問題描述
Nginx 允許來自任何域的流量 (Nginx allow traffic from any domain)
我正在使用 nginx 作為代理服務器。我的應用程序有一個功能,用戶可以使用他們自己的域而不是我的域。為此,他們需要將他們的 CNAME 指向我的域。
這是我的 Nginx 配置
server {
server_name scan.mydomain.com anonymous.mydomain.com "";
access_log /etc/nginx/log/local‑wc.access.log;
error_log /etc/nginx/log/local‑wc.error.log;
location / {
root /var/www/html/qcg‑scanning‑frontend/dist/webapp/;
index index.html;
try_files $uri $uri/ /index.html;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X‑Real‑IP $remote_addr;
proxy_set_header X‑Forwarded‑For $proxy_add_x_forwarded_for;
proxy_set_header X‑Forwarded‑Protocol $scheme;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/anonymous.mydomain.com‑0001/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/anonymous.mydomain.com‑0001/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options‑ssl‑nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl‑dhparams.pem; # managed by Certbot
}
server {
if ($host = scan.mydomain.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
if ($host = anonymous.mydomain.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
server_name scan.mydomain.com anonymous.mydomain.com "";
listen 80;
return 404; # managed by Certbot
}
</code></pre>
當使用我的域 scan.mydomain 瀏覽時,此配置工作正常。 com 和 anonymous.mydomain.com 但使用像 new.example.com 這樣的任何指向域,它會給出 404 頁面(可能是由於 return 404 語句)。
對於 SSL,我使用lets‑encrypt certbot。
如何配置為
- 允許流量從所有 CNAME 指向的域到我的服務器?
-
參考解法
方法 1:
I used CaddyServer which is far better than nginx and satisfies all requirements.
Features of Caddy
- Support for third party domain CNAME pointing
- JSON based configuration
- API support for the configuration
- On‑demand TLS
- Default serves SSL/TLS to all the domains in the production server
- No hassle to install and manage SSL certificates for the domains.
參考文件