ky818smKy818sm  2023-10-26 13:37 123ppp资源网 隐藏边栏 |   抢沙发  6 
文章评分 0 次,平均分 0.0

lnmp环境网站反向代理设置模板,留以后参考
按此设置后,图片、js、css等一些资源无法访问,需要修改!


server
    {
        listen 80;
        #listen [::]:80;
        server_name example.com www.example.com;

        #如果需要http 301跳转到 https 需要将下面行前面的 # 注释去掉,并重载nginx
        #return 301 https://$host$request_uri;

        location / {
            proxy_pass http://127.0.0.1:3000;
            proxy_http_version    1.1;
            proxy_cache_bypass    $http_upgrade;
            proxy_set_header Upgrade            $http_upgrade;
            proxy_set_header Connection         "upgrade";
            proxy_set_header Host               $host;
            proxy_set_header X-Real-IP          $remote_addr;
            proxy_set_header X-Forwarded-For    $proxy_add_x_forwarded_for;
            proxy_set_header X-Forwarded-Proto  $scheme;
            proxy_set_header X-Forwarded-Host   $host;
            proxy_set_header X-Forwarded-Port   $server_port;
        }

        access_log off;
    }

server
    {
        listen 443 ssl http2;
        #listen [::]:443 ssl http2;
        server_name example.com www.example.com;

        ssl_certificate /usr/local/nginx/conf/ssl/example.com.crt;
        ssl_certificate_key /usr/local/nginx/conf/ssl/example.com.key;
        ssl_session_timeout 5m;
        ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
        ssl_prefer_server_ciphers on;
        ssl_ciphers "TLS13-AES-256-GCM-SHA384:TLS13-CHACHA20-POLY1305-SHA256:TLS13-AES-128-GCM-SHA256:TLS13-AES-128-CCM-8-SHA256:TLS13-AES-128-CCM-SHA256:EECDH+CHACHA20:EECDH+CHACHA20-draft:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5";
        ssl_session_cache builtin:1000 shared:SSL:10m;
        # openssl dhparam -out /usr/local/nginx/conf/ssl/dhparam.pem 2048
        ssl_dhparam /usr/local/nginx/conf/ssl/dhparam.pem;

        location / {
            proxy_pass http://127.0.0.1:3000;
            proxy_http_version    1.1;
            proxy_cache_bypass    $http_upgrade;
            proxy_set_header Upgrade            $http_upgrade;
            proxy_set_header Connection         "upgrade";
            proxy_set_header Host               $host;
            proxy_set_header X-Real-IP          $remote_addr;
            proxy_set_header X-Forwarded-For    $proxy_add_x_forwarded_for;
            proxy_set_header X-Forwarded-Proto  $scheme;
            proxy_set_header X-Forwarded-Host   $host;
            proxy_set_header X-Forwarded-Port   $server_port;
        }

        access_log off;
    }

本文为原创文章,版权归所有,欢迎分享本文,转载请保留出处!

声明:如果本站发布的内容侵犯到您的权益,请通过邮件【[email protected]】联系本站,我们将及时删除!

你可能也喜欢

热评文章

上一篇
下一篇

发表评论

表情 格式 链接 私密 签到