首页 > 系统相关 >Nginx通过https方式反向代理的简单实现

Nginx通过https方式反向代理的简单实现

时间:2024-11-22 16:56:34浏览次数:1  
标签:index http nginx 1.8 Nginx 反向 proxy https root

1)nginx的反向代理:proxy_pass 2)nginx的负载均衡:upstream

下面是nginx的反向代理和负载均衡的实例:

负载机:A机器:103.110.186.8/192.168.1.8 后端机器1:B机器:192.168.1.102 后端机器2:C机器:192.168.1.103

需求: 1)访问A机器的8080端口,反向代理到B机器的8080端口; 访问A机器的8088端口,反向代理到C机器的8088端口; 访问http://103.110.86.8:8090/ios,反向代理到B机器http://192.168.1.102:8090/ios/

2)访问A机器的80端口,负载均衡到后端的两台机器B和C的80端口

操作记录: -------------------------------------------------------------------------------------- 负载机:A机器上的操作记录: 1)编译安装nginx [root@opd ~]# yum install -y pcre* openssl* gcc gcc+ [root@opd ~]# cd /opt/src [root@src ~]# wget http://nginx.org/download/nginx-1.8.0.tar.gz [root@src ~]# tar -zxvf nginx-1.8.0.tar.gz [root@src ~]# cd nginx-1.8.0 #添加www用户,其中-M参数表示不添加用户家目录,-s参数表示指定shell类型

[[email protected] ~]#useradd www -M -s /sbin/nologin [[email protected] ~]#vim auto/cc/gcc #将这句注释掉 取消Debug编译模式 大概在179行 #CFLAGS="$CFLAGS -g"

#我们再配置下nginx编译参数 [[email protected] ~]# ./configure --prefix=/opt/nginx --user=www --group=www --with-http_stub_status_module --with-http_ssl_module [[email protected] ~]#make [[email protected] ~]#make install clean

2)配置nginx [[email protected] ~]# cd /opt/nginx/conf [[email protected] conf]# vim nginx.conf         //这个可以作为nginx安装后的配置规范

代码语言:javascript 复制 
http {
    include       mime.types;
    default_type  application/octet-stream;
    charset utf-8;
 
    log_format  main  '$http_x_forwarded_for $remote_addr $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_cookie" $host $request_time';
    sendfile       on;
    tcp_nopush     on;
    tcp_nodelay    on;
    keepalive_timeout  65;
 
 
    fastcgi_connect_timeout 3000;
    fastcgi_send_timeout 3000;
    fastcgi_read_timeout 3000;
    fastcgi_buffer_size 256k;
    fastcgi_buffers 8 256k;
    fastcgi_busy_buffers_size 256k;
    fastcgi_temp_file_write_size 256k;
    fastcgi_intercept_errors on;
  
     
    client_header_timeout 600s;
    client_body_timeout 600s;
  
    client_max_body_size 100m;             
    client_body_buffer_size 256k;           
  
    gzip  on;
    gzip_min_length  1k;
    gzip_buffers     4 16k;
    gzip_http_version 1.1;
    gzip_comp_level 9;
    gzip_types       text/plain application/x-javascript text/css application/xml text/javascript application/x-httpd-php;
    gzip_vary on;
  
 
    include vhosts/*.conf;
}

[[email protected] conf]# ulimit -n 65535 [[email protected] conf]# mkdir vhosts [[email protected] conf]# cd vhosts

配置反向代理和负载均衡 [[email protected] vhosts]# vim 8080.conf

代码语言:javascript 复制 
server {
    listen 8080;
    server_name localhost;
    index index.html index.php index.htm;
    root /var/www/html;
 
    access_log  /usr/local/nginx/logs/8080-access.log main;
    error_log  /usr/local/nginx/logs/8080-error.log;

location / {
    proxy_pass http://192.168.1.102:8080;
    proxy_redirect off ;
    proxy_set_header Host $host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header REMOTE-HOST $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_connect_timeout 300;             #跟后端服务器连接超时时间,发起握手等候响应时间
    proxy_send_timeout 300;                #后端服务器回传时间,就是在规定时间内后端服务器必须传完所有数据
    proxy_read_timeout 600;                #连接成功后等待后端服务器的响应时间,已经进入后端的排队之中等候处理
    proxy_buffer_size 256k;                #代理请求缓冲区,会保存用户的头信息以供nginx进行处理
    proxy_buffers 4 256k;                  #同上,告诉nginx保存单个用几个buffer最大用多少空间
    proxy_busy_buffers_size 256k;          #如果系统很忙时候可以申请最大的proxy_buffers
    proxy_temp_file_write_size 256k;       #proxy缓存临时文件的大小
    proxy_next_upstream error timeout invalid_header http_500 http_503 http_404;
    proxy_max_temp_file_size 128m;
}
}

