nginx配置反向代理
打开nginx路径/usr/local/nginx/conf/nginx.conf
文件
user work;
worker_processes 4;
error_log /home/logs/nginx/error.log error;
pid /usr/local/nginx/logs/nginx.pid;
worker_rlimit_nofile 307200;
events
{
use epoll;
worker_connections 51200;
}
stream {
log_format proxy '{"timestamp": "$time_iso8601", '
'"host": "$server_addr", '
'"clientip": "$remote_addr", '
'"receivedsize": $bytes_received, '
'"sentsize": $bytes_sent, '
'"sessiontime": $session_time, '
'"upstreamhost": "$upstream_addr", '
'"upstreambytessent": "$upstream_bytes_sent", '
'"upstreambytesreceived": "$upstream_bytes_received", '
'"upstreamconnecttime": "$upstream_connect_time", '
'"status": "$status"} ';
include tcp_vhosts/*.conf;
}
http {
include mime.types;
include proxy.conf;
log_format main '$remote_addr $host $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for" "$upstream_response_time" "$upstream_addr" "$upstream_status" "$request_time"';
log_format logstash_json '{ "timestamp": "$time_iso8601", '
'"host": "$server_addr", '
'"user": "$remote_user", '
'"request": "$request", '
'"clientip": "$remote_addr", '
'"size": $body_bytes_sent, '
'"responsetime": $request_time, '
'"upstreamtime": "$upstream_response_time", '
'"upstreamhost": "$upstream_addr", '
'"upstreamstatus": "$upstream_status", '
'"http_host": "$host", '
'"url": "$uri", '
'"referrer": "$http_referer", '
'"x_forwarded_for": "$http_x_forwarded_for", '
'"agent": "$http_user_agent", '
'"status": "$status"} ';
access_log /home/logs/nginx/access.log main;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
charset utf-8;
server_tokens off;
sendfile on;
tcp_nopush on;
keepalive_timeout 120;
underscores_in_headers on;
include vhosts/*.conf;
server {
listen 80;
server_name localhost;
access_log /home/logs/nginx/access.log main;
error_page 500 502 503 504 /50x.html;
root /home/work/omswebsite/dist;
index index.html index.htm;
location = /50x.html {
root html;
}
}
server {
listen 8081;
server_name localhost;
location /vue {
proxy_pass http://0.0.0.0:1901;
}
location / {
root /home/work/jhjzfund-web-website-pc;
try_files $uri $uri/ /index.html;
proxy_pass http://www.baidu.com/;
add_header Cache-Control 'no-cache';
if ($request_uri ~* ^/static) {
add_header Cache-Control 'max-age=31536000';
}
}
}
server {
# 兑平台项目
listen 8082;
server_name localhost;
location / {
root /home/work/www;
try_files $uri $uri/ /index.html;
}
}
}
重新加载nginx
/usr/local/nginx/sbin/nginx -s reload
反向代理
代理是在内部应用程序和外部客户端之间的服务器,将客户端请求转发到相应的服务器。Nginx 的反向代理服务器是代理服务器位于私有网络的防火墙后面,将客户端请求发送到相应的后端服务器。
反向代理作用
隐藏服务器信息 -> 保证内网的安全,通常将反向代理作为公网访问地址,web服务器是内网,即通过nginx配置外网访问web服务器内网
反向代理原理
反向代理:看下面原理图,就一目了然。其实客户端对代理是无感知的,因为客户端不需要任何配置就可以访问,我们只需要将请求发送到反向代理服务器,由反向代理服务器去选择目标服务器获取数据后,在返回给客户端,此时反向代理服务器和目标服务器对外就是一个服务器,暴露的是代理服务器地址,隐藏了真实服务器 IP 地址。