![](/img/trans.png)
[英]Deny all connections to ports that aren't 443 or 80 over HTTP/HTTPS on NGINX
[英]NGINX: Allow multiple ports to be available for https + redirect all http to https
我正在嘗試部署一個 NGINX 服務器,該服務器通過 https 托管兩個 node.js Express 應用程序。
我的主要站點(在端口 80 上提供服務的站點)是一個運行在端口 8001 上的 Express 應用程序。(即https://example.com加載此應用程序)
我還在端口 8002 上運行另一個 Express 應用程序,我希望在端口 8080 上公開可用。(即https://example.com:8080加載此應用程序)
這是我的/etc/nginx/sites-available/default
文件:
server {
listen 80;
listen [::]:80;
server_name example.com www.example.com;
return 301 https://$server_name$request_uri;
}
server {
# SSL configuration
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name example.com www.example.com;
include snippets/ssl-example.com.conf;
include snippets/ssl-params.conf;
# Pass requests for / to localhost:8001:
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-NginX-Proxy true;
proxy_pass http://localhost:8001/;
proxy_ssl_session_reuse off;
proxy_set_header Host $http_host;
proxy_cache_bypass $http_upgrade;
proxy_redirect off;
}
location ~ /.well-known {
allow all;
}
}
server {
listen 8080 ssl;
server_name example.com www.example.com;
return 301 https://$server_name$request_uri;
include snippets/ssl-example.com.conf;
include snippets/ssl-params.conf;
# pass requests to port 8002 where our other node server is running
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-NginX-Proxy true;
proxy_pass http://localhost:8002/;
proxy_ssl_session_reuse off;
proxy_set_header Host $http_host;
proxy_cache_bypass $http_upgrade;
proxy_redirect off;
}
}
刪除return 301 https://$server_name$request_uri;
從第三個服務器塊。
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.