同时我添加了DV测试SSL证书。
但是超过几个小时后就会变成这样:
502 Bad Gateway
nginx
当我尝试在「server字段」添加上述代码,保存更改后报错如下:
error:
nginx: [warn] could not build optimal proxy_headers_hash, you should increase either proxy_headers_hash_max_size: 512 or proxy_headers_hash_bucket_size: 64; ignoring proxy_headers_hash_bucket_size
nginx: [warn] could not build optimal proxy_headers_hash, you should increase either proxy_headers_hash_max_size: 512 or proxy_headers_hash_bucket_size: 64; ignoring proxy_headers_hash_bucket_size
nginx: [emerg] duplicate location "/" in /www/server/panel/vhost/nginx/hanhandisk.kenblogwebsite.com.conf:71
nginx: configuration file /www/server/nginx/conf/nginx.conf test failed
如下是「server字段」全文:
server
{
listen 80;
listen 443 ssl http2;
server_name This is My Domain 这是域名;
index index.php index.html index.htm default.php default.htm default.html;
root /www/wwwroot/HanHanCloud;
#CERT-APPLY-CHECK--START
# 用于SSL证书申请时的文件验证相关配置 -- 请勿删除
include /www/server/panel/vhost/nginx/well-known/This is My Domain 这是域名.conf;
#CERT-APPLY-CHECK--END
#SSL-START SSL相关配置,请勿删除或修改下一行带注释的404规则
#error_page 404/404.html;
#HTTP_TO_HTTPS_START
if ($server_port !~ 443){
rewrite ^(/.*)$ https://This is My Domain 这是域名 permanent;
}
#HTTP_TO_HTTPS_END
ssl_certificate /www/server/panel/vhost/cert/hanhanThis is My Domain 这是域名/fullchain.pem;
ssl_certificate_key /www/server/panel/vhost/cert/This is My Domain 这是域名/privkey.pem;
ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3;
ssl_ciphers EECDH+CHACHA20:EECDH+CHACHA20-draft:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
add_header Strict-Transport-Security "max-age=31536000";
error_page 497 https://$host$request_uri;
#SSL-END
#ERROR-PAGE-START 错误页配置,可以注释、删除或修改
#error_page 404 /404.html;
#error_page 502 /502.html;
#ERROR-PAGE-END
#PHP-INFO-START PHP引用配置,可以注释或修改
#清理缓存规则
location ~ /purge(/.*) {
proxy_cache_purge cache_one $host$1$is_args$args;
access_log /www/wwwlogs/This is My Domain 这是域名_purge_cache.log;
}
#引用反向代理规则,注释后配置的反向代理将无效
include /www/server/panel/vhost/nginx/proxy/This is My Domain 这是域名.com/*.conf;
include enable-php-00.conf;
#PHP-INFO-END
#REWRITE-START URL重写规则引用,修改后将导致面板设置的伪静态规则失效
include /www/server/panel/vhost/rewrite/This is My Domain 这是域名.com.conf;
#REWRITE-END
#禁止访问的文件或目录
# location ~ ^/(\.user.ini|\.htaccess|\.git|\.env|\.svn|\.project|LICENSE|README.md)
# {
# return 404;
# }
# #一键申请SSL证书验证目录相关设置
# location ~ \.well-known{
# allow all;
# }
#禁止在证书验证目录放入敏感文件
if ( $uri ~ "^/\.well-known/.*\.(php|jsp|py|js|css|lua|ts|go|zip|tar\.gz|rar|7z|sql|bak)$" ) {
return 403;
}
access_log /www/wwwlogs/This is My Domain 这是域名.com.log;
error_log /www/wwwlogs/This is My Domain 这是域名.com.error.log;
}
——————————————————————
以下是英语翻译,不用重复查看:
I am sorry that my English is not good, so I can not give native english-speaking users a better reading experience, sorry in advance.
After using the BT Linux panel to add a reverse proxy, it is not added under the server field of the web site
location / {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_pass http://127.0.0.1:5212;
# If you are using a local storage policy, remove the next line comment and change the size to the theoretical maximum file size
# client_max_body_size 20000m;
}
It is initially accessible as normal, but can also be partially set up using only the reverse proxy settings that come with the BT panel as shown in the figure.
I also added the DV test SSL certificate.
