一、proxy_pass的nginx官方指南
nginx中有两个模块都有proxy_pass指令。
ngx_http_proxy_module的proxy_pass:
语法: proxy_pass URL; 场景: location, if in location, limit_except 说明: 设置后端代理服务器的•协议(protocol)和地址(address),以及location中可以匹配的一个可选的URI。协议可以是"http"或"https"。地址可以是一个域名或ip地址和端口,或者一个 unix-domain socket 路径。 详见官方文档: http://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_passURI的匹配,本文第四部分•重点讨论。
ngx_stream_proxy_module的proxy_pass:
语法: proxy_pass address; 场景: server 说明: 设置后端代理服务器的地址。这个地址(address)可以是一个域名或ip地址和端口,或者一个 unix-domain socket路径。 详见官方文档: http://nginx.org/en/docs/stream/ngx_stream_proxy_module.html#proxy_pass
二、两个proxy_pass的关系和区别
在两个模块中,两个proxy_pass都是用来做后端代理的指令。
ngx_stream_proxy_module模块的proxy_pass指令只能在server段使用使用, 只需要提供域名或ip地址和端口。可以理解为端口转发,可以是tcp端口,也可以是udp端口。
ngx_http_proxy_module模块的proxy_pass指令需要在location段,location中的if段,limit_except段中使用,处理需要提供域名或ip地址和端口外,还需要提供协议,如”http”或”https”,还有一个可选的uri可以配置。
三、proxy_pass的具体用法
ngx_stream_proxy_module模块的proxy_pass指令
server {
listen 127.0.0.1:12345;
proxy_pass 127.0.0.1:8080;
}
server {
listen 12345;
proxy_connect_timeout 1s;
proxy_timeout 1m;
proxy_pass example.com:12345;
}
server {
listen 53 udp;
proxy_responses 1;
proxy_timeout 20s;
proxy_pass dns.example.com:53;
}
server {
listen [::1]:12345;
proxy_pass unix:/tmp/stream.socket;
}ngx_http_proxy_module模块的proxy_pass指令
server {
listen 80;
server_name www.test.com;
# 正常代理,不修改后端url的 location /some/path/ {
proxy_pass http://127.0.0.1;
}
# 修改后端url地址的代理(本例后端地址中,最后带了一个斜线) location /testb {
proxy_pass http://www.other.com:8801/;
}
# 使用 if in location location /google {
if ( $geoip_country_code ~ (RU|CN) ) {
proxy_pass http://www.google.hk;
}
}
location /yongfu/ {
# 没有匹配 limit_except 的,代理到 unix:/tmp/backend.socket:/uri/ proxy_pass http://unix:/tmp/backend.socket:/uri/;;
# 匹配到请求方法为: PUT or DELETE, 代理到9080 limit_except PUT DELETE {
proxy_pass http://127.0.0.1:9080;
}
}
}四、proxy_pass后,后端服务器的url(request_uri)情况分析
server {
listen 80;
server_name www.test.com;
# 情形A # 访问 http://www.test.com/testa/aaaa # 后端的request_uri为: /testa/aaaa location ^~ /testa/ {
proxy_pass http://127.0.0.1:8801;
}
# 情形B # 访问 http://www.test.com/testb/bbbb # 后端的request_uri为: /bbbb location ^~ /testb/ {
proxy_pass http://127.0.0.1:8801/;
}
# 情形C # 下面这段location是正确的 location ~ /testc {
proxy_pass http://127.0.0.1:8801;
}
# 情形D # 下面这段location是错误的 # # nginx -t 时,会报如下错误: # # nginx: [emerg] "proxy_pass" cannot have URI part in location given by regular # expression, or inside named location, or inside "if" statement, or inside # "limit_except" block in /opt/app/nginx/conf/vhost/test.conf:17 # # 当location为正则表达式时,proxy_pass 不能包含URI部分。本例中包含了"/" location ~ /testd {
proxy_pass http://127.0.0.1:8801/; # 记住,location为正则表达式时,不能这样写!!! }
# 情形E # 访问 http://www.test.com/ccc/bbbb # 后端的request_uri为: /aaa/ccc/bbbb location /ccc/ {
proxy_pass http://127.0.0.1:8801/aaa$request_uri;
}
# 情形F # 访问 http://www.test.com/namea/ddd # 后端的request_uri为: /yongfu?namea=ddd location /namea/ {
rewrite /namea/([^/]+) /yongfu?namea=$1 break;
proxy_pass http://127.0.0.1:8801;
}
# 情形G # 访问 http://www.test.com/nameb/eee # 后端的request_uri为: /yongfu?nameb=eee location /nameb/ {
rewrite /nameb/([^/]+) /yongfu?nameb=$1 break;
proxy_pass http://127.0.0.1:8801/;
}
access_log /data/logs/www/www.test.com.log;
}
server {
listen 8801;
server_name www.test.com;
root /data/www/test;
index index.php index.html;
rewrite ^(.*)$ /test.php?u=$1 last;
location ~ \.php$ {
try_files $uri =404;
fastcgi_pass unix:/tmp/php-cgi.sock;
fastcgi_index index.php;
include fastcgi.conf;
}
access_log /data/logs/www/www.test.com.8801.log;
}文件: /data/www/test/test.php
echo '$_SERVER[REQUEST_URI]:' . $_SERVER['REQUEST_URI'];
通过查看 $_SERVER[‘REQUEST_URI’] 的值,我们可以看到每次请求的后端的request_uri的值,进行验证。
The above is the detailed content of How to use proxy_pass in Nginx. For more information, please follow other related articles on the PHP Chinese website!
