反代加速网站访问SSL443端口

lnmp 1.3基础

创建缓存目录

mkdir /home/cache/path -p

mkdir /home/cache/temp

chmod 777 -R /home/cache

配置nginx conf文件

vi /usr/local/nginx/conf/nginx.conf

proxy_connect_timeout 5;

proxy_read_timeout 60;

proxy_send_timeout  5;

proxy_buffer_size 16k;

proxy_buffers  4 64k;

proxy_busy_buffers_size 128k;

proxy_temp_file_write_size 128k;

proxy_temp_path /home/cache/temp;

#临时文件目录

proxy_cache_path /home/cache/path levels=1:2 keys_zone=cache_one:5m inactive=7d max_size=1g;

#5m为内存占用,1g为最大硬盘占用,cache_one为缓存区名称,如果需要修改对应修改。

看看nginx有没有报错

/usr/local/nginx/sbin/nginx -t

因为是443端口的,所以把证书什么copy过来。自己放目录

# vi/usr/local/nginx/conf/vhost/XXX.com.conf

server

{

listen 443;

#listen [::]:80;

server_name XX.com www.XXX.com;

ssl on;

ssl_certificate /usr/local/nginx/conf/vhost/ssl/XXX_com.Certificate.crt;

ssl_certificate_key /usr/local/nginx/conf/vhost/ssl/XX.key;

ssl_protocols TLSv1.2 TLSv1.1 TLSv1; # 支持的协议,Windows XP 不支持

ssl_prefer_server_ciphers on; # 启用 Forward Secrecy

ssl_ciphers "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH+aRSA+RC4 EECDH EDH+aRSA !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS !RC4";

keepalive_timeout 70;

ssl_session_cache shared:SSL:10m;

ssl_session_timeout 10m;

index index.php;

access_log off;

location / {

proxy_cache_key "$scheme://$host$request_uri";

#缓存key规则,用于自动清除缓存。

proxy_cache cache_one;

#缓存区名称,与前面定义的相同

proxy_cache_valid 200 304 3h;

proxy_cache_valid 301 3d;

proxy_cache_valid any 10s;

#200 304状态缓存3小时

#301状态缓存3天

#其他状态缓存(如502 404)10秒

proxy_set_header X-Real-IP $remote_addr;

proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

#向后端传递访客ip

proxy_set_header Referer https://XXX.com;

#强制定义Referer,程序验证判断会用到

proxy_set_header Host $host;

#定义主机头

proxy_pass https://139.162.**;

#指定后端ip,可以加端口

#proxy_cache_use_stale invalid_header error timeout http_502;

#当后端出现错误、超时、502状态时启用过期缓存,慎用。

}

}

server {

listen 80;

# listen [::]:80; # 如果您需要同时侦听 IPv6,请取消此行注释

server_name XXX.com www.XXX.com *.XXX.com; # 您的域名

location / {

return 301 https://XXX.com$request_uri; # 要重定向的地址,请将 example.com 改为您的域名

}

}


Tags:加速,反代

你可能感兴趣的:(反代加速网站访问SSL443端口)