But after a few hours, it's like this:
502 Bad Gateway
nginx
When I try to add the above code in the server field, save the changes and report the following error:
error:
nginx: [warn] could not build optimal proxy_headers_hash, you should increase either proxy_headers_hash_max_size: 512 or proxy_headers_hash_bucket_size: 64; ignoring proxy_headers_hash_bucket_size
nginx: [warn] could not build optimal proxy_headers_hash, you should increase either proxy_headers_hash_max_size: 512 or proxy_headers_hash_bucket_size: 64; ignoring proxy_headers_hash_bucket_size
nginx: [emerg] duplicate location "/" in /www/server/panel/vhost/nginx/hanhandisk.kenblogwebsite.com.conf:71
nginx: configuration file /www/server/nginx/conf/nginx.conf test failed
`
Here is the full text of the“Server Field”:
server
{
listen 80;
listen 443 ssl http2;
Server This is My Domain
index index.php index.html index.htm default.php default.htm default.html;
root /www/wwwroot/HanHanCloud;
CERT-APPLY-CHECK--START
configuration for file validation for SSL certificate requests-do not delete
Include/WWW/server/panel/vhost/NGINX/well-known/This is My Domain. Conf;
CERT-APPLY-CHECK--END
SSL-START SSL-related configuration, do not delete or modify the next line of annotated rule 404
#error_page 404/404.html;
#HTTP_TO_HTTPS_START
if ($server_port !~ 443){
使用宝塔面板添加反向代理后,没有在网站的server字段下添加
在刚开始的时候可以正常进行访问,也能使用部分,仅在如图所示BT面板自带的反向代理设置进行设置。
同时我添加了DV测试SSL证书。 但是超过几个小时后就会变成这样: 502 Bad Gateway nginx
当我尝试在「server字段」添加上述代码,保存更改后报错如下:
如下是「server字段」全文:
——————————————————————
以下是英语翻译,不用重复查看:
I am sorry that my English is not good, so I can not give native english-speaking users a better reading experience, sorry in advance.
After using the BT Linux panel to add a reverse proxy, it is not added under the server field of the web site
It is initially accessible as normal, but can also be partially set up using only the reverse proxy settings that come with the BT panel as shown in the figure.
I also added the DV test SSL certificate. But after a few hours, it's like this: 502 Bad Gateway nginx
When I try to add the above code in the server field, save the changes and report the following error:
server { listen 80; listen 443 ssl http2; Server This is My Domain index index.php index.html index.htm default.php default.htm default.html; root /www/wwwroot/HanHanCloud;
CERT-APPLY-CHECK--START
configuration for file validation for SSL certificate requests-do not delete
Include/WWW/server/panel/vhost/NGINX/well-known/This is My Domain. Conf;
CERT-APPLY-CHECK--END
SSL-START SSL-related configuration, do not delete or modify the next line of annotated rule 404
Rewrite ^ (. *) $https://this is My Domain }
HTTP_TO_HTTPS_END
SSL/WWW/server/panel/vhost/CERT/hanhanThis is My Domain/fullchain. PEM; SSL/WWW/server/panel/vhost/CERT/This is My Domain/privkey. PEM; ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3; ssl_ciphers EECDH+CHACHA20:EECDH+CHACHA20-draft:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5; ssl_prefer_server_ciphers on; ssl_session_cache shared:SSL:10m; ssl_session_timeout 10m; add_header Strict-Transport-Security "max-age=31536000"; error_page 497 https://$host$request_uri;
ERROR-PAGE-START error page configuration that can be commented, deleted, or modified
PHP-INFO-START PHP reference configuration can be commented or modified
Clean up cache rules
Access/WWW/wwwlogs/This is My Domain. Log; }
reference the reverse proxy rule, the reverse proxy configured after comment will be invalid
Include/WWW/server/panel/vhost/NGINX/proxy/This is My Domain. Com/* . Conf;
REWRITE-START URL rewrite rule references, which will invalidate the pseudo-static rule for panel settings
Include/WWW/server/panel/vhost/rewrite/This is My Domain. Com. Conf;
REWRITE-END
A file or directory that is not accessible
location ~ ^/(.user.ini|.htaccess|.git|.env|.svn|.project|LICENSE|README.md)
one-click application SSL Certificate Verification Directory related settings
disallow sensitive files in the certificate verification directory
Access/WWW/wwwlogs/This is My Domain. Com. Log; Error/WWW/wwwlogs/This is My Domain. Com. Error. Log; }