proxy_cache_path /home/wwwroot/www.php8.ltd/cache levels=1:2 keys_zone=my_cache_static:600m max_size=300g inactive=40960m use_temp_path=off;
server
{
listen 80;
#listen [::]:80;
server_name www.php8.ltd ;
index index.html index.htm index.php default.html default.htm default.php;
root /home/wwwroot/www.php8.ltd;
proxy_cache my_cache_static;
return 301 https://$server_name$request_uri;
access_log /home/wwwlogs/www.php8.ltd.log;
}
server
{
listen 443 ssl http2;
#listen [::]:443 ssl http2;
server_name www.php8.ltd ;
index index.html index.htm index.php default.html default.htm default.php;
root /home/wwwroot/www.php8.ltd;
ssl_certificate /usr/local/nginx/conf/ssl/www.php8.ltd/fullchain.cer;
ssl_certificate_key /usr/local/nginx/conf/ssl/www.php8.ltd/www.php8.ltd.key;
ssl_session_timeout 5m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers on;
ssl_ciphers "TLS13-AES-256-GCM-SHA384:TLS13-CHACHA20-POLY1305-SHA256:TLS13-AES-128-GCM-SHA256:TLS13-AES-128-CCM-8-SHA256:TLS13-AES-128-CCM-SHA256:EECDH+CHACHA20:EECDH+CHACHA20-draft:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5";
ssl_session_cache builtin:1000 shared:SSL:10m;
# openssl dhparam -out /usr/local/nginx/conf/ssl/dhparam.pem 2048
ssl_dhparam /usr/local/nginx/conf/ssl/dhparam.pem;
set $custom_PATH /HostLocMJJ;
set $custom_host "pass";
set $custom_host3 "/";
set $custom_host5 "/";
set $unopengzip 1; #对于强制开启压缩的网站开启替换 0 关, 1 开
if ($request_uri ~* ^\/(.+)\/((http|https)://(www.)?([\w-]+(\.)?)+)(.*?)$) {
set $custom_host $2;
set $custom_host3 $7;
}
if ($custom_host3 = ""){
set $custom_host3 "/";
}
if ($custom_host3 = " "){
set $custom_host3 "/";
}
if ($request_uri ~* ^\/(.+)\/((http|https)://(www.)?([\w-]+(\.)?)+)(.+)\?(.+)$) {
set $custom_host3 $7;
}
if ($request_uri ~* ^\/(.+)\/((ht|f)tps?):\/\/([\w\-]+(\.[\w\-]+)*)$) {
return 301 $custom_PATH/$custom_host/;
}
set $custom_host2 "www.baidu.com";
if ($custom_host ~* ^((http|https)://)((www.)?([\w-]+(\.)?)+)$) {
set $custom_host2 $3;
set $custom_host5 $1;
}
set $referer $custom_host;
if ($http_referer ~* ^((http|https)://)(.*?)\/(.+)\/((http|https)://)(.*?)$) {
set $referer $5$7;
}
set $current "http://";
if ($scheme = https) {
set $current "https://";
}
set $referer2 "";
if ($referer ~* ^((http|https)://(www.)?([\w-]+(\.)?)+)(.*?)$) {
set $referer2 $1;
}
set $root_domain ".php8.ltd";
set $myroot_domain ".php8.ltd";
if ($referer2 ~* (?:\w+\.)*?(\w*\.(.+))[\\\/]*) {
set $root_domain $2;
}
if ($host ~* (?:\w+\.)*?(\w*\.(.+))[\\\/]*) {
set $myroot_domain $2;
}
if ($root_domain = ".php8.ltd"){
set $root_domain "${custom_host2}";
}
if ($host ~* "(((2[0-4]\d|25[0-5]|[01]?\d\d?)\.){3}(2[0-4]\d|25[0-5]|[01]?\d\d?))") {
set $myroot_domain $host;
}
proxy_hide_header content-security-policy;
location /HostLocMJJ/ {
proxy_set_header x-forwarded-for "";
proxy_set_header X-Real-IP "";
proxy_set_header X-Forwarded-For "";
proxy_set_header cf-connecting-ip "";
proxy_set_header True-Client-IP "";
set $ishttp "http";
if ($custom_host5 = https://) {
set $ishttp "https";
}
proxy_ssl_server_name on;
proxy_set_header X-Forwarded-Proto $ishttp;
if ($unopengzip = 1) {
set $custom_host2 $host;
}
proxy_set_header Host $custom_host2;
proxy_cache_key $host$uri$is_args$args;
proxy_headers_hash_max_size 512;
proxy_pass_header Server;
proxy_headers_hash_bucket_size 128;
proxy_buffer_size 64k;
proxy_buffers 32 64k;
proxy_busy_buffers_size 128k;
proxy_set_header Cookie $http_cookie;
proxy_cache_methods GET;
proxy_cache_methods POST;
proxy_cache_methods HEAD;
proxy_redirect $upstream_http_location "$current$host$custom_PATH/$upstream_http_location";
if ($unopengzip = 1) {
set $referer $http_referer;
}
proxy_set_header Referer $referer;
proxy_set_header User-Agent $http_user_agent;
# 防止谷歌返回压缩的内容,因为压缩的内容无法替换字符串
proxy_set_header Accept-Encoding "";
proxy_connect_timeout 15000;
proxy_send_timeout 15000;
proxy_read_timeout 15000;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_cache_valid 200 304 301 1s;
add_header MJJCDN-Cache "$upstream_cache_status";
# proxy_temp_file_write_size 512000k;
resolver 1.1.1.1; #改为自己想要的DNS
