最初配置:
server { listen 8001; #反向代理暴露在公网上的端口 server_name localhost; #IP #charset koi8-r; #access_log logs/host.access.log main; location /pub { #将/pub及pub下的网址进行反向代理 proxy_pass http://localhost:8080; #知行之桥url proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; rewrite ^/pub/(.*)$ /pub/$1 break; #rewrite实现url重写 } location / { deny all; return 403; #所有/的访问都返回403 } ….. #下面的保持nginx原来的配置 }
这里如果是https的ssl网站就会出现502的错误,解决办法加入:
proxy_ssl_server_name on;
之后会出现403、404的错误,把proxy_set_header Host $host;后面这个变量改成真实域名,最后配置如下:
server { #auth_basic "";#密码访问控制 #auth_basic_user_file /usr/local/nginx/conf/jb.conf; listen 80; server_name xxx.com; index index.html index.htm index.php default.html default.htm default.php; root /home/admin; location /menu1 { proxy_pass https://api.xxx.com; proxy_ssl_server_name on; proxy_set_header Host api.xxx.com; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; } location /menu2 { proxy_pass https://api2.xxx.com; proxy_ssl_server_name on; proxy_set_header Host api2.xxx.com; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; } }
正常
浙公网安备 33010602011771号