我想通过防火墙主机路由来自客户端的流量。处理流程如下:Client computer >>> my firewall host>> my web server.我遵循了tutorial,因为我也在Digitalocean上托管服务器。
我能够完成它。但是我的问题是,它可以完全访问由gunicorn驱动的django网站。当我卷曲防火墙的IP地址时,它将击中我的Web服务器并返回默认的nginx主页消息。
现在,我要返回django主页,而不是返回nginx默认页面。我尝试添加location / {proxy_pass: http://upstream_server },它返回了400个错误的请求。但是当我直接致电stage.example.com时,一切正常。
我的conf文件看起来像这样。
upstream example_app_server {
# fail_timeout=0 means we always retry an upstream even if it failed
# to return a good HTTP response (in case the Gunicorn master nukes a
# single worker for timing out).
server unix:/var/www/example.com/fend/run/examd.sock fail_timeout=0;
}
server {
server_name stage.example.com;
index index.html index.htm index.php;
location = /favicon.ico { access_log off; log_not_found off; }
access_log /var/www/example.com/logs/access.log;
error_log /var/www/example.com/logs/error.log;
client_max_body_size 20M;
location / {
include proxy_params;
proxy_pass http://example_app_server;
proxy_intercept_errors on;
uwsgi_read_timeout 500s;
keepalive_timeout 300;
}
listen 443 ssl; #
#other ssl pem, cert files follows
}
server {
listen xx.xxx.xxx.xxx:80;
server_name stage.exmaple.com;
location / {
proxy_set_header Host $host;
proxy_pass http://example_app_server;
proxy_set_header X-Forwarded-Host $server_name;
proxy_set_header X-Real-IP $remote_addr;
}
client_max_body_size 20M;
access_log /var/www/example.com/logs/pvwall.log;
error_log /var/www/example.com/logs/pvwallerror.log;
}
我想念什么?我希望客户端将xxx.xxx.xxx.xx:80卷曲,并使其击中我的django资源。