Nginx如何配置Http、Https、WS、WSS

发布网友 发布时间:2024-10-23 22:36

我来回答

1个回答

热心网友 时间:2024-10-25 00:58

当今互联网领域,Nginx作为常用的代理服务器之一,被众多大厂用于业务系统中。因此,了解Nginx针对Http、Https、WS、WSS的配置至关重要。

Nginx配置Http

首先,我们探讨Nginx如何配置Http。Nginx配置Http是其常用功能之一。在nginx.conf中进行相应配置,如下所示。

upstream message {

server localhost:8080 max_fails=3;

}

server {

listen 80;

server_name localhost;

location / {

root html;

index index.html index.htm;

add_header 'Access-Control-Allow-Origin' '*';

proxy_connect_timeout 10;

}

location /message {

proxy_pass message;

proxy_set_header Host $host:$server_port;

}

}

复制

此时,访问http://localhost/message,就会被转发到localhost:8080/message上。

Nginx配置Https

对于对网站安全性要求较高的业务,可能需要在Nginx配置Https。具体配置信息可以参照以下方式。

upstream message {

server localhost:8080 max_fails=3;

}

server {

listen 443 ssl;

server_name localhost;

ssl_certificate /usr/local/nginx-1.17.8/conf/keys/binghe.pem;

ssl_certificate_key /usr/local/nginx-1.17.8/conf/keys/binghe.key;

ssl_session_timeout 20m;

ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;

ssl_protocols TLSv1 TLSv1.1 TLSv1.2;

ssl_prefer_server_ciphers on;

ssl_verify_client off;

location / {

root html;

index index.html index.htm;

add_header 'Access-Control-Allow-Origin' '*';

proxy_connect_timeout 10;

}

location /message {

proxy_pass message;

proxy_set_header Host $host:$server_port;

}

}

复制

此时访问https://localhost/message 就会被转发到http://localhost:8080/message上。

Nginx配置WS

WS的全称是WebSocket,Nginx配置WebSocket相对简单。在nginx.conf文件中进行相应配置,即可实现横向扩展WebSocket服务端的服务能力。

map $http_upgrade $connection_upgrade {

default upgrade;

'' close;

}

upstream wsbackend{

server ip1:port1;

server ip2:port2;

keepalive 1000;

}

server {

listen 20038;

location /{

proxy_http_version 1.1;

proxy_pass wsbackend;

proxy_redirect off;

proxy_set_header Host $host;

proxy_set_header X-Real-IP $remote_addr;

proxy_read_timeout 3600s;

proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

proxy_set_header Upgrade $http_upgrade;

proxy_set_header Connection $connection_upgrade;

}

}

复制

此时,访问ws://localhost:20038 就会被转发到ip1:port1和ip2:port2上。

Nginx配置WSS

WSS表示WebSocket + Https,即安全的WebSocket。在配置WS时,已详细描述了配置细节,此处不再赘述。

map $http_upgrade $connection_upgrade {

default upgrade;

'' close;

}

upstream wsbackend{

server ip1:port1;

server ip2:port2;

keepalive 1000;

}

server{

listen 20038 ssl;

server_name localhost;

ssl_certificate /usr/local/nginx-1.17.8/conf/keys/binghe.com.pem;

ssl_certificate_key /usr/local/nginx-1.17.8/conf/keys/binghe.com.key;

ssl_session_timeout 20m;

ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;

ssl_protocols TLSv1 TLSv1.1 TLSv1.2;

ssl_prefer_server_ciphers on;

ssl_verify_client off;

location /{

proxy_http_version 1.1;

proxy_pass wsbackend;

proxy_redirect off;

proxy_set_header Host $host;

proxy_set_header X-Real-IP $remote_addr;

proxy_read_timeout 3600s;

proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

proxy_set_header Upgrade $http_upgrade;

proxy_set_header Connection $connection_upgrade;

}

}

复制

此时,访问wss://localhost:20038 就会被转发到ip1:port1和ip2:port2上。

声明声明:本网页内容为用户发布,旨在传播知识,不代表本网认同其观点,若有侵权等问题请及时与本网联系,我们将在第一时间删除处理。E-MAIL:11247931@qq.com