求助大佬,为什么我配置的web只有电信可以访问?

如题,折腾了好久才来求助大佬们
配好https就只有电信可以访问, 联通和移动访问不了

以下是nginx配置


user  root;
worker_processes auto;

#error_log  logs/error.log;
#error_log  logs/error.log  notice;
#error_log  logs/error.log  info;

#pid        logs/nginx.pid;


events {
    worker_connections  1024;
}


http {

    sendfile on;
    tcp_nopush on;
    types_hash_max_size 2048;

    include       mime.types;
    default_type  application/octet-stream;
    #log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
    #                  '$status $body_bytes_sent "$http_referer" '
    #                  '"$http_user_agent" "$http_x_forwarded_for"';

    #access_log  logs/access.log  main;

    #tcp_nopush     on;

    #keepalive_timeout  0;
    keepalive_timeout  300;
    

    gzip  on;

    upstream server {
        ip_hash;
        server 127.0.0.1:1992;
    }

    upstream monitor-admin {
        server 127.0.0.1:9090;
    }

    upstream powerjob-server {
        server 127.0.0.1:7700;
    }

    server {
        listen 443 ssl;
	    server_name mcd.mljx.store;
        #请填写证书文件的相对路径或绝对路径
        ssl_certificate /etc/nginx/cert/mcd.mljx.store.pem; 
        #请填写私钥文件的相对路径或绝对路径
        ssl_certificate_key /etc/nginx/cert/mcd.mljx.store.key; 
        ssl_session_timeout 5m;
        #请按照以下协议配置
        ssl_protocols TLSv1.2 TLSv1.3; 
        #请按照以下套件配置,配置加密套件,写法遵循 openssl 标准。
        ssl_ciphers EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH;
        ssl_prefer_server_ciphers on;
	location / {
           root   /root/project/purchase/takeout;
           try_files $uri $uri/ /index.html;
           index  index.html index.htm;
        }
    }
	
    server {
        listen       443 ssl;
        server_name  www.minc.store;

        ssl_certificate      /etc/nginx/cert/minc.store_bundle.crt;
        ssl_certificate_key  /etc/nginx/cert/minc.store.key;
        ssl_session_cache   shared:SSL:1m;
        ssl_session_timeout 5m;
        ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
        ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
        #charset koi8-r;

        #access_log  logs/host.access.log  main;

        location ~ ^(/[^/]*)?/actuator(/.*)?$ {
            return 403;
        }

        location / {
            root   /root/project/purchase/web;
            try_files $uri $uri/ /index.html;
            index  index.html index.htm;
        }

        location /prod-api/ {
	    proxy_read_timeout 300s; # 设置为300秒
            proxy_set_header Host $http_host;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header REMOTE-HOST $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            # websocket参数
            proxy_http_version 1.1;
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connection "upgrade";
            proxy_pass http://server/;
        }

        # https 会拦截内链所有的 http 请求 造成功能无法使用
        # 解决方案1 将 admin 服务 也配置成 https
        # 解决方案2 将菜单配置为外链访问 走独立页面 http 访问
        location /admin/ {
            proxy_set_header Host $http_host;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header REMOTE-HOST $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_pass http://monitor-admin/admin/;
        }

        # https 会拦截内链所有的 http 请求 造成功能无法使用
        # 解决方案1 将 powerjob 服务 也配置成 https
        # 解决方案2 将菜单配置为外链访问 走独立页面 http 访问
        location /powerjob/ {
            proxy_set_header Host $http_host;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header REMOTE-HOST $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_pass http://powerjob-server/;
        }

        # 解决 powerjob 代理之后静态文件无法访问的问题 请勿修改乱动
        location ~ ^/(js|css|jpg|png|svg|woff|ttf|ico|img)/ {
            proxy_pass http://powerjob-server;
        }

        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   html;
        }
    }


    # another virtual host using mix of IP-, name-, and port-based configuration
    #
    #server {
    #    listen       8000;
    #    listen       somename:8080;
    #    server_name  somename  alias  another.alias;

    #    location / {
    #        root   html;
    #        index  index.html index.htm;
    #    }
    #}


    # HTTPS server
    #
    #server {
    #    listen       443 ssl;
    #    server_name  localhost;

    #    ssl_certificate      cert.pem;
    #    ssl_certificate_key  cert.key;

    #    ssl_session_cache    shared:SSL:1m;
    #    ssl_session_timeout  5m;

    #    ssl_ciphers  HIGH:!aNULL:!MD5;
    #    ssl_prefer_server_ciphers  on;

    #    location / {
    #        root   html;
    #        index  index.html index.htm;
    #    }
    #}

}

3 Likes

看一下
访问策略 有没有限制

2 Likes

有没有可能DNS解析,被其他运营商拉黑了。

3 Likes

我也不太懂这些, 提交工单上去腾讯那边一直踢皮球

2 Likes

切换不同的网络测试一下,或者用工具https://tools.ipip.net/dns.php测试一下不同的运营商。就知道是不是运营商的问题了,和你的配置无关。

3 Likes

感觉是被运营商block了

和本地配置没关系。

From 快问快答 to 开发调优