阻止扫描 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 server { listen 80 default_server; listen [::]:80 default_server; server_name _; return 444 ; } server { listen 443 ssl default_server; listen [::]:443 ssl default_server; server_name _; ssl_certificate /etc/nginx/certs/default_server.crt; ssl_certificate_key /etc/nginx/certs/default_server.key; return 444 ; }
功能:主要功能是将所有没有匹配到特定域名的请求直接拒绝,不提供任何服务。
server_name _;
的设置会将这个 server
块视为默认服务器,用来处理所有未在其他 server
块中定义的域名请求。
在这个配置中,所有未明确定义的域名请求都会被引导到这个默认的 server
块,然后立即返回状态码 444
,断开连接。
使用 Nginx proxy manage配置使用
docker-compose文件:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 version: '3' services: app: image: 'jc21/nginx-proxy-manager:latest' restart: unless-stopped environment: - TZ=Asia/Shanghai ports: - '80:80' - '81:81' - '443:443' volumes: - ./data:/data - ./letsencrypt:/etc/letsencrypt - ./nginx/block_scanners.conf:/etc/nginx/conf.d/block_scanners.conf - ./nginx/certs:/etc/nginx/certs
移动到docker-compose.yml文件所在的目录,在此目录下创建/nginx/block_scanners.conf
文件
把阻止扫描的配置复制到block_scanners.conf
这个文件中
申请自签证书
先安装openssl
1 2 sudo apt update sudo apt install openssl -y
再执行(确保当前在docker-compose.yml文件所在的目录)
1 openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout ./data/nginx/certs/default_server.key -out ./data/nginx/certs/default_server.crt
在生成过程中,会被提示输入一些信息,如国家、省份和组织。可以随意填写,或者直接回车,生成证书和密钥文件即可。
最后执行:
验证方法 使用 curl
命令 : 在服务器上,使用 curl
命令发送请求到 Nginx Proxy Manager 容器,指定一个不存在的域名(未在 Nginx Proxy Manager 中配置的域名),例如:
1 curl -I http://localhost -H "Host: nonexisting.domain.com"
当收到 curl: (52) Empty reply from server 表示服务器没有返回任何内容,这正是 return 444; 配置的预期结果。
代理docker hub pull https://blog.0031400.xyz/p/5
配置文件 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 server { listen [::]:80 ; server_name docker.yourdomain.com; location = / { return 404 ; } location /v2/ { proxy_pass https://registry-1.docker.io/v2/; proxy_set_header Host registry-1 .docker.io; more_set_headers 'WWW-Authenticate: Bearer realm="https://docker.yourdomain.com/auth/token", service="registry.docker.io"' ; proxy_redirect https://production.cloudflare.docker.com/ https://docker.yourdomain.com/production-cloudflare/; } location /auth/ { proxy_pass https://auth.docker.io/; proxy_set_header Host auth.docker.io; } location /production-cloudflare/ { proxy_pass https://production.cloudflare.docker.com/; proxy_set_header Host production.cloudflare.docker.com; } }
使用方法 1 2 3 4 /etc/docker/daemon.json { "registry-mirrors": ["https://docker.yourdomain.com"] }
代理github下载和git clone https://blog.0031400.xyz/p/4
nginx配置文件 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 server { listen [::]:80 ; server_name gh.yourdomain.com; location = / { return 404 ; } location /codeload/ { proxy_pass https://codeload.github.com/; proxy_set_header Host codeload.github.com; } location /objects-githubusercontent/ { proxy_pass https://objects.githubusercontent.com/; proxy_set_header Host objects.githubusercontent.com; } location /raw-githubusercontent/ { proxy_pass https://raw.githubusercontent.com/; proxy_set_header Host raw.githubusercontent.com; } location /gist/ { proxy_pass https://gist.github.com/; proxy_set_header Host gist.github.com; proxy_redirect https://gist.githubusercontent.com/ https://gh.yourdomain.com/gist-githubusercontent/; proxy_redirect https://codeload.github.com/ https://gh.yourdomain.com/codeload/; } location /gist-githubusercontent/ { proxy_pass https://gist.githubusercontent.com/; proxy_set_header Host gist.githubusercontent.com; } location / { proxy_pass https://github.com/; proxy_set_header Host github.com; proxy_redirect https://codeload.github.com/ https://gh.yourdomain.com/codeload/; proxy_redirect https://objects.githubusercontent.com/ https://gh.yourdomain.com/objects-githubusercontent/; proxy_redirect https://raw.githubusercontent.com/ https://gh.yourdomain.com/raw-githubusercontent/; } }
使用方法
项目分支源码https://github.com/gohugoio/hugo/archive/refs/heads/master.zip
https://gh.yourdomain.com/gohugoio/hugo/archive/refs/heads/master.zip
项目具体raw文件https://github.com/gohugoio/hugo/raw/refs/heads/master/README.md
https://gh.yourdomain.com/gohugoio/hugo/raw/refs/heads/master/README.md
release文件https://github.com/gohugoio/hugo/releases/download/v0.145.0/hugo_0.145.0_linux-amd64.tar.gz
https://gh.yourdomain.com/gohugoio/hugo/releases/download/v0.145.0/hugo_0.145.0_linux-amd64.tar.gz