[[email protected] vhosts]# cat 8088.conf

代码语言:javascript 复制 
server {
    listen 8088;
    server_name localhost;
    index index.html index.php index.htm;
    root /var/www/html;
 
    access_log  /usr/local/nginx/logs/8088-access.log main;
    error_log  /usr/local/nginx/logs/8088-error.log;

location / {
    proxy_pass http://192.168.1.103:8088;
    proxy_redirect off ;
    proxy_set_header Host $host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header REMOTE-HOST $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_connect_timeout 300;             
    proxy_send_timeout 300;               
    proxy_read_timeout 600;               
    proxy_buffer_size 256k;                
    proxy_buffers 4 256k;                  
    proxy_busy_buffers_size 256k;         
    proxy_temp_file_write_size 256k;       
    proxy_next_upstream error timeout invalid_header http_500 http_503 http_404;
    proxy_max_temp_file_size 128m;
}
}

----------------------------------------------------------------------------------------------------------------- 下面这个匹配path的代理设置需要注意几点: 首先一定要保证目标B机器,也就是192.168.1.102的8090端口站点目录下有这个匹配path的目录ios存在!! 也就是要保证A机器本机能顺利访问到目标B机器的8090端口的ios路径,即: [[email protected] vhosts]# curl http://192.168.1.102:8090/ios/ #一定要保证这个能从A机器访问成功!

下面几种配置都是可以的:

第一种: [[email protected] vhosts]# cat 8090.conf

代码语言:javascript 复制 
server {
    listen 8090;
    server_name localhost;
    index index.html index.php index.htm;
    root /var/www/html;
 
    access_log  /usr/local/nginx/logs/8090-access.log main;
    error_log  /usr/local/nginx/logs/8090-error.log;

    location /ios/ {                            #这种情况,这里一定要匹配的是/ios/,不能是/ios
    proxy_pass http://192.168.1.102:8090;       #一定要保证192.168.1.102机器8090端口站点目录下有ios目录!否则访问会报错404!
    proxy_redirect off ;
    proxy_set_header Host $host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header REMOTE-HOST $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_connect_timeout 300;             
    proxy_send_timeout 300;               
    proxy_read_timeout 600;               
    proxy_buffer_size 256k;                
    proxy_buffers 4 256k;                  
    proxy_busy_buffers_size 256k;         
    proxy_temp_file_write_size 256k;       
    proxy_next_upstream error timeout invalid_header http_500 http_503 http_404;
    proxy_max_temp_file_size 128m;
}
}

第二种: [[email protected] vhosts]# cat 8090.conf

代码语言:javascript 复制 
server {
    listen 8090;
    server_name localhost;
    index index.html index.php index.htm;
    root /var/www/html;
 
    access_log  /usr/local/nginx/logs/8090-access.log main;
    error_log  /usr/local/nginx/logs/8090-error.log;

    location /ios/ { 
    proxy_pass http://192.168.1.102:8090/ios/; 
    proxy_redirect off ;
    proxy_set_header Host $host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header REMOTE-HOST $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_connect_timeout 300;             
    proxy_send_timeout 300;               
    proxy_read_timeout 600;               
    proxy_buffer_size 256k;                
    proxy_buffers 4 256k;                  
    proxy_busy_buffers_size 256k;         
    proxy_temp_file_write_size 256k;       
    proxy_next_upstream error timeout invalid_header http_500 http_503 http_404;
    proxy_max_temp_file_size 128m;
}
}

第三种: [[email protected] vhosts]# cat 8090.conf

代码语言:javascript 复制 
server {
    listen 8090;
    server_name localhost;
    index index.html index.php index.htm;
    root /var/www/html;
 
    access_log  /usr/local/nginx/logs/8090-access.log main;
    error_log  /usr/local/nginx/logs/8090-error.log;

    location /ios { 
    proxy_pass http://192.168.1.102:8090/ios/;         这种情况,这里一定要匹配的是/ios/,不能是/ios
    proxy_redirect off ;
    proxy_set_header Host $host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header REMOTE-HOST $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_connect_timeout 300;             
    proxy_send_timeout 300;               
    proxy_read_timeout 600;               
    proxy_buffer_size 256k;                
    proxy_buffers 4 256k;                  
    proxy_busy_buffers_size 256k;         
    proxy_temp_file_write_size 256k;       
    proxy_next_upstream error timeout invalid_header http_500 http_503 http_404;
    proxy_max_temp_file_size 128m;
}
}

