在nginx中添加代码也不好使,浏览器仍然报错502
nginx 配置文件看看
server {
listen 81 ;
listen 444 ssl http2 ;
listen 80 ;
listen 443 ssl http2 ;
server_name test.atm**.icu;
index index.php index.html index.htm default.php default.htm default.html;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $server_name;
proxy_set_header X-Real-IP $remote_addr;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
access_log /www/sites/test.atm**.icu/log/access.log;
error_log /www/sites/test.atm**.icu/log/error.log;
access_by_lua_file /www/common/waf/access.lua;
set $RulePath /www/sites/test.atm**.icu/waf/rules;
set $logdir /www/sites/test.atm**.icu/log;
set $redirect on;
set $attackLog on;
set $CCDeny off;
set $urlWhiteAllow off;
set $urlBlockDeny off;
set $argsDeny off;
set $postDeny off;
set $cookieDeny off;
set $fileExtDeny off;
set $ipBlockDeny off;
set $ipWhiteAllow off;
location ~ /.well-known/acme-challenge {
allow all;
root /usr/share/nginx/html;
}
include /www/sites/test.atm**.icu/proxy/*.conf;
if ($scheme = http) {
return 301 https://$host$request_uri;
}
ssl_certificate /www/sites/test.atm**.icu/ssl/fullchain.pem;
ssl_certificate_key /www/sites/test.atm**.icu/ssl/privkey.pem;
ssl_protocols TLSv1.3 TLSv1.2 TLSv1.1 TLSv1;
ssl_ciphers EECDH+CHACHA20:EECDH+CHACHA20-draft:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
add_header Strict-Transport-Security "max-age=31536000";
error_page 497 https://$host$request_uri;
proxy_set_header X-Forwarded-Proto https;
}
用的1panel自带的OpenResty开启反向代理
使用 1panel 自带的 OpeResty,你浏览器 f12 看看,公共链接重定向的网站,截图看看,参考给你发的那个知识库。
对了,我并没有采用常规的443和80端口,反向代理是走444端口,docker映射8070端口