【问题标题】:nginx reverse proxy redirects to internal ip addressnginx反向代理重定向到内部ip地址
【发布时间】:2021-04-13 21:06:06
【问题描述】:

我有一个 nginx 作为反向代理服务器和一个 apache 来服务器 nextcloudpi Web 应用程序。

我有以下作为 nginx 配置

server {

server_name drive.example.com;

location / {
proxy_pass http://192.168.0.7/;
proxy_set_header X-Real-IP  $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
}

    listen [::]:443 ssl; # managed by Certbot
    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/drive.example.com/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/drive.example.com/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

}
server {
    if ($host = drive.example.com) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


listen 80;
listen [::]:80;

server_name drive.example.com;
    return 404; # managed by Certbot


}

以下作为 apache 配置

<IfModule mod_ssl.c>
  <VirtualHost _default_:443>
    DocumentRoot /var/www/nextcloud
ServerName drive.example.com
    CustomLog /var/log/apache2/nc-access.log combined
    ErrorLog  /var/log/apache2/nc-error.log
    SSLEngine on
    SSLCertificateFile /etc/letsencrypt/live/drive.example.com/fullchain.pem
    SSLCertificateKeyFile /etc/letsencrypt/live/drive.example.com/privkey.pem
  </VirtualHost>
  <Directory /var/www/nextcloud/>
    Options +FollowSymlinks
    AllowOverride All
    <IfModule mod_dav.c>
      Dav off
    </IfModule>
    LimitRequestBody 0
    SSLRenegBufferSize 10486000
  </Directory>
</IfModule>

注意:以前,我使用 apache 作为互联网的直接前端,现在我想使用 nginx 作为前端,而 apache 仍然作为 Web 应用程序服务器

如果我可以在不重定向到内部 IP 地址的情况下访问 drive.example.com,我们将不胜感激?

谢谢。

【问题讨论】:

    标签: apache nginx nextcloud


    【解决方案1】:

    您似乎需要禁用代理重定向标头,尝试更改和更新 nginx(反向代理)的配置文件,这将确保您的 nginx 作为 运行apache 服务器和 client 之间的中间人,(而不是 nginx 只是通过重定向将客户端卸载到 apache 服务器而不充当中间人男人):

    server {
    listen 80;
    listen [::]:80; # if you're not using ipv6 do remove this line.    
    server_name drive.example.com;
    
    location / {
        proxy_redirect              off;
        proxy_read_timeout          1m;
        proxy_connect_timeout       1m;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;    
        proxy_set_header Host $http_host;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_redirect off;
        proxy_pass http://192.168.0.7/;    
    }
    
        listen [::]:443 ssl; # if you're not using ipb6 do remove this line
        listen 443 ssl; # managed by Certbot
        ssl_certificate /etc/letsencrypt/live/drive.example.com/fullchain.pem; # managed by Certbot
        ssl_certificate_key /etc/letsencrypt/live/drive.example.com/privkey.pem; # managed by Certbot
        include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
        ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
    
    }
    server {
        if ($host = drive.example.com) {
            return 301 https://$host$request_uri;
        } # managed by Certbot
    
    
    
    
    server_name drive.example.com;
        return 404; # managed by Certbot   
    }
    

    【讨论】:

      猜你喜欢
      • 2015-09-11
      • 1970-01-01
      • 2021-03-25
      • 1970-01-01
      • 2020-06-18
      • 2014-05-20
      • 2021-04-06
      • 1970-01-01
      • 2019-03-12
      相关资源
      最近更新 更多