imi
At this time, Nginx is needed. I haven’t used Nginx much before, but I have studied it and there is no problem for now. Send out the configuration, for your reference, but also to make a record of their own.
First, I intend Apache and Nginx to listen on port 80 at the same time, because projects running under Apache may have some problems if they are changed to other ports. So I put Apache port 80 listening on 127.0.0.1 and Nginx port 80 listening on extranet IP.
Upstream abcdef {server 127.0.0.1:80; } server {listen External IP address :80 default_server; server_name api.xxx.com; location / { proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_pass http://abcdef; }}Copy the code
The following code is added to the server to implement the specified request, to request another address.
# visit http://api.xxx.com/abc, http://127.0.0.1:8081/abc to request the location/ABC {proxy_pass http://127.0.0.1:8081; } # visit http://api.xxx.com/def, http://127.0.0.1:8081/def123 to request the location/def {rewrite ^ / def123 $1; Proxy_pass http://127.0.0.1:8081; }Copy the codeHTTPS configuration:
Server {listen External IP address :443 default_server; server_name *.xxx.com; location / { proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_pass https://abcdef; } ssl on; ssl_certificate /etc/apache2/ssl/nginx-cert.crt; ssl_certificate_key /etc/apache2/ssl/private.key; ssl_prefer_server_ciphers on; }Copy the codeAs shown above, configure the SSL certificate, but SSL_certificate has a hole in it and cannot be used as apache. You need to manually merge the ca_bundle. CRT content + newline +certificate. CRT content to create a new file. If you don’t, computers and iOS will be able to make requests, but Android won’t. SSL checks on the Internet also fail, so it looks like Android is stricter and more secure on certificate verification…