nginx反代网站实例整理验证
测试实例一反代443端口,代码如下
server {
server_name aa.bb.org;
#SSL Configuration
listen 443 ssl;
listen [::]:443 ssl;
ssl_certificate /aa.cer;
ssl_certificate_key /aa.key;
ssl_session_timeout 5m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;
ssl_prefer_server_ciphers on;
if ($scheme = http) {
return 301 https://$server_name$request_uri;
}
# proxy to another site
location ~/ {
proxy_pass https://hostloc.com;
proxy_set_header Host hostloc.com;
proxy_set_header X-Real-IP 1.1.1.1;
proxy_set_header X-Forwarded-For 1.1.1.1;
proxy_set_header REMOTE-HOST 1.1.1.1;
proxy_set_header referer https://hostloc.com/$request_uri;
proxy_set_header Accept-Encoding "";
proxy_set_header User-Agent "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/114.0";
sub_filter_types *;
sub_filter '<base href="https://hostloc.com/">' '<meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no"><link rel="stylesheet" type="text/css" href="//cdn.jsdelivr.net/gh/lifespy/css-and-js-hub/css/responsive.css" />';
sub_filter 'hostloc.com' 'aa.bb.org';
sub_filter '</body>' '<script src="//cdn.jsdelivr.net/gh/lifespy/css-and-js-hub/js/polish.js"></script></body>';
sub_filter_once off;
set $static_fileEJLfi5A0 0;
if ( $uri ~* "\\.(gif|png|jpg|css|js|woff|woff2)$" )
{
set $static_fileEJLfi5A0 1;
expires 12h;
}
if ( $static_fileEJLfi5A0 = 0 )
{
add_header Cache-Control no-cache;
}
}
}
反代实例二反代80端
server
{
listen 80;
#listen [::]:80;
server_name aa.bb.com ;//需要访问的域名
#如果需要http 301跳转到 https 需要将下面行前面的 # 注释去掉,并重载nginx
#return 301 https://t2.liwuboy.com$request_uri;
#resolver 8.8.8.8;
#新增下面两行密码访问配置
auth_basic "Please input password"; #这里是验证时的提示信息
auth_basic_user_file /usr/local/nginx/conf/htpasswd;
location / {
proxy_pass https://hostloc.com;
proxy_set_header Referer "https://hostloc.com/";
proxy_set_header Host hostloc.com;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header REMOTE-HOST $remote_addr;
add_header X-Cache $upstream_cache_status;
#Set Nginx Cache
proxy_set_header Accept-Encoding "";
add_header Access-Control-Allow-Origin *;
sub_filter_types text/css text/xml text/javascript application/javascript application/json;
sub_filter '"//' '"https://';
sub_filter "hostloc.com" "aa.bb.com";
sub_filter "www.hostloc.com" "aa.bb.com";
sub_filter "主机" "煮鸡";
sub_filter "用户组: 论坛元老" "用户组: 管理员";
sub_filter_once off;
set $static_fileCz06CWLw 0;
if ( $uri ~* "\.(gif|png|jpg|css|js|woff|woff2)$" )
{
set $static_fileCz06CWLw 1;
expires 12h;
}
if ( $static_fileCz06CWLw = 0 )
{
add_header Cache-Control no-cache;
}
}
access_log off;
}