NGINX配置反向代理，并开启防盗链

2021 年 01 月 15 日

1704 次浏览

1859字数

### 编辑配置文件

配置好网站后，在Nginx配置中添加以下字段

```shell
#PROXY-START/
location ~* \.(php|jsp|cgi|asp|aspx)$
{
    proxy_pass http://项目IP:端口，或者项目域名：端口;
    proxy_set_header Host $host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header REMOTE-HOST $remote_addr;
    proxy_http_version 1.1; 
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "upgrade";
}
location /
{
    proxy_pass http://项目IP:端口，或者项目域名：端口;
    proxy_set_header Host $host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header REMOTE-HOST $remote_addr;
    proxy_http_version 1.1; 
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "upgrade";
  
    add_header X-Cache $upstream_cache_status;
  
    #Set Nginx Cache
  
    	add_header Cache-Control no-cache;
    expires 12h;
}
 
#PROXY-END/
```

### 配置防盗链

```shell
#SECURITY-START 防盗链配置
#我这里仅配置了js防盗链，
#一般情况下首行是location ~ .*\.(jpg|jpeg|gif|png|js|css)$
location ~ .*\.(js)$ 
{
    expires      30d;
    access_log /dev/null;
    valid_referers none blocked doc.willslight.com cloud.willslight.com;
    if ($invalid_referer){
        return 404;
    }
}
#SECURITY-END
```

### 可能错误

实际上我们这样配置后会发现配置错误 404错误，我们需要稍微改一下

```shell
#SECURITY-START 防盗链配置
location ~ .*\.(js)$
{
    expires      30d;
    access_log /dev/null;
    valid_referers none blocked doc.willslight.com cloud.willslight.com;
    if ($invalid_referer){
        return 404;
    }
    proxy_pass  http://项目IP:端口，或者项目域名：端口;  #增加这一行反代
  
    #websocket
    proxy_http_version 1.1;   
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "upgrade";
}
#SECURITY-END
```

### 完成

最后修改：2021 年 01 月 15 日