1.1. 实现目标

反向代理,举个例子,就是多个域名A记录为同一台服务器,同时访问80端口,但是服务器可以自动将其分配到本地的8000,8080等端口

举例:访问xss.gm7.org,会指向该域名A记录IP的127.0.0.1:8000端口

1.2. 环境

  • ubuntu
  • Nginx(sudo apt-get install nginx -y

确认是否安装成功

nginx -v
# 下面这个可以看到配置文件的路径等,可以用于应急
nginx -V

启动nginx

service nginx start

1.3. 配置反代

1.3.1. 反代配置文件

vim /etc/nginx/sites-enabled/reverse-proxy.conf

写入如下内容:

upstream monitor_server  #这里是为了使用负载均衡,使得多个ip可以提供同一个服务,weight为权值,
    server 10.10.12.203:8080 weight=2;  #  权值越高,被选中的概率越大
    server 10.10.12.202:8080 weight=4;
}

server 
{
    listen 80;
    server_name localhost;
    location / {
        proxy_redirect off;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_pass http://monitor_server;
    }
}

server
{
    listen 80;
    server_name xss.gm7.org; # 入口域名,www不能省略,多个域名可以用空格隔开
    location / {
        proxy_redirect off;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_pass http://127.0.0.1:8000;
        proxy_connect_timeout 300s;
        proxy_read_timeout 300s;
        proxy_send_timeout 300s;
        proxy_buffer_size 64k;
        proxy_buffers 4 32k;
        proxy_busy_buffers_size 64k;
        proxy_temp_file_write_size 64k;
        proxy_ignore_client_abort on;
    }
    access_log /var/log/nginx/xss.gm7.org_access.log;
}

1.3.2. 引用配置文件

编辑 /etc/nginx/nginx.conf,在http{}中添加一句话,比如在

include /etc/nginx/mime.types;
default_type application/octet-stream;

两行下面添加一句:

include /etc/nginx/sites-enabled/reverse-proxy.conf;

这样就可以把反向代理配置文件引用到,接着重启即可

service nginx restart

image-20220321103616203

日志记录也OK

image-20220321111356757

1.3.3. 效果

image-20220321112047944

Copyright © d4m1ts 2022 all right reserved,powered by Gitbook该文章修订时间: 2022-03-21 11:26:41

results matching ""

    No results matching ""