apache2_nginx_反向代理设置_https_不验证后端证书_只允许访问首页
转载注明来源: 本文链接 来自osnosn的博客,写于 2020-06-06.
apache2.4
- apache 缺省就有 x-forwarded-for
<VirtualHost _default_:80>
ProxyPreserveHost On
<Location "/abc">
ProxyPass http://10.22.33.44/abc
ProxyPassReverse http://10.22.33.44/abc
</Location>
</VirtualHost>
#-----------------------------------
<VirtualHost _default_:443>
....(设置证书 server.key ,server.crt)
SSLProxyEngine On
ProxyPreserveHost On
SSLProxyVerify none
# 不验证后端服务器的证书
SSLProxyCheckPeerCN off
SSLProxyCheckPeerName off
SSLProxyCheckPeerExpire off
<Location "/abc">
ProxyPass https://10.22.33.44/abc
ProxyPassReverse https://10.22.33.44/abc
</Location>
</VirtualHost>
nginx
- 反向代理设置中,要写上 x-forwarded-for 的配置
location /abc/ {
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host $host;
proxy_pass https://10.22.33.44;
#proxy_pass http://10.22.33.44; #或者
}
apache2.4 只允许访问首页
- 仅首页访问不受限制,其他页面限制账号访问,或IP段访问。
- 如果你的缺省首页是 index.html
DocumentRoot "/xxxx/www"
<Directory "/xxxx/www/">
Require local
Require ip 192.168.0.0/16
<Files "index.html"> #只允许访问首页
Require all granted
</Files>
</Directory>
<LocationMatch "^/$"> #只允许访问首页
Require all granted
</LocationMatch>
nginx 只允许访问首页
- 仅首页访问不受限制,其他页面限制账号访问,或IP段访问。
- 如果你的缺省首页是 index.html
location = / { #只允许访问首页
allow all;
}
location = /index.html { #只允许访问首页
allow all;
}
location / {
allow 192.168.1.0/24;
deny all;
#auth_basic "Authorized Users Only";
#auth_basic_user_file /var/www/passwd.basic_file ;
#satisfy any;
}