以上三种配置方法都保证了访问http://103.110.86.8:8090/ios会自动变为http://103.10.86.8:8090/ios/,并代理到http://192.168.1.102:8090/ios/的结果

-----------------------------------------------------------------------------------------------------------------

[[email protected] vhosts]# cat LB.conf

代码语言:javascript 复制 
upstream lb {
    server 192.168.1.102:80 max_fails=3 fail_timeout=30s;   #max_fails = 3 为允许失败的次数,默认值为1
    server 192.168.1.103:80 max_fails=3 fail_timeout=30s;   #fail_timeout = 30s 当max_fails次失败后,暂停将请求分发到该后端服务器的时间
}

server {
    listen 80;
    server_name localhost;
    index index.html index.php index.htm;
    root /var/www/html;
 
    access_log  /usr/local/nginx/logs/80-access.log main;
    error_log  /usr/local/nginx/logs/80-error.log;

    location / {
    proxy_pass http://lb;
    proxy_redirect off ;
    proxy_set_header Host $host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header REMOTE-HOST $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_connect_timeout 300;             
    proxy_send_timeout 300;               
    proxy_read_timeout 600;               
    proxy_buffer_size 256k;                
    proxy_buffers 4 256k;                  
    proxy_busy_buffers_size 256k;         
    proxy_temp_file_write_size 256k;       
    proxy_next_upstream error timeout invalid_header http_500 http_503 http_404;
    proxy_max_temp_file_size 128m;
}
}

启动nginx [[email protected] vhosts]# /opt/nginx/sbin/nginx -t 【检查配置是否正确】 nginx: the configuration file /opt/nginx/conf/nginx.conf syntax is ok nginx: configuration file /opt/nginx/conf/nginx.conf test is successful [root@host-192-168-1-102 vhosts]# /opt/nginx/sbin/nginx 【启动nginx】

-------------------------------------------------------------------------------------- 后端机:B机器上的操作记录: 1)编译安装nginx [root@B ~]# yum install -y pcre* openssl* gcc gcc+ [root@B ~]# cd /opt/src [root@B ~]# wget http://nginx.org/download/nginx-1.8.0.tar.gz [root@B ~]# tar -zxvf nginx-1.8.0.tar.gz [root@B ~]# cd nginx-1.8.0 #添加www用户,其中-M参数表示不添加用户家目录,-s参数表示指定shell类型

[[email protected] ~]#useradd www -M -s /sbin/nologin [[email protected] ~]##vim auto/cc/gcc #将这句注释掉 取消Debug编译模式 大概在179行 #CFLAGS="$CFLAGS -g"

#我们再配置下nginx编译参数 [[email protected] ~]# ./configure --prefix=/opt/nginx --user=www --group=www --with-http_stub_status_module --with-http_ssl_module [[email protected] ~]#make [[email protected] ~]#make install clean

2)配置nginx [[email protected] ~]# cd /opt/nginx/conf 注意,把默认的nginx.conf文件中的server区域配置注释掉,设置vhosts虚拟主机的配置,如下: [[email protected] conf]# vim nginx.conf

代码语言:javascript 复制 
user  www;
worker_processes  8;
  
events {
    worker_connections  65535;
}
  
http {
    include       mime.types;
    default_type  application/octet-stream;
    charset utf-8;
 
    log_format  main  '$http_x_forwarded_for $remote_addr $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_cookie" $host $request_time';
    sendfile       on;
    tcp_nopush     on;
    tcp_nodelay    on;
    keepalive_timeout  65;
 
 
    fastcgi_connect_timeout 3000;
    fastcgi_send_timeout 3000;
    fastcgi_read_timeout 3000;
    fastcgi_buffer_size 256k;
    fastcgi_buffers 8 256k;
    fastcgi_busy_buffers_size 256k;
    fastcgi_temp_file_write_size 256k;
    fastcgi_intercept_errors on;
  
     
    client_header_timeout 600s;
    client_body_timeout 600s;
  
    client_max_body_size 100m;             
    client_body_buffer_size 256k;           
  
    gzip  on;
    gzip_min_length  1k;
    gzip_buffers     4 16k;
    gzip_http_version 1.1;
    gzip_comp_level 9;
    gzip_types       text/plain application/x-javascript text/css application/xml text/javascript application/x-httpd-php;
    gzip_vary on;
  
 
    include vhosts/*.conf;
}

[[email protected] conf]# ulimit -n 65535 [[email protected] conf]# mkdir vhosts [[email protected] conf]# cd vhosts

