注意事项

• 保护conf配置目录，避免被非法访问
• 站点运行目录为public

#PROXY-START/
location / {
  try_files $uri @backend;
}

#禁止访问的文件或目录
location ~ ^/(\.user.ini|\.htaccess|\.git|\.env|\.svn|\.project|LICENSE|README.md|conf)
{
  return 404;
}

location @backend
{
  proxy_pass http://127.0.0.1:8181;
  proxy_set_header Host $host;
  proxy_set_header X-Real-IP $remote_addr;
  proxy_set_header X-Forwarded-Proto $scheme;
  proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  proxy_set_header REMOTE-HOST $remote_addr;
  proxy_set_header Upgrade $http_upgrade;
  proxy_set_header Connection $connection_upgrade;
  proxy_http_version 1.1;
  # proxy_hide_header Upgrade;

  add_header X-Cache $upstream_cache_status;

  #Set Nginx Cache
  set $static_fileQPrrHsvk 0;
  if ( $uri ~* "\.(gif|png|jpg|css|js|woff|woff2)$" )
  {
      set $static_fileQPrrHsvk 1;
      expires 1m;
  }
  if ( $static_fileQPrrHsvk = 0 )
  {
    add_header Cache-Control no-cache;
  }
}
#PROXY-END/

版权属于：大卫科技Blog

本文链接：http://www.iyuu.cn/archives/513/

转载时须注明出处