console出现了一个 error: the server responded with a status of 404

Question

搞了一天还没有搞定，周末的一天眼看过去了， google 也不行。先上贴图：

chrome ： https://cl.ly/132h1I2P2U3i 和 https://cl.ly/3t0h2C3t2N2T/an...

firefox ： https://cl.ly/2T3p0X100P3K
network 截图（登陆页面）： https://cl.ly/2H3T3C3d3i3e
cloudflare的301重定向设置截图：https://cl.ly/0n0T003Z1t28

错误显示： Failed to load resource: the server responded with a status of 404 ()

firefox 显示 4 个升级 http 到 https 的请求，我应该如何升级呢？我添加了 add_header Content-Security-Policy upgrade-insecure-requests;这样操作对吗？

自己一开始为了消除 mixed contents 错误，把 nginx 里面的 nginx.conf 的 server ｛｝中添加

server { ...

add_header Content-Security-Policy upgrade-insecure-requests;

...}

请伙伴们指导 环境状态：用了 cloudflare 的 cdn 、ssl和301重定向。

自己的nginx.conf的配置如下：

user  www www;

worker_processes auto;

error_log  /home/wwwlogs/nginx_error.log  crit;

pid        /usr/local/nginx/logs/nginx.pid;

#Specifies the value for maximum file descriptors that can be opened by this process.
worker_rlimit_nofile 51200;

events
    {
        use epoll;
        worker_connections 51200;
        multi_accept on;
    }

http
    {
         map $http_cf_ipcountry $allow {
        default yes;
        CN yes;
        RU no;
        US yes;
        }
        include       mime.types;
        default_type  application/octet-stream;   
         server_names_hash_bucket_size 128;
        client_header_buffer_size 32k;
        large_client_header_buffers 4 32k;
        client_max_body_size 50m;

        sendfile   on;
        tcp_nopush on;

        keepalive_timeout 60;

        tcp_nodelay on;

        fastcgi_connect_timeout 300;
        fastcgi_send_timeout 300;
        fastcgi_read_timeout 300;
        fastcgi_buffer_size 64k;
        fastcgi_buffers 4 64k;
        fastcgi_busy_buffers_size 128k;
        fastcgi_temp_file_write_size 256k;

        gzip on;
        gzip_min_length  1k;
        gzip_buffers     4 16k;
        gzip_http_version 1.1;
        gzip_comp_level 2;
        gzip_types     text/plain application/javascript application/x-javascript text/javascript text/css application/xml application/xml+rss;
        gzip_vary on;
          gzip_proxied   expired no-cache no-store private auth;
        gzip_disable   "MSIE [1-6]\.";

        #limit_conn_zone $binary_remote_addr zone=perip:10m;
        ##If enable limit_conn_zone,add "limit_conn perip 10;" to server section.

        server_tokens off;
        access_log off;

server
    {
       if ($allow = no) {
    return 403;
      }
         location / {

add_header 'Access-Control-Allow-Origin' 'https://www.mydomain.com';
    }


       add_header Content-Security-Policy upgrade-insecure-requests;
       add_header 'Access-Control-Allow-origin' 'https://www.mydomain.com';
        add_header 'Access-Control-Allow-Methods' 'GET, POST';
        # Cross domain webfont access
location = /favicon.ico { log_not_found off; access_log off; }

location = /robots.txt { log_not_found off; access_log off; allow all; }

location ~* .(ogg|ogv|mp4|css|rss|atom|js|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf)$ { 
add_header "Access-Control-Allow-Origin" "https://www.mydomain.com";
add_header "Timing-Allow-Origin" "*";
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";
expires max;
log_not_found off;
}

location ~* .(ttf|ttc|otf|eot|woff|woff2|svg|svgz)$ {
add_header "Access-Control-Allow-Origin" "https://www.mydomain.com";
add_header "Timing-Allow-Origin" "*";
add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload";
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";
expires max;
log_not_found off;
}

        listen 80 default_server;
         listen 443 default_server;
        #listen [::]:80 default_server ipv6only=on;
        server_name www.mydomain.com;
        index index.html index.htm index.php;
        root  /home/wwwroot/default;

