Foreword:
Reverse Proxy means that the proxy server accepts the connection request on the internet, then forwards the request to the server on the internal network (implemented by port mapping), and returns the result obtained from the server to the internet. The client requesting the connection, at this time, the proxy server behaves as a server to the outside world.
Environment description: The reverse proxy server is a Linux system with Nginx installed; the web server is a windows system with IIS installed
Goal: The content obtained by the client when accessing https://qa.nfzr365.com must be the content on the web server 192.168.66.62
First, we set up a reverse proxy on Nginx, modify the Nginx configuration file, and delete the following parts
server {
#listen 80;
listen 443 ssl;
server_name qa.nfzr365.com;
index index.html index.php;
#root /usr/local/nginx/www/Shop2.0/api/public; //Comment out the original path
ssl_certificate cert/1524033480643.pem;
ssl_certificate_key cert/1524033480643.key;
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256: ECDHE: ECDH: AES: HIGH:! NULL:! aNULL:! MD5:! ADH:! RC4;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
#-----Comment out part-----#
# location / {
# try_files $uri $uri/ /index.php?$query_string;
# }
#-----Comment out part-----##-----新增部分-----# location / { proxy_pass http://117.131.6.52:88; proxy_redirect off; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } #-----新增部分------#
#-----Comment out part-----## location ~ \.php { # fastcgi_pass 127.0.0.1:9000; # fastcgi_index index.php; # include fastcgi.conf; # fastcgi_split_path_info ^(.+\.php)(.*)$; # fastcgi_param PATH_INFO /usr/local/nginx/www/Shop2.0/api/public$fastcgi_path_info;
#-----Comment out part-----#
After the deletion is completed, add the following content: server name In the real environment, you need to set the domain name, because we rarely use IP to access the website, and proxy_pass is the address of the web server. For example, the website of the web server uses port 8080, then our proxy_pass is The format is http:// website IP or domain name:88
server
{
listen 80;
server_name qa.nfzr365.com; //Reverse proxy server IP
location / {
proxy_pass http://117.131.6.52:88; //web server IP
proxy_redirect off;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
#error_page 404 /404.html;
After the setting is completed, execute /usr/bin/nginx -t to check whether the configuration is normal. If it is displayed:
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
It is normal, otherwise, modify it according to the error prompt (basically, it is the error of xxx.conf). After checking the configuration file, kill the Nginx process, and then restart Nginx. At this time, the client accesses the server https://qa.nfzr365.com and gets the content on the 192.168.66.62 server.