使用 nginx 反向代理在同一端口上从 http 重定向到 https

tag-icon tag-icon nginx https apache-virtualhost reverse-proxy
使用 nginx 反向代理在同一端口上从 http 重定向到 https

http://mydomain.com/myroject我在 ubuntu 14.04(apache webserver) 上设置了一个网站

我在同一台主机上设置 htsql 服务在端口 5000 上运行

working links:
http://mydomain.com/myproject
http://mydomain.com:5000/region

然后我在这台服务器上安装了 ssl 证书来运行网站https

https://mydomain.com/myproject正在工作但https://mydomain.com:5000/region不工作,因为端口 5000 已在使用中,而 htsql 服务正在该端口上运行

现在的问题是如何使用 nginx 反向代理在同一端口(5000)上从 http 重定向到 https

换句话说https://mydomain.com:5000/region应该有效

我的想法是在 nginx 上设置不同的端口(例如:5001)并将请求转发到 https、5000 端口。

以下是apache的配置文件:

/etc/apache2/ports.conf

Listen 80

<IfModule ssl_module>
    Listen 443
</IfModule>

<IfModule mod_gnutls.c>
    Listen 443
</IfModule>

/etc/apache2/sites-enabled/default.conf

<VirtualHost *:80>
    ServerAdmin webmaster@localhost
    DocumentRoot /var/www/html
    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>

<VirtualHost *:443>
        ServerAdmin webmaster@localhost
        DocumentRoot /var/www/html
        ErrorLog ${APACHE_LOG_DIR}/error.log
        CustomLog ${APACHE_LOG_DIR}/access.log combined
        ServerName mydomain.com
        SSLEngine on
        SSLCertificateFile /home/ubuntu/project.crt
        SSLCertificateKeyFile /home/ubuntu/project.key
</VirtualHost>

nginx 配置文件:

默认配置文件

server {
        listen 5001 ssl;

        server_name my domain.com;
        ssl on;
        ssl_certificate /home/ubuntu/project.crt;
        ssl_certificate_key /home/ubuntu/project.key;
        error_page 497 301 =307 https://mydomain.com:5001$request_uri;

        location / {
                proxy_pass https://mydomain:5000;
                proxy_redirect off;
                proxy_set_header Host $host:$server_port;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_set_header X-Forwarded-Ssl on;
        }

}

答案1

为了使用 Apache 作为反向代理,请确保您的服务器具有mod_proxy并启用模块(例如)。将和添加到 VirtualHost 部分的底部,您应该就可以了。 mod_proxy_httpsudo a2enmod proxy_httpProxyPassProxyPassReverse

之后使用 重新启动服务器sudo service apache2 restart

<VirtualHost *:80>
    # added missing ServerName
    ServerName mydomain.com
    ServerAdmin webmaster@localhost
    DocumentRoot /var/www/html
    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined

    # should be disabled by default, just to make sure
    ProxyRequests Off

    ProxyPass /region  http://mydomain.com:5000/region
    ProxyPassReverse /region http://mydomain.com:5000/region
</VirtualHost>

<VirtualHost *:443>
        # moved ServerName to the top
        ServerName mydomain.com
        ServerAdmin webmaster@localhost
        DocumentRoot /var/www/html

        # consider using separate log files for SSL
        #ErrorLog ${APACHE_LOG_DIR}/ssl-error.log
        #CustomLog ${APACHE_LOG_DIR}/ssl-access.log combined

        ErrorLog ${APACHE_LOG_DIR}/error.log
        CustomLog ${APACHE_LOG_DIR}/access.log combined

        SSLEngine on
        SSLCertificateFile /home/ubuntu/project.crt
        SSLCertificateKeyFile /home/ubuntu/project.key

        # should be disabled by default, just to make sure
        ProxyRequests Off

        ProxyPass /region  http://mydomain.com:5000/region
        ProxyPassReverse /region http://mydomain.com:5000/region
</VirtualHost>

相关内容