        #error_page   404   /404.html;
        include enable-php.conf;
        
        location /nginx_status
        {
            stub_status on;
            access_log   off;
        }

        location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
        {
            expires      30d;
        }

        location ~ .*\.(js|css)?$
        {
            expires      12h;
        }



        location ~ /\.
        {
            deny all;
        }


        access_log  /home/wwwlogs/access.log;
    }
include vhost/*.conf;
}                                                         
                                                   
                       

nginx里面的error.log显示的大量错误如下：

2017/03/27 11:41:01 [warn] 6809#0: conflicting server name "www.mydomain.com" on 0.0.0.0:80, ignored
2017/03/27 11:45:08 [warn] 6820#0: conflicting server name "www.mydomain.com" on 0.0.0.0:80, ignored
2017/03/27 11:45:08 [notice] 6820#0: signal process started
2017/03/27 11:45:09 [warn] 6825#0: conflicting server name "www.mydomain.com" on 0.0.0.0:80, ignored
2017/03/27 11:54:17 [warn] 6835#0: conflicting server name "www.mydomain.com" on 0.0.0.0:80, ignored
2017/03/27 11:54:17 [notice] 6835#0: signal process started
2017/03/27 11:54:18 [warn] 6840#0: conflicting server name "www.mydomain.com" on 0.0.0.0:80, ignored
2017/03/27 12:34:38 [emerg] 6925#0: duplicate location "/" in /usr/local/nginx/conf/nginx.conf:129
2017/03/27 12:44:33 [emerg] 6940#0: duplicate location "/" in /usr/local/nginx/conf/nginx.conf:129
2017/03/27 12:58:01 [emerg] 6953#0: duplicate location "/" in /usr/local/nginx/conf/nginx.conf:131
2017/03/28 05:22:28 [emerg] 7367#0: duplicate location "/" in /usr/local/nginx/conf/nginx.conf:155
2017/03/28 05:26:29 [emerg] 7381#0: duplicate location "/" in /usr/local/nginx/conf/nginx.conf:155
2017/03/28 05:57:23 [warn] 7394#0: conflicting server name "www.mydomain.com" on 0.0.0.0:80, ignored
2017/03/28 05:57:23 [notice] 7394#0: signal process started
2017/03/28 05:57:24 [warn] 7399#0: conflicting server name "www.mydomain.com" on 0.0.0.0:80, ignored
2017/03/28 05:58:27 [warn] 7409#0: conflicting server name "www.mydomain.com" on 0.0.0.0:80, ignored 

Answer 1

Failed to load resource: the server responded with a status of 404 ()这个是哪个图片文件不存在，与是否是https无关

1. 检查这个文件是否存在

2. 如果存在，可能是location配置有问题，建议贴出完成nginx配置看看

后面的说https升级的这个是个警告，这是因为在https的站点下引用非https的内容是存在安全问题的，解决办法就是采用https的外站资源，一般cdn都是提供了https方式访问的。

Answer 2

讲个故事。

我小时候发现网线和电话接口一毛一样，以为把电话插到电脑的网线接口上就能直接上网了。

你的问题和我的问题一样，加一个add_header Content-Security-Policy upgrade-insecure-requests不顶用，nginx并不会自动给你适配https链接，也不会帮你配https服务端。

你没配置https服务器。

http://www.cnblogs.com/yanghu...

随便搜一下，有很多教程的。https和原来的http配置相比，只需要修改一下端口，然后增加三行配置证书的操作即可。

Answer 3

泻药。

先看直观的问题：

1. 你并没有配置 SSL——虽然监听了 443 端口，可这本质上配置了一个工作在 443 端口上的 http server。所以当 Chrome 以 https:// 协议访问的时候，并没有访问该 server {} 配置。

2. 从下面的日志和 404 的返回推断，/usr/local/nginx/conf/vhost/ 目录下有 SSL 的配置，并且也配置了 server_name www.mydomain.com，这个配置给你返回了 Status 404

解决方案:

1. 格式化代码。这么书写代码太容易出错。

2. 解决配置文件的冲突部分。

3. 找一个 nginx ssl 的配置教程。例如这个: https://www.linode.com/docs/w... 一步步做下来。