КОНФА энджинкса
server {
listen 80;
server_name ********.ru;
return 301 https://******.ru$request_uri;
}
server {
listen 443;
server_name ********.ru;
ssl on;
ssl_certificate /etc/letsencrypt/live/********.ru;/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/********.ru;/privkey.pem; # managed by Certbot
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # dont use SSLv3 ref: POODLE
access_log /var/log/nginx/********.ru;.log;
error_log /var/log/nginx/********.ru;-error.log;
location / {
proxy_pass http://10.168.20.44;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection «upgrade»;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
# proxy_set_header X-Forward-For $proxy_add_x_forwarded_for;
# proxy_set_header X-Forwarded-Proto $proxy_x_forwarded_proto;
proxy_set_header X-Forward-Proto http;
proxy_set_header X-Nginx-Proxy true;
proxy_redirect off;
proxy_set_header Scheme $scheme;
# proxy_set_header Host $host;
# proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# proxy_set_header X-Real-IP $remote_addr;
# proxy_set_header X-Forwarded-Proto $scheme;
}
}
На апаче
Add apache remoteip mod with
a2enmod remoteip
create a new conf file for Apache
vim /etc/apache2/conf-available/remoteip.conf
and add
RemoteIPHeader X-Forwarded-For
RemoteIPTrustedProxy 127.0.0.1
Add active this conf with
a2enconf remoteip
restart apache
service apache2 restart
Конфиг апача
<VirtualHost *:80>
ServerAdmin admin@******.ru
ServerName ******.ru
ServerAlias www.******.ru
DocumentRoot /var/www/*******
ErrorLog ${APACHE_LOG_DIR}/******.ru.ru_error.log
CustomLog ${APACHE_LOG_DIR}/******.ru_access.log combined
SetEnvIf Scheme https HTTPS=on
</VirtualHost>
<VirtualHost *:80>
ServerAdmin admin@******.ru
ServerName 192.168.66.57
#ServerAlias www.******.ru
DocumentRoot /var/www/******
ErrorLog ${APACHE_LOG_DIR}/******.ru_error.log
CustomLog ${APACHE_LOG_DIR}/******.ru_access.log combined
SetEnvIf Scheme https HTTPS=on
</VirtualHost>