nginx sets anonymous http forward proxy

I haven’t written a blog for a long time. When I encounter difficulties, I can always find some articles written by experts on the Internet to solve my problems. In the past, because I had many things to do, I was just a taker. When I have time, I will try to write more blogs and write down the solutions to the problems I encountered on the blog and share them with everyone. As a feedback, I also hope that everyone will Whenever you have time, you can write a blog about the problems you usually encounter and share them with more people, so that everyone can avoid detours.

I have been studying the forward proxy of nginx in the past two days and want to build an http proxy server through nginx. I found this article on the website (http://www.cnblogs.com/inteliot/archive/2013/01/11/2855907 .html):

Configure Nginx Http Proxy proxy server, which has the same function as [Squid] and is suitable for forward proxy Http website. 1. Nginx forward proxy configuration file:

server {
    resolver 8.8.8.8;
    resolver_timeout 5s;
 
    listen 0.0.0.0:8080;
 
    access_log  /home/reistlin/logs/proxy.access.log;
    error_log   /home/reistlin/logs/proxy.error.log;
 
    location / {
        proxy_pass $scheme://$host$request_uri;
        proxy_set_header Host $http_host;
 
        proxy_buffers 256 4k;
        proxy_max_temp_file_size 0;
 
        proxy_connect_timeout 30;
 
        proxy_cache_valid 200 302 10m;
        proxy_cache_valid 301 1h;
        proxy_cache_valid any 1m;

<span>#allow 127.0.0.1;
            #deny all;</span>

<pre class="brush:php;toolbar:false">    }
}

2. Nginx forward proxy configuration instructions: 1. Configure DNS resolution IP address, such as Google Public DNS, and timeout (5 seconds ).

resolver 8.8.8.8;
resolver_timeout 5s;

2, configure the forward proxy parameters, which are all composed of Nginx variables. The proxy_set_header part of the configuration is to solve the Nginx 503 error if there is a "." (dot) in the URL.

proxy_pass $scheme://$host$request_uri;
proxy_set_header Host $http_host;

3. Configure cache size, turn off disk cache reading and writing to reduce I/O, and proxy connection timeout.

proxy_buffers 256 4k;
proxy_max_temp_file_size 0;
proxy_connect_timeout 30;

4, configure proxy server Http status cache time.

proxy_cache_valid 200 302 10m;
proxy_cache_valid 301 1h;
proxy_cache_valid any 1m;

Three, proxy Https websites are not supported Because Nginx does not support CONNECT, so cannot forward proxy Https websites (online banking, Gmail).
If you visit an HTTPS website, such as: https://www.google.com, the Nginx access.log log is as follows:

"CONNECT www.google.com:443 HTTP/1.1" 400

The author's writing is great. However, I encountered problems during the configuration process. The configured proxy access page all reported 404 (my nginx version: 1.2). Later I found that I needed to change proxy_pass:

proxy_pass $scheme://$host$request_uri;

to:

proxy_pass $scheme://$http_host$request_uri;

That’s it. In addition, I added IP restrictions. If you need, you can just open the above comments:

allow 127.0.0.1;
deny all;

It has been verified that the above code can be used. The code obtained on the server side is as follows, but I don’t know why it brought a proxy-connection. This can only be regarded as ordinary anonymity, not advanced anonymity:

head info:{content-type=application/x-www-form-urlencoded; charset=UTF-8, c content-length=42, user-agent=Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 ( KHTML, like Gecko) Chrome/40.0.2214.111 Safari/537.36, proxy-c/pre><br>
                
                
                <p>
                    The above introduces nginx to set up anonymous http forward proxy, including the relevant content. I hope it will be helpful to friends who are interested in PHP tutorials. </p>
                <p>
                    </p>