Nginx反代cloudflare站点报502或403错误解决办法

卡片描述
在一次安装aapanel面板的时候 发现下载文件的时候非常慢,于是我下载了脚本文件打开发现有

    echo "Selected download node..."
    nodes=(https://node.aapanel.com)

于是就开始了“反代之路”发现并没有那么简单,因为cloudflare默认屏蔽了Nginx的反代,直接用反代配置文件肯定报502或者403,捣鼓了一下,所以就有了今天这篇文章额教程~

本文使用 https://node.aapanel.com/ 作为反代目标站点

以下是宝塔&aapanel的Nginx默认反代配置文件

#PROXY-START/ location ^~ / { proxy_pass https://node.aapanel.com; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header REMOTE-HOST $remote_addr; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $connection_upgrade; proxy_http_version 1.1; # proxy_hide_header Upgrade; #Persistent connection related configuration add_header X-Cache $upstream_cache_status; #Set Nginx Cache set $static_filevY6oU8Aw 0; if ( $uri ~* "\.(gif|png|jpg|css|js|woff|woff2)$" ) { set $static_filevY6oU8Aw 1; expires 1m; } if ( $static_filevY6oU8Aw = 0 ) { add_header Cache-Control no-cache; } } #PROXY-END/

将上面的配置文件的$host改成你需要反代的目标网站

特别注意:
在添加反代的时候,格式是http(s)://node.aapanel.com 修改$host的时候仅需填写目标网站的域名即可 不需要写 http(s):// 和 / 否则会报400错误。

再加这个配置

#反代CF增加规则 proxy_ssl_name $host; #把$host改成目标域名 proxy_ssl_server_name on;

完整的 全局 Nginx反代配置文件如下:

#PROXY-START/ location ^~ / { proxy_pass https://node.aapanel.com; proxy_set_header Host node.aapanel.com; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header REMOTE-HOST $remote_addr; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $connection_upgrade; proxy_http_version 1.1; # proxy_hide_header Upgrade; #Persistent connection related configuration #反代CF增加规则 proxy_ssl_name node.aapanel.com; #把$host改成目标域名 proxy_ssl_server_name on; add_header X-Cache $upstream_cache_status; #Set Nginx Cache set $static_filevY6oU8Aw 0; if ( $uri ~* "\.(gif|png|jpg|css|js|woff|woff2)$" ) { set $static_filevY6oU8Aw 1; expires 1m; } if ( $static_filevY6oU8Aw = 0 ) { add_header Cache-Control no-cache; } } #PROXY-END/

方法二(推荐临时使用)

指定 路径(aapanel) 全局反代

# PROXY-START/ location /aapanel/ { # 去掉 /aapanel 前缀后再转发 rewrite ^/aapanel(/.*)$ $1 break; proxy_pass https://node.aapanel.com; proxy_set_header Host node.aapanel.com; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header REMOTE-HOST $remote_addr; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $connection_upgrade; proxy_http_version 1.1; proxy_ssl_name node.aapanel.com; proxy_ssl_server_name on; add_header X-Cache $upstream_cache_status; set $static_file9uY9s480 0; if ($uri ~* "\.(gif|png|jpg|css|js|woff|woff2)$") { set $static_file9uY9s480 1; expires 1m; } if ($static_file9uY9s480 = 0) { add_header Cache-Control no-cache; } } # PROXY-END/

现在你就可以成功的反代cloudflare的站点了~

声明:本站所有文章,如无特殊说明或标注,均为本站原创发布。任何个人或组织,在未征得本站同意时,禁止复制、盗用、采集、发布本站内容到任何网站、书籍等各类媒体平台。如若本站内容侵犯了原著者的合法权益,可联系我们进行处理。