内存飙升!记一次nginx拦截爬虫Mar 30, 2023 pm 04:35 PM本篇文章给大家带来了关于nginx的相关知识,其中主要介绍了nginx拦截爬虫相关的,感兴趣的朋友下面一起来看一下吧,希望对大家有帮助。
nginx限流模块源码分析May 11, 2023 pm 06:16 PM高并发系统有三把利器:缓存、降级和限流;限流的目的是通过对并发访问/请求进行限速来保护系统,一旦达到限制速率则可以拒绝服务(定向到错误页)、排队等待(秒杀)、降级(返回兜底数据或默认数据);高并发系统常见的限流有:限制总并发数(数据库连接池)、限制瞬时并发数(如nginx的limit_conn模块,用来限制瞬时并发连接数)、限制时间窗口内的平均速率(nginx的limit_req模块,用来限制每秒的平均速率);另外还可以根据网络连接数、网络流量、cpu或内存负载等来限流。1.限流算法最简单粗暴的
nginx+rsync+inotify怎么配置实现负载均衡May 11, 2023 pm 03:37 PM实验环境前端nginx:ip192.168.6.242,对后端的wordpress网站做反向代理实现复杂均衡后端nginx:ip192.168.6.36,192.168.6.205都部署wordpress,并使用相同的数据库1、在后端的两个wordpress上配置rsync+inotify,两服务器都开启rsync服务,并且通过inotify分别向对方同步数据下面配置192.168.6.205这台服务器vim/etc/rsyncd.confuid=nginxgid=nginxport=873ho
nginx php403错误怎么解决Nov 23, 2022 am 09:59 AMnginx php403错误的解决办法:1、修改文件权限或开启selinux;2、修改php-fpm.conf,加入需要的文件扩展名;3、修改php.ini内容为“cgi.fix_pathinfo = 0”;4、重启php-fpm即可。
如何解决跨域?常见解决方案浅析Apr 25, 2023 pm 07:57 PM跨域是开发中经常会遇到的一个场景,也是面试中经常会讨论的一个问题。掌握常见的跨域解决方案及其背后的原理,不仅可以提高我们的开发效率,还能在面试中表现的更加
nginx怎么禁止访问phpNov 22, 2022 am 09:52 AMnginx禁止访问php的方法:1、配置nginx,禁止解析指定目录下的指定程序;2、将“location ~^/images/.*\.(php|php5|sh|pl|py)${deny all...}”语句放置在server标签内即可。
nginx部署react刷新404怎么办Jan 03, 2023 pm 01:41 PMnginx部署react刷新404的解决办法:1、修改Nginx配置为“server {listen 80;server_name https://www.xxx.com;location / {root xxx;index index.html index.htm;...}”;2、刷新路由,按当前路径去nginx加载页面即可。
Linux系统下如何为Nginx安装多版本PHPMay 11, 2023 pm 07:34 PMlinux版本:64位centos6.4nginx版本:nginx1.8.0php版本:php5.5.28&php5.4.44注意假如php5.5是主版本已经安装在/usr/local/php目录下,那么再安装其他版本的php再指定不同安装目录即可。安装php#wgethttp://cn2.php.net/get/php-5.4.44.tar.gz/from/this/mirror#tarzxvfphp-5.4.44.tar.gz#cdphp-5.4.44#./configure--pr
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
AI Hentai Generator
Generate AI Hentai for free.
Hot Article
Hot Tools
DVWA
Damn Vulnerable Web App (DVWA) is a PHP/MySQL web application that is very vulnerable. Its main goals are to be an aid for security professionals to test their skills and tools in a legal environment, to help web developers better understand the process of securing web applications, and to help teachers/students teach/learn in a classroom environment Web application security. The goal of DVWA is to practice some of the most common web vulnerabilities through a simple and straightforward interface, with varying degrees of difficulty. Please note that this software
Atom editor mac version download
The most popular open source editor
Dreamweaver Mac version
Visual web development tools
PhpStorm Mac version
The latest (2018.2.1) professional PHP integrated development tool
SecLists
SecLists is the ultimate security tester's companion. It is a collection of various types of lists that are frequently used during security assessments, all in one place. SecLists helps make security testing more efficient and productive by conveniently providing all the lists a security tester might need. List types include usernames, passwords, URLs, fuzzing payloads, sensitive data patterns, web shells, and more. The tester can simply pull this repository onto a new test machine and he will have access to every type of list he needs.
