请注意:本次FRP服务折腾失败,成果(HTTP可以访问,可以获得客户端ip地址,HTTPS可以访问,但是没法获得ip地址),由于防火墙https拦截cc攻击,把HTTPS的用户都拦截下来,故本次参试宣布失败。不介意https的可以使用本配置。
pre配置简写
[www80]
privilege_mode = true
type = http
local_ip = 127.0.0.1
local_port = 80
custom_domains = www.npc0.com
use_encryption = true
use_compression = true
proxy_protocol_version = v2
[www_https]
privilege_mode = true
type = https
local_ip = 127.0.0.1
local_port = 443
custom_domains = www.npc0.com
use_encryption = true
use_compression = true
proxy_protocol_version = v2nginx配置:
listen 80 proxy_protocol;
listen 443 ssl proxy_protocol http2;
set_real_ip_from 127.0.0.1;
real_ip_header X-Forwarded-For;
real_ip_recursive off;当然如果FRP服务端是你自己配置的,那么可以在FRP之前加个nginx,所有域名和相关证书在nginx中配置好,然后nginx代理到FRP的http端口(此处FRP的http务必不能用80和443端口);
nginx反向代理
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $http_host;
proxy_set_header X-Frame-Options DENY;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://127.0.0.1:frp的端口;
}
文章评论
Very good post! We will be linking to this great content on our site. Sherilyn Kaiser Kwok
Utterly written subject matter, regards for selective information . Ainslie Glynn Grani
For the reason that the admin of this web site is working, no doubt very shortly it will be famous, due to its feature contents. Veriee Gasper Cedric