django + nginx https 리디렉션 쇼 (414 Request-URI Too Large)

Question

https로 nginx 리디렉션을 해결하려고하는데 www.ozkandurakoglu.com을 사용할 때 414 Request-URI가 너무 큽니다. nginx에 대한 제 설정은 다음과 같습니다.

upstream ozkan_server { 
    server unix:/home/ytsejam/public_html/ozkansimple/run/gunicorn.sock fail_timeout=10s; 
} 

server { 
    listen 80; 
    server_name ozkandurakoglu.com www.ozkandurakoglu.com; 
    return 301 $scheme:https://ozkandurakoglu.com$request_uri; 
} 
server { 
    listen 443 ssl; 
    listen [::]:443 ssl; 
    ssl on; 
    ssl_certificate /etc/letsencrypt/live/ozkandurakoglu.com/fullchain.pem; 
    ssl_certificate_key /etc/letsencrypt/live/ozkandurakoglu.com/privkey.pem; 
    ssl_trusted_certificate /etc/letsencrypt/live/ozkandurakoglu.com/chain.pem; 
    ssl_session_timeout 1d; 
    ssl_session_cache shared:SSL:50m; 
    ssl_session_tickets off; 
    ssl_prefer_server_ciphers on; 
    add_header Strict-Transport-Security max-age=15768000; 
    ssl_stapling on; 
    ssl_stapling_verify on; 
    server_name www.ozkandurakoglu.com; 
    return 301 $scheme:https://ozkandurakoglu.com$request_uri; 
} 
server { 
    listen 443 ssl; 
    listen [::]:443 ssl; 
    ssl on; 
    ssl_certificate /etc/letsencrypt/live/ozkandurakoglu.com/fullchain.pem; 
    ssl_certificate_key /etc/letsencrypt/live/ozkandurakoglu.com/privkey.pem; 
    ssl_trusted_certificate /etc/letsencrypt/live/ozkandurakoglu.com/chain.pem; 
    ssl_session_timeout 1d; 
    ssl_session_cache shared:SSL:50m; 
    ssl_session_tickets off; 
    ssl_prefer_server_ciphers on; 
    add_header Strict-Transport-Security max-age=15768000; 
    ssl_stapling on; 
    ssl_stapling_verify on; 
    server_name www.ozkandurakoglu.com ozkandurakoglu.com; 
    client_max_body_size 4G; 
    root /home/ytsejam/public_html/ozkansimple/; 
    access_log /home/ytsejam/public_html/ozkansimple/logs/nginx-access.log; 
    error_log /home/ytsejam/public_html/ozkansimple/logs/nginx-error.log warn; 
    large_client_header_buffers 6 16k; 
... 
} 

도와 주시겠습니까?

감사

Answer 1

나는 모두의 nginx을 변경하고 내가 내 질문에 언급하지 않았다 gunicorn했기 때문에 나는 내 질문에 대답, 내 서버 블록

server { 
    listen 80; 
    server_name ozkandurakoglu.com www.ozkandurakoglu.com; 
    return 301 https://ozkandurakoglu.com$request_uri; 
} 

에 $cheme를 제거하고

를 추가했다

limit_request_line 

--limit-request-line INT 
4094 
The maximum size of HTTP request line in bytes. 

내 gunicorn 시작 줄.

편집 : // ozkandurakoglu.com $ request_uri`가 아닌`(301)를 반환 : 올바른 설정 후 마지막 날은 여기

server { 
     listen 80; 
     server_name ozkandurakoglu.com www.ozkandurakoglu.com; 
     return 301 https://www.ozkandurakoglu.com$request_uri; 
} 
server { 
    listen 443 ssl http2; 
    server_name ozkandurakoglu.com; 
    return 301 https://www.ozkandurakoglu.com$request_uri; 
} 
server { 
    listen 443 ssl http2; 
    server_name www.ozkandurakoglu.com; 

    access_log /var/log/nginx/ozkandurakoglu.com.access.log; 
    error_log /var/log/nginx/ozkandurakoglu.com.error.log; 

    ssl_certificate   /etc/letsencrypt/live/www.ozkandurakoglu.com/fullchain.pem; 
    ssl_certificate_key  /etc/letsencrypt/live/www.ozkandurakoglu.com/privkey.pem; 
    ssl_trusted_certificate /etc/letsencrypt/live/www.ozkandurakoglu.com/chain.pem; 

    ssl_session_timeout 1d; 
    ssl_session_cache shared:SSL:64m; 
    ssl_session_tickets off; 

    ssl_protocols TLSv1.2; 
    ssl_prefer_server_ciphers on; 
    ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-$ 
    add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload"; 
    ssl_stapling on; 
    ssl_stapling_verify on; 
    add_header X-Frame-Options DENY; 
    add_header X-Content-Type-Options "nosniff" always; 
    add_header X-XSS-Protection "1; mode=block"; 
    add_header Referrer-Policy no-referrer-when-downgrade; 
    #add_header Content-Security-Policy "default-src https:"; 

    resolver 8.8.8.8 8.8.4.4; 
    resolver_timeout 5s; 

    client_max_body_size 4G; 

... }