1. 首页
  2. 问答
  3. 我如何使用HttpSubsModule纠正Nginx的Tumblr反向代理

我如何使用HttpSubsModule纠正Nginx的Tumblr反向代理

2014-10-31 30 views
1

我正在使我自己的域名使用SSL/https(https://example.com),并显示没有Tumblr URL(example.tumblr.com)的我的Tumblr博客。我如何使用HttpSubsModule纠正Nginx的Tumblr反向代理

HttpSubsModule(技术渭滨姚明)已经被添加到Nginx的,和/ etc/nginx的/网站可用/反向代理下列要求:发生

server 
{ 
listen 443; 
server_name example.com; 




ssl on; 
ssl_certificate /root/example_com.crt; 
ssl_certificate_key /root/example.key; 
ssl_protocols SSLv3 TLSv1; 
ssl_ciphers ALL:-ADH:+HIGH:+MEDIUM:-LOW:-SSLv2:-EXP; 


location/{ 
subs_filter_types text/html text/css text/xml; 
subs_filter example.tumblr.com example.com g; 
proxy_redirect http://example.tumblr.com/ /; 
proxy_redirect off; 
proxy_set_header X-Real-IP $remote_addr; 
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; 
proxy_set_header Host "example.tumblr.com"; 
proxy_set_header Accept-Encoding ""; 
proxy_pass http://example.tumblr.com; 

} 

} 

server 
{ 
listen 80; 
server_name example.com; 
rewrite ^(.*) https://example.com/$1 permanent; 


}

2问题: ①登录Chrome浏览器混合加载时检测到的内容https://example.com, ②单击任何图像时404未找到。

任何想法我在这里做错了吗?非常感谢。

来源

2014-10-31 Yin

+0

通过使用dotdeb.org的nginx与nginx-full。 – Yin 2014-10-31 08:01:00

回答

0

网站能够与如下配置一起很好地工作:

server { 
listen 443 ssl spdy; 
server_name example.org; 

ssl on; 
ssl_certificate /etc/nginx/ssl/example_org.crt; 
ssl_certificate_key /etc/nginx/ssl/example_org.key; 
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; 
add_header Strict-Transport-Security "max-age=63072000; includeSubdomains; preload;"; 

ssl_prefer_server_ciphers on; 
ssl_dhparam /etc/nginx/ssl/certs/dhparam.pem; 
ssl_ciphers "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH+aRSA+RC4 EECDH EDH+aRSA !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS !RC4"; 
keepalive_timeout 70; 
ssl_session_cache shared:SSL:10m; 
ssl_session_timeout 10m; 

location/{ 
subs_filter_types text/css text/xml application/xhtml+xml application/xml; 
subs_filter 'example.tumblr.com' 'example.org' g; 
subs_filter 'http:' 'https:' g; 

proxy_set_header Accept-Encoding ""; 
proxy_set_header X-Real-IP $remote_addr; 
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; 
proxy_set_header Host "example.tumblr.com"; 
proxy_pass   http://example.tumblr.com; 
proxy_ssl_session_reuse on; 

proxy_cache_key "$scheme://$host$request_uri"; 
proxy_cache cache_one; 
proxy_cache_valid 200 304 3h; 
proxy_cache_valid 301 1d; 
proxy_cache_valid any 10s; 
} 

} 

server { 
listen 80; 
server_name example.org www.example.org; 

location/{ 
return   301 https://$host$request_uri; 
} 
} 

server { 
listen  443; 
server_name www.example.org; 
return  301 https://example.org$request_uri; 
} 


server { 
listen  80; 
server_name 178.60.000.00; 
return  301 https://example.org$request_uri; 
}

在这种情况下,要注意的代码subs_filter 'http:' 'https:' g;,这是代理储备配置的关键代码成功的。

来源

2016-01-07 21:04:12 Yin

相关问题

 相关问题