sub_filter_types text/plain text/javascript text/xml text/css application/x-javascript application/xml application/javascript;
sub_filter_once off;
proxy_temp_file_write_size 512000k;
sub_filter "url(http" "url($current$host$custom_PATH/http";
sub_filter "<head" '<base href="$current$host$custom_PATH/$custom_host/" /><head';
sub_filter '\'https://' '\'$current$host$custom_PATH/https://';
sub_filter '\'http://' '\'$current$host$custom_PATH/https://';
sub_filter '\"https://' '\"$current$host$custom_PATH/https://';
sub_filter '\"http://' '\"$current$host$custom_PATH/https://';
sub_filter "=\"//" '="$current$host$custom_PATH/https://';
sub_filter '="/' '="$current$host$custom_PATH/$custom_host/';
sub_filter "='//" "='$current$host$custom_PATH/https://";
sub_filter "='/" "='$current$host$custom_PATH/$custom_host/";
sub_filter '="/search' '"search';
sub_filter '"/images' '"images';
sub_filter ', /images' ', images';
sub_filter 'integrity' ', kkkk';
sub_filter '../' '$current$host$custom_PATH/$custom_host/../';
sub_filter "'http://$custom_host2" "'$current$host$custom_PATH/$custom_host";
sub_filter "'https://$custom_host2" "'$current$host$custom_PATH/$custom_host";
sub_filter "\"http://$custom_host2" "\"$current$host$custom_PATH/$custom_host";
sub_filter "\"https://$custom_host2" "\"$current$host$custom_PATH/$custom_host";
set $myurl1 "";
set $myurl2 "";
add_header Proxy-Cache2 "1";
sub_filter '".$root_domain' '".$myroot_domain';
sub_filter '"$root_domain' '"$myroot_domain';
if ($request_uri ~* ^\/(.+)\/((http|https)://(www.)?([\w-]+(\.)?)+)(.*?)$) {
set $myurl2 "${current}127.0.0.1${custom_PATH}/${custom_PATH}/${custom_host}";
}
if ($unopengzip = 0) {
set $myurl1 $custom_host;
}
if ($unopengzip = 1) {
set $myurl1 $myurl2;
}
if ($request_uri ~* ^\/(.+)\/((http|https)://(www.)?([\w-]+(\.)?)+)(.*?)$) {
proxy_pass $myurl1$7;
}
}
location /HostLocMJJ/HostLocMJJ/ {
# proxy_connect_timeout 100s;
# add_header Content-Security-Policy "default-src 'self' https://$host http://$host 'unsafe-inline' 'unsafe-eval' blob: data: ;";
proxy_set_header x-forwarded-for "";
proxy_set_header X-Real-IP "";
proxy_set_header X-Forwarded-For "";
proxy_set_header cf-connecting-ip "";
proxy_set_header True-Client-IP "";
set $ishttp "http";
if ($custom_host5 = https://) {
set $ishttp "https";
}
gzip on;
gzip_http_version 1.0;
proxy_ssl_server_name on;
proxy_set_header X-Forwarded-Proto $ishttp;
proxy_set_header Host $custom_host2;
proxy_cache_key $host$uri$is_args$args;
proxy_headers_hash_max_size 512;
proxy_pass_header Server;
proxy_headers_hash_bucket_size 128;
proxy_buffer_size 64k;
proxy_buffers 32 64k;
proxy_busy_buffers_size 128k;
proxy_set_header Cookie $http_cookie;
proxy_cache_methods GET;
proxy_cache_methods POST;
proxy_cache_methods HEAD;
proxy_redirect $upstream_http_location "$current$host$custom_PATH/$upstream_http_location";
proxy_set_header Referer $referer;
proxy_set_header User-Agent $http_user_agent;
# 防止谷歌返回压缩的内容,因为压缩的内容无法替换字符串
proxy_set_header Accept-Encoding "";
proxy_connect_timeout 15000;
proxy_send_timeout 15000;
proxy_read_timeout 15000;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_cache_valid 200 304 301 1s;
add_header MJJCDN-Cache "$upstream_cache_status";
add_header Proxy-Cache "1";
# proxy_temp_file_write_size 512000k;
resolver 1.1.1.1; #改为自己想要的DNS
proxy_temp_file_write_size 512000k;
if ($request_uri ~* ^\/(.+)\/((http|https)://(www.)?([\w-]+(\.)?)+)(.*?)$) {
proxy_pass $custom_host$7;
}
}
error_log /home/wwwlogs/php8.log;
access_log /home/wwwlogs/www.php8.ltd.log;
}github项目链接:https://github.com/linwoodpendleton/nginx_proxy_conf
1:24更新:
支持反代CF github.com
测试:
https://www.php8.ltd/HostLocMJJ/http://news.baidu.com/(不定时开放)
https://www.php8.ltd/HostLocMJJ/https://github.com/ElderDrivers/EdXposed(不定时开放)
5.4 10:32更新
支持中文维基
301跟随,有301不会再跳出
5.4 15:51更新
支持自定义路径 替换HostLocMJJ 为你自己的路径即可 有两处
修复了一些已知问题
5.4 22:54更新
修复301BUG和一些已知问题。
5.5 18:16 更新
解决套CF 后还是能获取客户端IP
解决因正则导致的500错误
5.5 22:30更新
修复git clone 无法使用
修复一些已知问题
5.6 21:46更新
修复目标站开启强制gzip 无法替换文本问题 set $unopengzip 0; #对于强制开启压缩的网站开启替换 0 关, 1 开 影响效率
增加一个伪装站。 修改www.qq.com即可
5.6 23:16更新
修复无法获取来源错误
二次反代改为127.0.0.1了
没有回复内容