Nginx反向代理,转发本地服务器

配置规则

#https
server {      
    listen       443 ssl http2;
    server_name wlcbit.com; 
    ssl_certificate      /www/server/panel/vhost/cert/wlcbit.com/fullchain.pem;    #证书签名路径
    ssl_certificate_key  /www/server/panel/vhost/cert/wlcbit.com/privkey.pem;      #证书密钥路径
    ssl_session_timeout 5m;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
    ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;
    ssl_prefer_server_ciphers on;
    
    add_header Content-Security-Policy "upgrade-insecure-requests";                 #跨域
    add_header Cache-Control no-cache;                                              #禁止缓存
    add_header Pragma no-cache;
    add_header Expires 0;
	
    #跳转
    location / {
        proxy_redirect off;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        # proxy_set_header Upgrade-Insecure-Requests 1;
        # proxy_set_header X-Forwarded-Proto https;
        proxy_pass https://被转发的IP:https端口;
    }
}

#http 
server{
    listen 80;
    server_name wlcbit.com;
    # return 301 https://$server_name$request_uri;
    add_header Content-Security-Policy "upgrade-insecure-requests";
    location / {
        proxy_redirect off;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_pass http://被转发的IP:http端口;
    }
}

 

© 版权声明
THE END
喜欢就支持一下吧
点赞0 分享
评论 抢沙发
头像
欢迎您留下宝贵的见解!
提交
头像

昵称

取消
昵称表情代码图片

    暂无评论内容