大佬们,关于反代遇到的一个问题的求助

开发调优
1

我用nginx proxy manager反代京东云无线宝路由器的后台管理网页(http://192.168.68.1:80),打开后页面是空白,然后百度来的解决方法是在高级设置里自定义nginx配置:
location ^~ /nacos/ {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_buffering off;
}
添加这个代码后通过http访问正常了,但是通过https访问页面还是空白,该怎么解决呢?

16 个赞
2

此类内网管理后台一般是没TLS的,因为根本没必要

如果你真的需要在外网访问的时候套一层TLS,那么可以在Nginx做处理

这对原本的路由器后台是透明的,内网依然是纯HTTP,无TLS

以下是AI生成,不保证正确

server {
    listen 443 ssl;
    server_name your-domain.com;  # 替换为你的域名

    ssl_certificate /path/to/your/certificate.crt;  # SSL 证书路径
    ssl_certificate_key /path/to/your/private.key;   # SSL 私钥路径

    location ^~ /nacos/ {
        proxy_pass http://192.168.68.1:80;  # 反向代理到 HTTP 后端
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $remote_addr;
        proxy_buffering off;
    }
}
2 个赞
3

我在AI里也找到了这个答案,试了不行

1 个赞
4

也许你可以提供更多的上下文让其他人帮忙解决

因为理论上这对被反代方透明的,所以是可以做到的

5

这是我之前配置的nacos的反代,可以参考看看思路

server {
    listen       80;
    server_name  nacos.abc.com;
    return 301 https://$http_host$request_uri;
}
server {
    listen              443 ssl;
    server_name         nacos.abc.com;

    # security
    # security headers
	add_header X-Frame-Options        "SAMEORIGIN" always;
	add_header X-XSS-Protection       "1; mode=block" always;
	add_header X-Content-Type-Options "nosniff" always;
	#add_header Referrer-Policy        "no-referrer" always;

	# . files
	location ~ /\.(?!well-known) {
	    deny all;
	}

    # logging
    access_log          /data/logs/nginx/nacos.abc.com.access.log cloudflare;
    error_log           /data/logs/nginx/nacos.abc.com.error.log warn;

    # reverse proxy
    location /nacos {
        proxy_pass http://127.0.0.1:8848/nacos;
        client_body_buffer_size 128k;

		#Timeout if the real server is dead
		proxy_next_upstream error timeout invalid_header http_500 http_502 http_503;

		# Advanced Proxy Config
		send_timeout 5m;
		proxy_read_timeout 360;
		proxy_send_timeout 360;
		proxy_connect_timeout 360;
		proxy_set_header Host $host;
		proxy_redirect  http://  $scheme://;
		proxy_http_version                 1.1;
		proxy_cache_bypass                 $http_upgrade;
		# Proxy headers
		proxy_set_header Upgrade           $http_upgrade;
		proxy_set_header Connection        "upgrade";
		proxy_set_header X-Real-IP         $remote_addr;
		proxy_set_header X-Forwarded-For   $proxy_add_x_forwarded_for;
		proxy_set_header X-Forwarded-Proto $scheme;
		proxy_set_header X-Forwarded-Host  $host;
		proxy_set_header X-Forwarded-Port  $server_port;
		proxy_set_header referer $host;
    }
    location / {
    return 301 https://$http_host/nacos/index.html;
    }

    # additional config
    # favicon.ico
location = /favicon.ico {
    log_not_found off;
    access_log    off;
}

	# robots.txt
	location = /robots.txt {
	    log_not_found off;
	    access_log    off;
	}

	# gzip
	gzip            on;
	gzip_vary       on;
	gzip_proxied    any;
	gzip_comp_level 6;
	gzip_types      text/plain text/css text/xml application/json application/javascript application/rss+xml application/atom+xml image/svg+xml;
}
6

你这个太复杂了我不懂 :sweat_smile: ,我用的可视化面板 :smile:

1 个赞