nginx宝塔反向代理配置

2022-06-15 21:14 by 超人联盟 1034 0

#PROXY-START/


location ^~ /

{

    proxy_pass http://xxxxxxxx;

    proxy_set_header Host $host;

    proxy_set_header X-Real-IP $remote_addr;

    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

    proxy_set_header REMOTE-HOST $remote_addr;

    proxy_set_header Upgrade $http_upgrade;

    proxy_set_header Connection "upgrade";

    add_header X-Cache $upstream_cache_status;


    #Set Nginx Cache

    

    

    set $static_fileb1iYPjKY 0;

    if ( $uri ~* "\.(gif|png|jpg|css|js|woff|woff2)$" )

    {

    set $static_fileb1iYPjKY 1;

    expires 12h;

        }

    if ( $static_fileb1iYPjKY = 0 )

    {

    add_header Cache-Control no-cache;

    }

}


#PROXY-END/

下面配置为https

server

{

    listen 80;

listen 443 ssl http2;

    server_name xxx.xxxx.com;

    index index.php index.html index.htm default.php default.htm default.html;

    root /www/wwwroot/xxx.xxxx.com;


    #SSL-START SSL相关配置,请勿删除或修改下一行带注释的404规则

    #error_page 404/404.html;

    ssl_certificate    /www/server/panel/vhost/cert/xxx.xxxx.com/fullchain.pem;

    ssl_certificate_key    /www/server/panel/vhost/cert/xxx.xxxx.com/privkey.pem;

    ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3;

    ssl_ciphers EECDH+CHACHA20:EECDH+CHACHA20-draft:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;

    ssl_prefer_server_ciphers on;

    ssl_session_cache shared:SSL:10m;

    ssl_session_timeout 10m;

    add_header Strict-Transport-Security "max-age=31536000";

    error_page 497  https://$host$request_uri;


    #SSL-END


    #ERROR-PAGE-START  错误页配置,可以注释、删除或修改

    #error_page 404 /404.html;

    #error_page 502 /502.html;

    #ERROR-PAGE-END


    #PHP-INFO-START  PHP引用配置,可以注释或修改

    #清理缓存规则


    location ~ /purge(/.*) {

        proxy_cache_purge cache_one $host$1$is_args$args;

        #access_log  /www/wwwlogs/xxx.xxxx.com_purge_cache.log;

    }

#引用反向代理规则,注释后配置的反向代理将无效

include /www/server/panel/vhost/nginx/proxy/xxx.xxxx.com/*.conf;


include enable-php-00.conf;

    #PHP-INFO-END


    #REWRITE-START URL重写规则引用,修改后将导致面板设置的伪静态规则失效

    include /www/server/panel/vhost/rewrite/xxx.xxxx.com.conf;

    #REWRITE-END


    #禁止访问的文件或目录

    location ~ ^/(\.user.ini|\.htaccess|\.git|\.svn|\.project|LICENSE|README.md)

    {

        return 404;

    }


    #一键申请SSL证书验证目录相关设置

    location ~ \.well-known{

        allow all;

    }


    access_log  /www/wwwlogs/xxx.xxxx.com.log;

    error_log  /www/wwwlogs/xxx.xxxx.com.error.log;

}



评论0

    热门文章


    0.154030s