Small knowledge, big challenge! This paper is participating in theEssentials for programmers”Creative activities
Using Nginx to do reverse proxy I believe we are familiar with the details, but using Nginx to do forward proxy you have played?
Why nginx is used as a forward proxy?
The benefits of nginx doing forward proxies
- Whitelist based on domain name
- No NEED to configure SSL certificate!! No NEED to configure SSL certificate!! No NEED to configure SSL certificate!!
Initialize the operating environment
Install the necessary dependency components and go directly to the script
yum -y update
yum -y install gcc pcre pcre-devel zlib zlib-devel openssl openssl-devel patch git
Copy the codeDownload the nginx support proxy module
mkdir /usr/local/nginx_modules
cd /usr/local/nginx_modules
git clone https://github.com/chobits/ngx_http_proxy_connect_module.git
Copy the codeInstall nginx
Download and unzip
Wget http://nginx.org/download/nginx-1.19.8.tar.gz tar - ZXVF nginx - 1.19.8. Tar. Gz nginx 1.19.8 / CDCopy the codeInstall the patch
patch -p1 < /usr/local/nginx_modules/ngx_http_proxy_connect_module/patch/proxy_connect_rewrite_1018.patch
Copy the codeCreate running nginx users & user groups
groupadd www
useradd -g www www
Copy the codeStart installing nginx
./configure \
--user=www \
--group=www \
--prefix=/usr/local/nginx \
--with-http_ssl_module \
--with-http_stub_status_module \
--with-http_realip_module \
--with-threads \
--add-module=/usr/local/nginx_modules/ngx_http_proxy_connect_module
make
make install
Copy the codeAt this point, nginx has been installed
Check the installation
CD /usr/local/nginx // Check the configuration file./sbin/nginx -tCopy the codeStart the nginx
CD/usr/local/nginx. / sbin/nginx ps - ef | grep nginx start / / check whether success. / sbin/nginx -s stop / / stop/sbin/nginx -s reload / / restartCopy the codeOn how to add boot startup and other self-search, accustomed to operating in the directory, here will not expand.
Configure the nginx forward proxy
user www; worker_processes 4; events { worker_connections 1024; } http { include mime.types; default_type application/octet-stream; server_names_hash_bucket_size 128; client_max_body_size 20m; client_body_buffer_size 256k; client_header_buffer_size 32k; large_client_header_buffers 4 32k; sendfile on; tcp_nopush on; keepalive_timeout 60; tcp_nodelay on; server { listen 9080; Resolver 114.114.114.114 valid ipv6 = = 60 s off; resolver_timeout 5s; proxy_connect; proxy_connect_connect_timeout 10s; proxy_connect_read_timeout 10s; proxy_connect_send_timeout 10s; location / { set $forbiden Y; if ($host = "www.baidu.com" ) { set $forbiden N; } if ( $forbiden = Y){ return 403; } proxy_set_header Host $host; proxy_pass http://$host; }}}Copy the codeSpecial remind
Resolver 114.114.114.114 valid ipv6 = = 60 s off; Ipv6 must be turned off. Some websites enable ipv6 domain name resolution, which is not supported at present and may cause access failures
Whitelist of domain name access
Nginx supports simple logic judgment, using the host variable to get the current requested domain name, $forbiden for logical judgment
Client Setup
Operation based on the browser interface
Operation path Settings – Advanced – open computer agent Settings, set your server IP+ port.
Linux and other command line based operations
export http_proxy=http://$proxy_ip:$proxy_port
export https_proxy=http://$proxy_ip:$proxy_port
Copy the codeBrowser plug-in
SwitchyOmega is recommended