nginx反向代理设置标头主机出现404错误

Question

以下是我的反向代理配置。但是，当我添加proxy_set_header Host $host;时，出现了404错误。我不知道问题出在哪里。

user  www www;
worker_processes auto;
error_log  /home/wwwlogs/nginx_error.log  crit;
pid        /usr/local/nginx/logs/nginx.pid;
google_perftools_profiles /tmp/tcmalloc;
worker_rlimit_nofile 51200;

events
    {
        use epoll;
        worker_connections 51200;
        multi_accept on;
    }
http
    {
        include       mime.types;
        default_type  application/octet-stream;

        server_names_hash_bucket_size 128;
        client_header_buffer_size 32k;
        large_client_header_buffers 4 32k;
        client_max_body_size 50m;

        sendfile   on;
        tcp_nopush on;

        keepalive_timeout 60;

        tcp_nodelay on;

        fastcgi_connect_timeout 300;
        fastcgi_send_timeout 300;
        fastcgi_read_timeout 300;
        fastcgi_buffer_size 64k;
        fastcgi_buffers 4 64k;
        fastcgi_busy_buffers_size 128k;
        fastcgi_temp_file_write_size 256k;

        gzip on;
        gzip_min_length  1k;
        gzip_buffers     4 16k;
        gzip_http_version 1.1;
        gzip_comp_level 2;
        gzip_types     text/plain application/javascript application/x-javascript text/javascript text/css application/xml application/xml+rss;
        gzip_vary on;
        gzip_proxied   expired no-cache no-store private auth;
        gzip_disable   "MSIE [1-6]\.";

        server_tokens off;
        access_log off;

server
{
    listen 80 default_server;
    server_name _;
    index index.html index.htm index.php;
    root  /home/wwwroot/default;
    include enable-php.conf;
    location /nginx_status
    {
        stub_status on;
        access_log   off;
    }
    location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
    {
        expires      30d;
    }
    location ~ .*\.(js|css)?$
    {
        expires      12h;
    }
    location ~ /.well-known {
        allow all;
    }
    location ~ /\.
    {
        deny all;
    }
    access_log  /home/wwwlogs/access.log;
}
include vhost/*.conf;

server
{
    listen 80;
    include /usr/local/nginx/conf/domains.txt;
    location /
    {
        proxy_set_header Host $host;# Got 404 with this
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $remote_addr;
        proxy_pass http://example.com/;
    }
    access_log  /home/wwwlogs/www_access.log;
}

}

/usr/local/nginx/conf/domains.txt的内容：

server_name example_A.com;

我运行curl -I http://example_A.com，得到了以下结果：

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 02 Dec 2018 03:19:24 GMT
Content-Type: text/html; charset=utf-8
Connection: keep-alive
Vary: Accept-Encoding
Vary: Accept-Encoding
X-Powered-By: PHP/7.2.6
Set-Cookie: PHPSESSID=qurm52c7jltd0quhvqud58nd2d; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache

日志文件夹中没有错误日志。

我已经寻找了几个小时的解决方案，希望有人可以帮助我。

主机（example.com）上有两个域，当我添加proxy_set_header Host $host时，它将返回错误的网页。

最后，我找到了一种适合我的情况的方法，但仍然不知道原因。 我使用自定义变量X-Real-HOST而不是Host，并使用$_SERVER['HTTP_X_REAL_HOST']获取主机。

Answer 1

proxy_pass不会将主机更改为您要攻击的主机。

如果您使用foo.com到达此服务器并且代理传递给example.com，则example.com中的服务器将以Host =“ foo.com”而不是“ example.com”的身份接收连接。

您获得的404不是来自此配置，而是来自example.com配置。查看server_name $ host是否有可接受的配置。错误来自此处，但来自“ example.com”。