跳转到帖子

lnmp环境包(军哥)nginx反代规则

剑弗Discourse中发布的帖子

· 7次查看

location / {
        proxy_pass http://0.0.0.0:10443;  # 设置反向代理到目标地址
        proxy_set_header Host $host;       # 转发 Host 头
        proxy_set_header X-Real-IP $remote_addr;  # 转发客户端真实 IP
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;  # 转发客户端 IP
        proxy_set_header X-Forwarded-Proto $scheme;  # 转发协议
    }
  •
    0

    1篇意见

    推荐意见

    星耀道人

    剑弗

    网站管理

    • 网站管理

    实例配置文件(NGINX)

    server
    {
        listen 80;
        #listen [::]:80;
        server_name claw.chat ;
        index index.html index.htm index.php default.html default.htm default.php;
        root  /home/wwwroot/claw.chat;

        #include rewrite/claw.chat.conf;
        #error_page   404   /404.html;

        # Deny access to PHP files in specific directory
        #location ~ /(wp-content|uploads|wp-includes|images)/.*\.php$ { deny all; }

        include enable-php-pathinfo.conf;

        location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
        {
            expires      30d;
        }

        location ~ .*\.(js|css)?$
        {
            expires      12h;
        }

        location ~ /.well-known {
            allow all;
        }

        location ~ /\.
        {
            deny all;
        }

        location / {
            return 301 https://$host$request_uri;
        }

        access_log off;
    }

server
    {
        listen 443 ssl;
        http2 on;
        #listen [::]:443 ssl http2;
        server_name claw.chat ;
        index index.html index.htm index.php default.html default.htm default.php;
        root  /home/wwwroot/claw.chat;

        ssl_certificate /usr/local/nginx/conf/ssl/claw.chat/fullchain.cer;
        ssl_certificate_key /usr/local/nginx/conf/ssl/claw.chat/claw.chat.key;
        ssl_session_timeout 5m;
        ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
        ssl_prefer_server_ciphers on;
        ssl_ciphers "TLS13-AES-256-GCM-SHA384:TLS13-CHACHA20-POLY1305-SHA256:TLS13-AES-128-GCM-SHA256:TLS13-AES-128-CCM-8-SHA256:TLS13-AES-128-CCM-SHA256:EECDH+CHACHA20:EECDH+CHACHA20-draft:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5";
        ssl_session_cache builtin:1000 shared:SSL:10m;
        # openssl dhparam -out /usr/local/nginx/conf/ssl/dhparam.pem 2048
        ssl_dhparam /usr/local/nginx/conf/ssl/dhparam.pem;

        include rewrite/claw.chat.conf;
        #error_page   404   /404.html;

        # Deny access to PHP files in specific directory
        #location ~ /(wp-content|uploads|wp-includes|images)/.*\.php$ { deny all; }

        include enable-php-pathinfo.conf;

        location ^~ / {
        proxy_pass https://0.0.0.0:10443;  # 设置反向代理到目标地址
        proxy_set_header Host $host;       # 转发 Host 头
        proxy_set_header X-Real-IP $remote_addr;  # 转发客户端真实 IP
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;  # 转发客户端 IP
        proxy_set_header X-Forwarded-Proto $scheme;  # 转发协议
        }

        location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
        {
            expires      30d;
        }

        location ~ .*\.(js|css)?$
        {
            expires      12h;
        }

        location ~ /.well-known {
            allow all;
        }

        location ~ /\.
        {
            deny all;
        }

        access_log off;
    }
  • 引用
    • 游客
    添加意见…