Shmily's Blog之前写过如何使用Nginx反代,这个就是给网页加上一个密码访问。
反代的配置文件
server {
listen 80;
listen 443 ssl http2;
ssl_certificate /usr/local/nginx/conf/ssl/自动生成.crt;
ssl_certificate_key /usr/local/nginx/conf/ssl/自动生成.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
ssl_prefer_server_ciphers on;
ssl_session_timeout 10m;
ssl_session_cache builtin:1000 shared:SSL:10m;
ssl_buffer_size 1400;
add_header Strict-Transport-Security max-age=15768000;
ssl_stapling on;
ssl_stapling_verify on;
server_name 自动生成;
access_log /data/wwwlogs/自动生成_nginx.log combined;
index index.html index.htm index.php;
root /data/wwwroot/自动生成;
if ($ssl_protocol = "") { return 301 https://$host$request_uri; }
if ($http_user_agent ~* (baiduspider|360spider|haosouspider|googlebot|soso|bing|sogou|yahoo|sohu-search|yodao|YoudaoBot|robozilla|msnbot|MJ12bot|NHN|Twiceler)) {
return 403;
}
location / {
sub_filter 源站地址 反代地址;
sub_filter_once off;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Referer https://源站地址;
proxy_set_header Host 源站地址;
proxy_pass https://源站地址;
proxy_set_header Accept-Encoding "";
}
}
加密码访问
其实就是在server那一段加上两句话
auth_basic "Please input password"; auth_basic_user_file /usr/local/nginx/conf/vhost/passwd;
在线生成一下passwd文件,http://tool.oschina.net/htpasswd, 使用生成的代码在/usr/local/nginx/conf/vhost 目录下新建一个passwd文件。只要路径和文件类型跟配置里一样就行。最后nginx重载配置。
service nginx reload