[[email protected] conf]# vim 8080.conf

代码语言:javascript 复制 
server {
    listen 8080;
    server_name localhost;
    index index.html index.php index.htm;
 
    access_log  /usr/local/nginx/logs/8080-access.log main;
    error_log  /usr/local/nginx/logs/8080-error.log;

location ~ / {
    root /var/www/html/8080;
    index index.html index.php index.htm;
}
}

[[email protected] conf]# vim 8090.conf

代码语言:javascript 复制 
server {
    listen 8090;
    server_name localhost;
    index index.html index.php index.htm;
 
    access_log  /usr/local/nginx/logs/8090-access.log main;
    error_log  /usr/local/nginx/logs/8090-error.log; 

location ~ / {
    root /var/www/html/8090;        #针对上面匹配ios的path代理,要保证站点目录/var/www/html/8080下有ios目录存在
    index index.html index.php index.htm;
}
}

[[email protected] conf]# vim 80.conf

代码语言:javascript 复制 
server {
   listen 80;
   server_name localhost;
   index index.html index.php index.htm;
 
   access_log  /usr/local/nginx/logs/80-access.log main;
   error_log  /usr/local/nginx/logs/80-error.log;

location ~ / {
   root /var/www/html;
   index index.html index.php index.htm;
}
}

启动nginx [[email protected] vhosts]# /opt/nginx/sbin/nginx -t 【检查配置是否正确】 nginx: the configuration file /opt/nginx/conf/nginx.conf syntax is ok nginx: configuration file /opt/nginx/conf/nginx.conf test is successful [root@host-192-168-1-102 vhosts]# /opt/nginx/sbin/nginx 【启动nginx】

-------------------------------------------------------------------------------------- 后端机:C机器上的操作记录: 1)编译安装nginx [root@C ~]# yum install -y pcre* openssl* gcc gcc+ [root@C ~]# cd /opt/src [root@C ~]# wget http://nginx.org/download/nginx-1.8.0.tar.gz [root@C ~]# tar -zxvf nginx-1.8.0.tar.gz [root@C ~]# cd nginx-1.8.0 #添加www用户,其中-M参数表示不添加用户家目录,-s参数表示指定shell类型

[[email protected] ~]#useradd www -M -s /sbin/nologin [[email protected] ~]##vim auto/cc/gcc #将这句注释掉 取消Debug编译模式 大概在179行 #CFLAGS="$CFLAGS -g"

#我们再配置下nginx编译参数 [[email protected] ~]# ./configure --prefix=/opt/nginx --user=www --group=www --with-http_stub_status_module --with-http_ssl_module [[email protected] ~]#make [[email protected] ~]#make install clean

2)配置nginx [[email protected] ~]# cd /opt/nginx/conf 注意,把默认的nginx.conf文件中的server区域配置注释掉,设置vhosts虚拟主机的配置,如下: [[email protected] conf]# vim nginx.conf

代码语言:javascript 复制 
user  www;
worker_processes  8;
  
events {
    worker_connections  65535;
}
  
http {
    include       mime.types;
    default_type  application/octet-stream;
    charset utf-8;
 
    log_format  main  '$http_x_forwarded_for $remote_addr $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_cookie" $host $request_time';
    sendfile       on;
    tcp_nopush     on;
    tcp_nodelay    on;
    keepalive_timeout  65;
 
 
    fastcgi_connect_timeout 3000;
    fastcgi_send_timeout 3000;
    fastcgi_read_timeout 3000;
    fastcgi_buffer_size 256k;
    fastcgi_buffers 8 256k;
    fastcgi_busy_buffers_size 256k;
    fastcgi_temp_file_write_size 256k;
    fastcgi_intercept_errors on;
  
     
    client_header_timeout 600s;
    client_body_timeout 600s;
  
    client_max_body_size 100m;             
    client_body_buffer_size 256k;           
  
