本人常用的几个 Nginx 规则,笔记笔记。
- # 防止tpl inc cfg文件被下载
- location ~* \.(tpl|inc|cfg)$ {
- deny all;
- }
-
-
- # 套用CDN的情况返回真实IP
- add_header X-Real-IP $http_x_real_ip;
- set_real_ip_from 0.0.0.0/0;
- real_ip_header X-Real-IP;
- real_ip_recursive on;
-
-
- # SSL反代
- server
- {
- listen 443;
- server_name www.ccav.me ccav.me;
- #rewrite ^/(.*) https://$server_name$1 permanent;
- ssl on;
- ssl_certificate /root/#PEM/CRT;
- ssl_certificate_key /root/#KEY;
- # ssl_protocols SSLv2 SSLv3 TLSv1;
- # ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
- # ssl_prefer_server_ciphers on;
- #listen 80;
- location / {
- proxy_redirect www.B.com /;
- proxy_pass https://www.B.com;
- proxy_set_header Accept-Encoding "";
- proxy_set_header User-Agent $http_user_agent;
- proxy_set_header Accept-Language "zh-CN";
- proxy_set_header X-Real-IP $remote_addr;
-
- }
- }
-
- server
- {
- listen 80;
- server_name www.ccav.me ccav.me;
- rewrite ^(.*) https://$server_name$1 permanent;
- }
-
-
- #根据指定来访IP跳转
- if ($remote_addr ~* "192.168.1.2|192.168.1.3|103.118.40.232192.168.1.4") {
- rewrite ^/(.*) https://ccav.me;
- }