为什么.cf、.tk 的域名,在 cloudflare 不能套 cdn

169 天前
 paranoiagu
同样的 .com 域名,套 cloudflare 一切正常。但是 .cf 或 .tk 域名,就不行了。用 curl 后,发现总是收到 301 。
response 信息如下:

< HTTP/2 301
< date: Wed, 22 Nov 2023 01:00:08 GMT
< content-type: text/html
< location: https:///
< x-content-type-options: nosniff
< cf-cache-status: DYNAMIC
< report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PPKBekwLeQosoxtrt%2BLtvzc3kQRQgzKOGvtAbkJ56rIE0hvwcrt5mlqM%2BA0D4fqhiVj9wERfquGd7HgD56%2BvWbPkeMGzpt%2FKuvxhq7MPdM%2FClb0PwJ5ekgeUsMGLr1w%3D"}],"group":"cf-nel","max_age":604800}
< nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
< server: cloudflare
< cf-ray: 829d3bd42f886385-LHR
< alt-svc: h3=":443"; ma=86400
<
<html>
<head><title>301 Moved Permanently</title></head>
<body>
<center><h1>301 Moved Permanently</h1></center>
<hr><center>nginx</center>
</body>
</html>
2108 次点击
所在节点    Cloudflare
11 条回复
Conantv2
169 天前
这是 nginx 配置问题吧,nginx 返回了 301 啊,location 是不是你旧网址
knva
169 天前
301 到哪了也不说。
paranoiagu
169 天前
@knva

@Conantv2

location: https:///

域名丢失了。
paranoiagu
169 天前
直接 curl 我的 ip 没问题。套 cf 就完蛋。
Conantv2
169 天前
@paranoiagu 不要只 curl ip ,要带上域名
paranoiagu
169 天前
@Conantv2 带上了,不知道这样带上对不对。

curl -v -k https://xxx.xxx.xxx.xxx/ -H "Host: xxx.xxx.cf"
* Trying xxx.xxx.xxx.xxx:443...
* Connected to xxx.xxx.xxx.xxx (xxx.xxx.xxx.xxx) port 443 (#0)
* ALPN: offers h2,http/1.1
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
* TLSv1.3 (IN), TLS handshake, Certificate (11):
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
* TLSv1.3 (IN), TLS handshake, Finished (20):
* TLSv1.3 (OUT), TLS handshake, Finished (20):
* SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384
* ALPN: server accepted h2
* Server certificate:
* subject: CN=*.yp-hq.cf
* start date: Nov 20 09:10:38 2023 GMT
* expire date: Feb 18 09:10:37 2024 GMT
* issuer: C=US; O=Let's Encrypt; CN=R3
* SSL certificate verify result: unable to get local issuer certificate (20), continuing anyway.
* using HTTP/2
* h2h3 [:method: GET]
* h2h3 [:path: /]
* h2h3 [:scheme: https]
* h2h3 [:authority: xxx.xxx.cf]
* h2h3 [user-agent: curl/7.88.1]
* h2h3 [accept: */*]
* Using Stream ID: 1 (easy handle 0x563df52ebc80)
> GET / HTTP/2
> Host: xxx.xxx.cf
> user-agent: curl/7.88.1
> accept: */*
>
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* old SSL session ID is stale, removing
< HTTP/2 200
< server: nginx
< date: Wed, 22 Nov 2023 00:59:34 GMT
< content-type: text/html
< strict-transport-security: max-age=31536000; includeSubDomains; preload
<
<html>
<head><title>Index of /</title></head>
<body>
<h1>Index of /</h1><hr><pre><a href="../">../</a>
</pre><hr></body>
</html>
* Connection #0 to host xxx.xxx.xxx.xxx left intact
Conantv2
169 天前
这么看,直接访问倒不会 301 ,你看下日志吧,可能是日志带了某个参数触发的 301
paranoiagu
169 天前
@Conantv2 我也感觉是 nginx 的问题了。我再研究一下,谢谢。
Bateman
169 天前
为什么我托管的网页 由 full strict 改为 flexible 才能正常打开
kingwrcy
169 天前
full strict 是 cf 到你的源站 也是 https,要求你的源站支持 https.
flexible 是 cf 到你的源站是 http

你源站域名没有 https 的话,需要改成 flexible. 不然就是无限 301
rockxsj
169 天前
配置问题,我套了

这是一个专为移动设备优化的页面(即为了让你能够在 Google 搜索结果里秒开这个页面),如果你希望参与 V2EX 社区的讨论,你可以继续到 V2EX 上打开本讨论主题的完整版本。

https://www.v2ex.com/t/994022

V2EX 是创意工作者们的社区,是一个分享自己正在做的有趣事物、交流想法,可以遇见新朋友甚至新机会的地方。

V2EX is a community of developers, designers and creative people.

© 2021 V2EX