release代码https://github.com/gohugoio/hugo/archive/refs/tags/v0.145.0.tar.gz
https://gh.yourdomain.com/gohugoio/hugo/archive/refs/tags/v0.145.0.tar.gz
git clone httpsgit clone https://github.com/gohugoio/hugo.git
git clone https://gh.yourdomain.com/gohugoio/hugo.git
gist rawhttps://gist.github.com/imba-tjd/d73258f0817255dbe77d64d40d985e76/raw/b7e9b1c0f86205ab4ebaab0ed652aa06e999075a/.Cloud.md
https://gh.yourdomain.com/gist/imba-tjd/d73258f0817255dbe77d64d40d985e76/raw/b7e9b1c0f86205ab4ebaab0ed652aa06e999075a/.Cloud.md
gist打包https://gist.github.com/imba-tjd/d73258f0817255dbe77d64d40d985e76/archive/b7e9b1c0f86205ab4ebaab0ed652aa06e999075a.zip
https://gh.yourdomain.com/gist/imba-tjd/d73258f0817255dbe77d64d40d985e76/archive/b7e9b1c0f86205ab4ebaab0ed652aa06e999075a.zip
代理civitai https://blog.0031400.xyz/p/6
配置 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 server { listen [::]:80 ; server_name civitai.yourdomain.com; location = / { return 404 ; } location / { proxy_pass https://civitai.com/; proxy_set_header Host civitai.com; proxy_ssl_server_name on ; proxy_redirect https://civitai-delivery-worker-prod.5ac0637cfd0766c97916cefa3764fbdf.r2.cloudflarestorage.com/ https://civitai.yourdomain.com/civitai-delivery-worker-prod-5ac0637cfd0766c97916cefa3764fbdf-r2/; } location /civitai-delivery-worker-prod-5ac0637cfd0766c97916cefa3764fbdf-r2/ { proxy_pass https://civitai-delivery-worker-prod.5ac0637cfd0766c97916cefa3764fbdf.r2.cloudflarestorage.com/; proxy_set_header Host civitai-delivery-worker-prod.5ac0637cfd0766c97916cefa3764fbdf.r2.cloudflarestorage.com; proxy_ssl_server_name on ; } }
使用方法 https://civitai.com/api/download/models/5581?type=Model&format=PickleTensor&size=full&fp=fp16
https://civitai.yourdomain.com/api/download/models/5581?type=Model&format=PickleTensor&size=full&fp=fp16
代理zilibrary 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 user nginx;worker_processes 1 ;error_log /var/log/nginx/error .log warn ;pid /var/run/nginx.pid;events { worker_connections 1024 ; } http { include /etc/nginx/mime.types; default_type application/octet-stream; log_format main '$remote_addr - $remote_user [$time_local ] "$request " ' '$status $body_bytes_sent "$http_referer " ' '"$http_user_agent " "$http_x_forwarded_for "' ; access_log /var/log/nginx/access.log main; sendfile on ; keepalive_timeout 65 ; include /etc/nginx/conf.d/*.conf ; server { listen 8543 ; listen [::]:8543 ; resolver 8.8.8.8 ipv6=off ; location / { resolver 8.8.8.8 ; proxy_pass https://z-library.sk; proxy_ssl_server_name on ; proxy_set_header Host z-library.sk; proxy_set_header X-Real-IP $remote_addr ; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for ; proxy_redirect https://z-library.sk/ https://你的代理域名/; proxy_cookie_domain z-library.sk $host ; proxy_cookie_path / /; proxy_set_header Upgrade $http_upgrade ; proxy_set_header Connection "Upgrade" ; proxy_buffering off ; add_header Access-Control-Allow-Origin *; add_header Access-Control-Allow-Methods 'GET, POST, OPTIONS' ; add_header Access-Control-Allow-Headers 'Content-Type, Authorization, Cookie' ; add_header Access-Control-Allow-Credentials true ; proxy_hide_header X-Frame-Options; proxy_hide_header X-Content-Type-Options; proxy_hide_header X-XSS-Protection; proxy_pass_header Set-Cookie; } } }
谷歌 翻译 1 2 3 4 5 6 7 8 9 10 11 12 13 location / { proxy_pass https://translate.google.com/; proxy_redirect https://translate.google.com/ /; proxy_cookie_domain translate.google.com 你的域名; proxy_set_header User-Agent $http_user_agent; proxy_set_header Accept-Encoding ""; sub_filter_once off; add_header Cache-Control no-cache; sub_filter "http://translate.google.com" "http://你的域名"; sub_filter "https://translate.google.com" "https://你的域名"; add_header Strict-Transport-Security "max-age=31536000"; proxy_set_header Accept-Language "zh-CN"; }
翻译API 1 2 3 4 5 6 7 8 9 10 11 12 13 location / { proxy_pass https://translate.googleapis.com/; proxy_redirect https://translate.googleapis.com/ /; proxy_cookie_domain translate.googleapis.com 你的域名; proxy_set_header User-Agent $http_user_agent; proxy_set_header Accept-Encoding ""; sub_filter_once off; add_header Cache-Control no-cache; sub_filter "http://translate.googleapis.com" "http://你的域名"; sub_filter "https://translate.googleapis.com" "https://你的域名"; add_header Strict-Transport-Security "max-age=31536000"; proxy_set_header Accept-Language "zh-CN"; }