认证反向代理
server
{
listen 443 ssl;
ssl on;
ssl_certificate /usr/local/nginx/ssl/cn.crt;
ssl_certificate_key /usr/local/nginx/ssl/cn.key;
server_name www.aa.com;
location / {
# proxy_redirect off;
# proxy_set_header Host $host;
# proxy_set_header X-Real-IP $remote_addr;
# proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
include proxy_setting.conf;
# proxy_next_upstream error timeout invalid_header http_500 http_502 http_503;
#
# ### Set headers ####
# proxy_set_header Host $host;
# proxy_set_header X-Real-IP $remote_addr;
# proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
#
# ### Most PHP, Python, Rails, Java App can use this header ###
# proxy_set_header X-Forwarded-Proto https;
#
# ### By default we don't want to redirect it ####
# proxy_redirect off;
proxy_pass https://ssl1;
}
}
proxy_setting.conf内容
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
#proxy_cache_use_stale timeout http_502 http_504;
proxy_cache_use_stale updating error timeout;
proxy_set_header X-Forwarded-Proto https;
proxy_ignore_headers X-Accel-Expires Expires Cache-Control Set-Cookie;
add_header X-Cache '$upstream_cache_status from $server_addr';
proxy_max_temp_file_size 0;
proxy_connect_timeout 5;
proxy_send_timeout 5;
proxy_read_timeout 3;
proxy_buffer_size 4k;
proxy_buffers 4 32k;
proxy_busy_buffers_size 64k;
proxy_temp_file_write_size 64k;
反向代理Proxy
~
server
{
listen 80;
server_name api.aaa.com;
location / {
# proxy_redirect off;
# proxy_set_header Host $host;
# proxy_set_header X-Real-IP $remote_addr;
# proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
include proxy_setting.conf;
proxy_pass http://online;
}
access_log /data/wwwlogs/api.log access;
}
主要区别为加粗字体其他使用proxy_setting.conf文件就可以
