::]:443 ssl;

    server_name mh.lhfs.com;
    #server_name localhost;

    location / {
        try_files $uri $uri/ /index.php?$args;
    }

   #return 301 https://$server_name$request_uri;

    server_tokens off;
    add_header X-Frame-Options SAMEORIGIN;
    add_header X-Content-Type-Options nosniff;
    add_header X-XSS-Protection "1; mode=block";
    add_header Content-Security-Policy "script-src 'self' 'unsafe-inline' 'unsafe-eval' data:; style-src 'self' 'unsafe-inline' data:; frame-src img-src 'self' font-src 'self' default-src 'self' object-src 'none' https://*.typekit.net https://mh.lhfs.com https://lhfs.com https://mortgage.lhfs.com https://cdn.lhfs.com https://lhfs.com https://lhfscdn.com https://seal-goldengate.bbb.org http://seal-goldengate.bbb.org https://*.mylivechat.com https://mylivechat.com https://code.jquery.com https://maxcdn.bootstrapcdn.com http://ajax.googleapis.com http://www.google-analytics.com http://www.google.com http://ajax.googleapis.com https://maps.googleapis.com https://ssl.google-analytics.com https://maps.googleapis.com https://fonts.googleapis.com https://themes.googleusercontent.com https://tautt.zendesk.com https://assets.zendesk.com https://connect.facebook.net https://s-static.ak.facebook.com https://www.facebook.com https://s-static.ak.facebook.com http://0.gravatar.com https://www.gstatic.com http://1.gravatat.com https://fonts.gstatic.com https://maps.gstatic.com https://csi.gstatic.com";

    add_header Access-Control-Allow-Origin "*";

   #try_files $uri $uri/ =404;
   #try_files $uri $uri/ /index.php?$args;

   access_log  /var/www/vhosts/lhfs.com/webpages/manufactured.lhfs.com/logs/access.log;
   error_log /var/www/vhosts/lhfs.com/webpages/manufactured.lhfs.com/logs/error.log;

   error_page 404 /404.html;
   error_page 500 502 503 504 /50x.html;
   location = /50x.html {
        root /usr/share/nginx/html;
   }

    location ~ \.php$ {
       root /var/www/vhosts/lhfs.com/webpages/manufactured.lhfs.com;         
       try_files $uri =404;
       fastcgi_split_path_info ^(.+\.php)(/.+)$;
       fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
       fastcgi_index index.php;
       fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
       include fastcgi_params;
       fastcgi_read_timeout 300;
    }

    ssl_certificate /var/www/vhosts/system/sslcerts/cert-lhfscom/lhfs.com.chained.crt;
    ssl_certificate_key /var/www/vhosts/system/sslcerts/cert-lhfscom/lhfscom_frommt.key;

    ssl_dhparam /etc/nginx/ssl/dhparam.pem;

    ssl_stapling on;
    ssl_stapling_verify on;
    ssl_trusted_certificate /var/www/vhosts/system/sslcerts/cert-lhfscom/lhfs.com.chained.crt;

    try_files $uri $uri/ /index.php?$args;

    access_log  /var/www/vhosts/lhfs.com/webpages/manufactured.lhfs.com/logs/access.log;
    error_log /var/www/vhosts/lhfs.com/webpages/manufactured.lhfs.com/logs/error.log;

    location ~ \.php$ {
       root /var/www/vhosts/lhfs.com/webpages/manufactured.lhfs.com;         
       try_files $uri =404;
       fastcgi_split_path_info ^(.+\.php)(/.+)$;
       fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
       fastcgi_index index.php;
       fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
       include fastcgi_params;
       fastcgi_read_timeout 300;
    }

}

UPDATE 1:

I tried a few different things I saw in other posts but they didn't help

  • I removed the type='text/css'from the style sheet declaration in the index.php file but I had the same results.
  • I checked the mime.types config file and the types were defined.
  • I checked the nginx.config and verified that that mime.types config was being included.

I might add this is not the only site on this server that delivers these errors. All of them do to some extent. one difference is that this site has the css on the site path. The other sites don't have a problem displaying the css. The developer decided to reference css style sheets from another servers WordPress site. (Don't ask! Everyone, want's all of their sites to break if one goes offline don't they? One reason he's not around any longer.)

UPDATE 2: I decided to comment out the CSP section and try again. The site loaded successfully. I will leave this off for a while I Investigate further. It appears to be configured properly but apparently, it is not. Please post if you have any ideas as to what would be causing the problem in the section.

  • 写回答

0条回答 默认 最新

    报告相同问题?

    悬赏问题

    • ¥30 这是哪个作者做的宝宝起名网站
    • ¥60 版本过低apk如何修改可以兼容新的安卓系统
    • ¥25 由IPR导致的DRIVER_POWER_STATE_FAILURE蓝屏
    • ¥50 有数据,怎么建立模型求影响全要素生产率的因素
    • ¥50 有数据,怎么用matlab求全要素生产率
    • ¥15 TI的insta-spin例程
    • ¥15 完成下列问题完成下列问题
    • ¥15 C#算法问题, 不知道怎么处理这个数据的转换
    • ¥15 YoloV5 第三方库的版本对照问题
    • ¥15 请完成下列相关问题!