nginx反向代理实例
有时候主站位于欧洲、加拿大等线路比较远的地区,为了加快国内的访问速度,通常可以用一台美国西海岸的小鸡去做反向代理服务器,加速网站访问,同时顺便也能起到隐藏主站真实IP的目的。
上星期搞了一台KS3C特价独服,机房位于加拿大,国内联通访问速度尚可,移动某些地区速度堪忧,于是决定用一个洛杉矶的小鸡做个反向代理。
除非是需要某些线路直接访问主站,通常建议主站不开https,而在代理小鸡上开启https,下面分为HTTP和HTTPS两个情况给出nginx配置。
- 代理http协议
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 |
server { listen 80; server_name example.com www.example.com; access_log /data/wwwlogs/example_com_nginx.log combined; index index.html index.htm index.php; if ($host != example.com) { return 301 $scheme://example.com$request_uri; } # 301跳转 location / { proxy_pass http://主站真实IP/; proxy_read_timeout 300; # 下载超时时间 proxy_connect_timeout 300; # 连接超时时间 proxy_redirect off; proxy_set_header X-Forwarded-Proto $scheme; # 用相同的协议转发 proxy_set_header Host $host; # 用相同的域名 proxy_set_header X-Real-IP $remote_addr; # 获取网站访问用户的IP } } |
- 代理https协议
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 |
server { listen 443; ssl on; ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; add_header Strict-Transport-Security "max-age=63072000; includeSubdomains; preload"; server_name example.com www.example.com; access_log /data/wwwlogs/example.com_nginx.log combined; index index.html index.htm index.php; if ($host != example.com) { return 301 $scheme://example.com$request_uri; } include /usr/local/nginx/conf/rewrite/none.conf; location / { proxy_pass http://主站真实IP/; proxy_read_timeout 300; proxy_connect_timeout 300; proxy_redirect off; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; } } |
- 反代Aria2Ng面板
Aria2Ng面板除了通常的80端口传输页面以外,还会通过6800端口定时发送jsonrpc,因此nginx反代配置还需考虑这一点。
注意反代服务器防火墙需开启6800端口。
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 |
server { listen 80; listen 6800; server_name aria2.feiqy.com; access_log /data/wwwlogs/aria2.feiqy.com_nginx.log combined; index index.html index.htm index.php; root /data/wwwroot/aria2.feiqy.com; include /usr/local/nginx/conf/rewrite/none.conf; #error_page 404 /404.html; #error_page 502 /502.html; location ~ .*/jsonrpc { proxy_pass http://主站真实IP:6800; proxy_read_timeout 300; proxy_connect_timeout 300; proxy_redirect off; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; } location / { proxy_pass http://主站真实IP/; proxy_read_timeout 300; proxy_connect_timeout 300; proxy_redirect off; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; } } |
本文出自扉启博客,转载时请注明出处及相应链接。
本文永久链接: https://www.feiqy.com/nginx-reverse-proxy/
一条评论
useful !