帮助中心

   

热门搜索: 免费续期  推广  永久会员

nginx做反向代理设置时容易犯的错误

发现nginx在做反向设置的时候,在配置的过程中有几点容易出现的地方,就算是很小的地方设置错误,也会导致整个程序无法运作。所以迅加速下面为大家讲讲具体配置,以及指出哪些地方是容易出错的。以下是详情:

 

nginx做反向代理设置时容易犯的错误

 

user nginx;

worker_processes 1;

error_log /var/log/nginx/error.log;

pid /var/run/nginx.pid;

events {

worker_connections 1024;

}

http {

include /etc/nginx/mime.types;

default_type application/octet-stream;

log_format main ‘$remote_addr – $remote_user [$time_local] “$request” ‘

‘$status $body_bytes_sent “$http_referer” ‘

‘”$http_user_agent” “$http_x_forwarded_for”‘;

access_log /var/log/nginx/access.log main;

sendfile on;

keepalive_timeout 65;

server {

listen 80;

server_name aaa.test.com;

rewrite ^(.*) https://$server_name$1 permanent;

} ##这一块用来指定rewrite

server {

listen 443;

server_name aaa.test.com; ##如果后端是多vhost的server此处必须用真实域名。

location / {

proxy_pass https://172.16.160.131; ##realserver真实地址或域名

proxy_set_header Host $host;

proxy_set_header X-Real-IP $remote_addr;

proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

client_max_body_size 100m;

client_body_buffer_size 128k;

proxy_connect_timeout 300;

proxy_send_timeout 300;

proxy_read_timeout 300;

proxy_buffer_size 4k;

proxy_buffers 4 32k;

proxy_busy_buffers_size 64k;

proxy_temp_file_write_size 64k;

add_header X-Frame-Options SAMEORIGIN;

}

ssl on;

ssl_certificate /etc/nginx/cert/server.crt; ##此处是realserver的站点证书,用自签返回的就是自签。

ssl_certificate_key /etc/nginx/cert/server.key;

ssl_session_timeout 5m;

ssl_protocols SSLv3 TLSv1;

ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;

ssl_prefer_server_ciphers on;

error_page 500 502 503 504 /50x.html;

location = /50x.html {

root html;

}

}

include /etc/nginx/conf.d/*.conf;

}

 

基本的代理配置过程在这里就不展示了,主要是要大家注意到这些错误,以免导致程序错误。

关闭
0797-8539189
关注微信公众号,免费送2小时时长