    gzip  on;
    gzip_min_length  1k;
    gzip_buffers     4 16k;
    gzip_http_version 1.1;
    gzip_comp_level 9;
    gzip_types       text/plain application/x-javascript text/css application/xml text/javascript application/x-httpd-php;
    gzip_vary on;
  
 
    include vhosts/*.conf;
}

[[email protected] conf]# vim 80.conf

代码语言:javascript 复制 
server {
    listen 80;
    server_name localhost;
    index index.html index.php index.htm;
 
    access_log  /usr/local/nginx/logs/80-access.log main;
    error_log  /usr/local/nginx/logs/80-error.log;

location ~ / {
    root /var/www/html/;
    index index.html index.php index.htm;
}
}

启动nginx

[[email protected] vhosts]# /opt/nginx/sbin/nginx -t 【检查配置是否正确】 nginx: the configuration file /opt/nginx/conf/nginx.conf syntax is ok nginx: configuration file /opt/nginx/conf/nginx.conf test is successful [root@host-192-168-1-102 vhosts]# /opt/nginx/sbin/nginx 【启动nginx】

到此,上面需求中的nginx反向代理和负载均衡就已经配置完成了! 访问http://103.110.86.8:8080的结果显示的就是B机器,即http://192.168.1.102:8080的结果 访问http://103.110.86.8:8088的结果显示的就是C机器,即http://192.168.1.108:8088的结果 访问http://103.110.86.8:8090/ios的结果显示的就是B机器,即http://192.168.1.102:8090/ios/的结果

访问http://103.110.86.8的请求就会被负载给到后端两台机器http://192.168.1.102和http://192.168.1.103

可以在103.110.86.8本机可以使用curl和telnet测试到目标机器是否通顺~ [[email protected] vhosts]# curl http://192.168.1.102:8080 [[email protected] vhosts]# telnet 192.168.1.102 8080

-------------------------------------------------------------------------------------------------------------------------------------------- 说明一下: 上面的nginx反向代理的需求,除了nginx反代配置之外,也可以使用iptables的nat转发实现。

比如: 访问A机器的8080端口,反向代理到B机器的80端口;

iptables的nat转发规则设置如下: [root@opd ~]# iptables -t nat -A PREROUTING -p tcp -m tcp --dport 8080 -j DNAT --to-destination 192.168.1.102:80 [root@opd ~]# iptables -t nat -A POSTROUTING -d 192.168.1.102 -p tcp -m tcp --sport 80 -j SNAT --to-source 192.168.1.8 [root@opd ~]# iptables -t filter -A INPUT -p tcp -m state --state NEW -m tcp --dport 8080 -j ACCEPT

[root@opd ~]# service iptables save

************************************** 需要注意的是: 要打开A机器的ip转发功能: [root@opd ~]# echo 1 > /proc/sys/net/ipv4/ip_forward 然后后端机器B的route路由最好也设置成192.168.1.8 **************************************

这样,访问http://103.110.86.8:8080的结果就是http://192.168.1.102的结果

----------------------------------------------------------------------------------------------------------- nginx反向代理一例: 访问http://testwx3.wangshibo.com/apiwx3反向代理到https://testwww.wangshibo.com

代码语言:javascript 复制 
[root@dev-new-test vhosts]# cat testwx3.wangshibo.com.conf 
server {
        listen       80;

        server_name  testwx3.wangshibo.com;
        root  /Data/app/xqsj_wx3/dist;
        index index.html;

    location /apiwx3/ {
        proxy_pass https://testwww.wangshibo.com/;
    }

如上配置后: 访问http://testwx3.wangshibo.com/apiwx3自动跳转到http://testwx3.wangshibo.com/apiwx3/ 访问http://testwx3.wangshibo.com/apiwx3/$1的内容和https://testwww.wangshibo.com/$1内容一致 比如: 访问http://testwx3.wangshibo.com/apiwx3/xqsj.php?r=HouseGroup/create  显示的内容既是  http://testwww.wangshibo.com/xqsj.php?r=HouseGroup/create的内容

如果将上面的代理配置改为:

代码语言:javascript 复制 
    location /apiwx3 {
        proxy_pass https://testwww.wangshibo.com;
    }

    或者
        location /apiwx3/ {
        proxy_pass https://testwww.wangshibo.com/;
    }

那么只能实现:访问http://testwx3.wangshibo.com/apiwx3的结果和https://testwww.wangshibo.com一致 不能实现:访问http://testwx3.wangshibo.com/apiwx3/$1的内容和https://testwww.wangshibo.com/$1内容一致

