nginx反代网站实例整理验证

建站交流2年前 (2023-06-07)2960

测试实例一反代443端口,代码如下

server {

server_name aa.bb.org;

#SSL Configuration

listen 443 ssl;

listen [::]:443 ssl;

ssl_certificate /aa.cer;

ssl_certificate_key /aa.key;

ssl_session_timeout 5m;

ssl_protocols TLSv1 TLSv1.1 TLSv1.2;

ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;

ssl_prefer_server_ciphers on;

if ($scheme = http) {

return 301 https://$server_name$request_uri;

}

# proxy to another site

location ~/ {

proxy_pass https://hostloc.com;

proxy_set_header Host hostloc.com;

proxy_set_header X-Real-IP 1.1.1.1;

proxy_set_header X-Forwarded-For 1.1.1.1;

proxy_set_header REMOTE-HOST 1.1.1.1;

proxy_set_header referer https://hostloc.com/$request_uri;

proxy_set_header Accept-Encoding "";

proxy_set_header User-Agent "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/114.0";

sub_filter_types *;

sub_filter '<base href="https://hostloc.com/">' '<meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no"><link rel="stylesheet" type="text/css" href="//cdn.jsdelivr.net/gh/lifespy/css-and-js-hub/css/responsive.css" />';

sub_filter 'hostloc.com' 'aa.bb.org';

sub_filter '</body>' '<script src="//cdn.jsdelivr.net/gh/lifespy/css-and-js-hub/js/polish.js"></script></body>';

sub_filter_once off;

set $static_fileEJLfi5A0 0;

if ( $uri ~* "\\.(gif|png|jpg|css|js|woff|woff2)$" )

{

set $static_fileEJLfi5A0 1;

expires 12h;

}

if ( $static_fileEJLfi5A0 = 0 )

{

add_header Cache-Control no-cache;

}

}

 

}

反代实例二反代80端

server

    {

        listen 80;

        #listen [::]:80;

        server_name aa.bb.com ;//需要访问的域名

        #如果需要http 301跳转到 https 需要将下面行前面的 # 注释去掉,并重载nginx

        #return 301 https://t2.liwuboy.com$request_uri;

       

        #resolver        8.8.8.8;

        #新增下面两行密码访问配置

        auth_basic "Please input password"; #这里是验证时的提示信息

        auth_basic_user_file /usr/local/nginx/conf/htpasswd;

        location / {

            proxy_pass https://hostloc.com;

            proxy_set_header Referer "https://hostloc.com/";

            proxy_set_header Host hostloc.com;

            proxy_set_header X-Real-IP $remote_addr;

            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

            proxy_set_header REMOTE-HOST $remote_addr;


            add_header X-Cache $upstream_cache_status;


            #Set Nginx Cache


            proxy_set_header Accept-Encoding "";

            add_header Access-Control-Allow-Origin *;

            sub_filter_types text/css text/xml text/javascript application/javascript application/json;

            sub_filter '"//' '"https://';

            sub_filter "hostloc.com" "aa.bb.com";

            sub_filter "www.hostloc.com" "aa.bb.com";

            sub_filter "主机" "煮鸡";

            sub_filter "用户组: 论坛元老" "用户组: 管理员";

            sub_filter_once off;

       

       

            set $static_fileCz06CWLw 0;

            if ( $uri ~* "\.(gif|png|jpg|css|js|woff|woff2)$" )

            {

                    set $static_fileCz06CWLw 1;

                    expires 12h;

                }

            if ( $static_fileCz06CWLw = 0 )

            {

                add_header Cache-Control no-cache;

            }

        }


        access_log off;

    }


标签: nginx反代

发表评论

访客

看不清,换一张

◎欢迎参与讨论,请在这里发表您的看法和观点。