之前的文章介绍过宝塔端反代homepage主页的办法,服务器内网穿透+个人导航页搭建+宝塔反代+ssl一站式教学,但当时有个“小”问题:使用宝塔端nginx反代后,homepage背景图,网页图标无法正确被加载,经常过很久才会更新出新的背景图,问题出在:Homepage 的 Service Worker 缓存机制与反向代理环境不兼容。当在域名结尾添加上:?cachebust=1时,则可以正常显示背景图
所以今天教大家修改宝塔端反代规则正确适配Service Worker 缓存机制
打开宝塔
①点击网站
②点击你homepage反代用的站点
③点击配置文件
④在配置文件内容处右击,选择全选
将下面的配置文件粘贴进去:
server
{
listen 80;
listen 443 ssl;
listen 443 quic;
http2 on;
server_name your-domain.com;
index index.php index.html index.htm default.php default.htm default.html;
root /www/wwwroot/your-domain.com;
#CERT-APPLY-CHECK--START
include /www/server/panel/vhost/nginx/well-known/your-domain.com.conf;
#CERT-APPLY-CHECK--END
include /www/server/panel/vhost/nginx/extension/your-domain.com/*.conf;
#SSL-START SSL相关配置,请勿删除或修改下一行带注释的404规则
#error_page 404/404.html; # 严格保留原始注释状态!
#HTTP_TO_HTTPS_START
set $isRedcert 1;
if ($server_port != 443) {
set $isRedcert 2;
}
if ( $uri ~ /\.well-known/ ) {
set $isRedcert 1;
}
if ($isRedcert != 1) {
rewrite ^(/.*)$ https://$host$1 permanent;
}
#HTTP_TO_HTTPS_END
ssl_certificate /www/server/panel/vhost/cert/your-domain.com/fullchain.pem;
ssl_certificate_key /www/server/panel/vhost/cert/your-domain.com/privkey.pem;
ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3;
ssl_ciphers EECDH+CHACHA20:EECDH+CHACHA20-draft:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
ssl_prefer_server_ciphers on;
ssl_session_tickets on;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
add_header Strict-Transport-Security "max-age=31536000";
add_header Alt-Svc 'quic=":443"; h3=":443"; h3-29=":443"; h3-27=":443";h3-25=":443"; h3-T050=":443"; h3-Q050=":443";h3-Q049=":443";h3-Q048=":443"; h3-Q046=":443"; h3-Q043=":443"';
error_page 497 https://$host$request_uri;
#SSL-END
#ERROR-PAGE-START 错误页配置,可以注释、删除或修改
error_page 404 /404.html;
#error_page 502 /502.html;
#ERROR-PAGE-END
# === 核心:Homepage 反向代理 ===
# 放在 ERROR-PAGE-END 之后,PHP 配置之前
location / {
proxy_pass http://127.0.0.1:3000; # 修改为你的Homepage地址
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Host $host;
# 修复资源路径
proxy_redirect http:// https://;
# 禁用缓存
proxy_cache off;
proxy_no_cache 1;
proxy_cache_bypass 1;
# 阻止PWA缓存
add_header Cache-Control "no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0";
add_header Pragma "no-cache";
add_header Expires 0;
# WebSocket支持
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_read_timeout 3600s;
proxy_send_timeout 3600s;
proxy_buffering off;
}
# === 静态资源专项处理 ===
location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg|webp|woff2)$ {
proxy_pass http://127.0.0.1:3000;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_redirect http:// https://;
# 短缓存 + 强制验证
expires 1h;
add_header Cache-Control "public, must-revalidate, proxy-revalidate";
}
# === 彻底禁用Service Worker ===
location = /service-worker.js { return 404; }
location ~ ^/workbox-.*\.js$ { return 404; }
#PHP-INFO-START PHP引用配置
include enable-php-00.conf;
#PHP-INFO-END
# === 关键:注释掉反向代理包含 ===
# 避免与上面的手动配置冲突
#include /www/server/panel/vhost/nginx/proxy/your-domain.com/*.conf;
#REWRITE-START URL重写规则引用
include /www/server/panel/vhost/rewrite/your-domain.com.conf;
#REWRITE-END
#禁止访问的文件或目录
location ~ ^/(\.user.ini|\.htaccess|\.git|\.env|\.svn|\.project|LICENSE|README.md)
{
return 404;
}
#一键申请SSL证书验证目录相关设置
location ~ \.well-known{
allow all;
}
#禁止在证书验证目录放入敏感文件
if ( $uri ~ "^/\.well-known/.*\.(php|jsp|py|js|css|lua|ts|go|zip|tar\.gz|rar|7z|sql|bak)$" ) {
return 403;
}
access_log /www/wwwlogs/your-domain.com.log;
error_log /www/wwwlogs/your-domain.com.error.log;
}文中所有的your-domain.com需替换成你自己的域名,修改完成后,点击保存即可
此时你再打开homepage背景图将会正确被加载
扫一扫
1597
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