标签:index,http,nginx,1.8,Nginx,反向,proxy,https,root
From: https://www.cnblogs.com/telwanggs/p/18563216

相关文章

  • Java https validatorException PKIX path building failed 问题处理步骤
    背景这是一个老问题了,其实可以不写,但要花费时间重新整理思绪处理类似的问题很是头疼,因查找的大多数文章只是介绍了其中一部分知识,不能给一个没处理过相关问题的人提供详细步骤,故写此文档。希望大家也能尽可能提供完整的解决方案。原因http升级https时会面临证书校验问题,部......
  • 说说你对http、https的理解
    HTTP和HTTPS都是用于在Web浏览器和服务器之间传输数据的协议,但HTTPS比HTTP更安全。两者主要区别在于:HTTP(HypertextTransferProtocol):不安全:HTTP以明文形式传输数据,这意味着任何拦截连接的人都可以读取数据。这包括密码、信用卡信息和其他敏感数据。端口80:......
  • 说说你对http、https、http2的理解
    好的,我从前端开发的角度来解释HTTP、HTTPS和HTTP/2的区别和联系:1.HTTP(HypertextTransferProtocol)定义:超文本传输协议,是互联网上应用最为广泛的一种网络协议,用于客户端和服务器之间进行通信。它是一种无状态协议,意味着每个请求都是独立的,服务器不会保留之前的请求......
  • 外网如何通过https访问自己的服务
    前情提要最近在接wx小游戏的sdk,消息推送需要在wx端配置http开头的地址。我本地开了一个http服务,监听端口7788,假设我的ip为192.168.33.44,想要达到的效果是,外部浏览器输入https://myproject.com/xx,实际上会转成http://192.168.33.44:7788/xx。以下是我的解决办法一、......
  • Windows下安装启动nginx
    1.下载官网解压缩到本地目录2.常用命令当前文件夹下cmd启动命令:startnginx后续关闭nginx的命令:nginx-sstop修改配置后重启:nginx-sreload3.查看浏览器输入127.0.0.1:804.配置配置文件在conf目录下编辑nginx.conf文件......
  • nginx 正向代理
    这里使用openresty安装基础包yuminstall-ygccmakeautoconfpatchyuminstall-ypcre-developenssl-devel下载openresty源码包和ngx_http_proxy_connect_module模块,编译安装wgethttps://openresty.org/download/openresty-1.21.4.3.tar.gzgitclonehttps://......
  • 遇到Web跨域问题,如何通过nginx代理配置解决
    项目场景:系统1:----后端(b):http://111.111.111.111:10080----前端(a):111.111.111.111:10082系统2:----后端(B):http://111.111.111.111:10083----前端(A):111.111.111.111:10081端口服务10082b(后端)10080a(前端)10083B(后端)10081A(前端)问题描述当系统2的前端A(10081),去调系统1的后端......
  • nginx配置反向代理
    由于生产环境中的win2012Server无法获取https的接口数据,产生了通过反向代理获取的想法。但在测试环境win2012安装了iis的urlrewrite,把iis都搞崩溃了,加上iis中配置转发也很麻烦,就没再尝试。后来我想到了nginx,在网上搜了一些配置反向代理的资料,没想到还挺简单的,这里我用的nginx版......
  • ssl证书,以 Nginx 为例
    目录1证书概述1.1常见证书格式1.2证书的几种扩展名1.3关于PKCS#12格式2Nginx下证书配置2.1证书的工作原理2.1.1单向认证2.1.2双向认证2.2CA机构签发2.2.1免费SSL证书申请2.2.2双向认证2.3自签证书2.3.1单向认证2.3.2双向认证附录1:Windows凭据1.1查看Wind......
  • Nginx与Upstream之间产生大量TIME_WAIT连接的解决办法
    1.现象Nginx反向代理了一个Java服务,QPS大概是200,问题发生时的Nginx配置:location/{proxy_passhttp://192.168.3.4:18600;}在上游Java服务器上可以观察到大量(约2000个)的TIME_WAIT状态的网络连接  从Nginx的error日志中还发现与Java服务器建立连接偶发失败的情况......

赞助商

阅读排行

网站主页关于我们联系我们网站地图

本网站内容转载自其他媒体,侵权联系[admin##ips99.com]。

Copyright © 2020-2023 IPS99 版权所有 IPS99