标签:off ssl 配置 header server nginx proxy timeout jumpserver
server {
listen 80;
# listen [::]:80;
# server_name demo.jumpserver.org; # ................................................
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl;
# listen [::]:443 ssl;
# server_name demo.jumpserver.org; # ................................................
server_tokens off;
ssl_certificate cert/server.crt; # ...... server.crt ..............., ............... certs/
ssl_certificate_key cert/server.key; # ...... server.key ..............., ............... certs/
ssl_session_timeout 1d;
ssl_session_cache shared:MozSSL:10m;
ssl_session_tickets off;
ssl_protocols TLSv1.1 TLSv1.2;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4:!DH:!DHE:!DES:!ECDHE-RSA-DES-CBC3-SHA;
add_header Strict-Transport-Security "max-age=31536000" always;
ssl_prefer_server_ciphers off;
client_max_body_size 4096m;
location / {
proxy_pass http://http_server;
proxy_buffering off;
proxy_request_buffering off;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $http_connection;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_ignore_client_abort on;
proxy_connect_timeout 600;
proxy_send_timeout 600;
proxy_read_timeout 600;
send_timeout 6000;
}
}
标签:off,ssl,配置,header,server,nginx,proxy,timeout,jumpserver 来源: https://www.cnblogs.com/yzgblogs/p/15704098.html
本站声明: 1. iCode9 技术分享网(下文简称本站)提供的所有内容,仅供技术学习、探讨和分享; 2. 关于本站的所有留言、评论、转载及引用,纯属内容发起人的个人观点,与本站观点和立场无关; 3. 关于本站的所有言论和文字,纯属内容发起人的个人观点,与本站观点和立场无关; 4. 本站文章均是网友提供,不完全保证技术分享内容的完整性、准确性、时效性、风险性和版权归属;如您发现该文章侵犯了您的权益,可联系我们第一时间进行删除; 5. 本站为非盈利性的个人网站,所有内容不会用来进行牟利,也不会利用任何形式的广告来间接获益,纯粹是为了广大技术爱好者提供技术内容和技术思想的分享性交流网站。