使用nginx反向代理以实现网站镜像
某些公司会墙特定网站,如果你有一个可访问的域名和服务器,就可以通过nginx反向代理来来解决这些问题。比如现在我们用mirror.example.com镜像www.baidu.com,以下是详细操作。
DNS里添加A记录,新增子域名,如:
mirror.example.com在nginx里新增解析文件。注意下面的配置是用https去镜像https。
server {
server_name mirror.example.com;
下面这段location配置是关键
location / {
sub_filter www.baidu.com mirror.example.com;
sub_filter_once off;
proxy_ssl_session_reuse off;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Referer https://www.baidu.com;
proxy_set_header Host www.baidu.com;
proxy_pass https://www.baidu.com;
proxy_set_header Accept-Encoding "";
}
下面这段SSL配置,是由Certbot生成的,这里不再赘述,可以查看我早期的文章
listen 443 ssl;
ssl_certificate /etc/letsencrypt/live/mirror.example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/mirror.example.com/privkey.pem;
include /etc/letsencrypt/options-ssl-nginx.conf;
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
# 这个配置是关键,否则会产生shake error
proxy_ssl_server_name on;
}
server {
if ($host = mirror.example.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
server_name mirror.example.com;
return 404; # managed by Certbot
}重启
nginx即可。sudo systemctl restart nginx
END
本博客所有文章除特别声明外,均采用 CC BY-NC-SA 4.0 许可协议。转载请注明来自 LeFer!
评论