> For the complete documentation index, see [llms.txt](https://close.gitbook.io/yun-wei-bi-ji/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://close.gitbook.io/yun-wei-bi-ji/centos/tomcat/nginx-qian-duan-https-+tomcat-hou-duan-http-fei-80443-duan-kou-fan-xiang-dai-li-de-pei-zhi-fang-shi.md).

# nginx 前端https +tomcat 后端 http 非80、443端口反向代理的配置方式

前端nginx https +tomcat http 非80端口配置方式

**Nginx增加以下配置**

```bash
proxy_set_header Host host:host:server_port; 非80端口 ，用80端口时 不需要$server_port

proxy_set_header X-Real-IP $remote_addr;

proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

proxy_set_header X-Forwarded-Proto $scheme;        //主要加这个协议
```

**Tomcat server.xml配置**

```bash
<Engine name="Catalina" defaultHost="localhost">

位置： <Host ....中  />

<!-- 方法一： -->
    <Valve className="org.apache.catalina.valves.RemoteIpValve" protocolHeaderHttpsValue="https" remoteIpHeader="X-Forwarded-For" protocolHeader="X-Forwarded-Proto" />

<!-- 方法二： -->
      <Valve className="org.apache.catalina.valves.RemoteIpValve"
             remoteIpHeader="X-Forwarded-For"
             protocolHeader="X-Forwarded-Proto"
             protocolHeaderHttpsValue="https"  httpsServerPort="7001"/> 非80端口时，必须增加httpsServerPort配置，不然request.getServerPort()方法返回 443.
</Engine>
```

**例如：**

```bash
upstream backend {
        hash $remote_addr consistent;
        server 192.168.1.41:4444 max_fails=3 fail_timeout=10s;
        server 192.168.1.41:5555 max_fails=3 fail_timeout=10s;
} 



server {
       listen 80;
       listen 443 ssl http2;
       server_name 304350.com;

        #HTTP_TO_HTTPS_END
        ssl_certificate    /ssl/fullchain.pem;
        ssl_certificate_key    /ssl/privkey.pem;
        ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3;
        ssl_ciphers EECDH+CHACHA20:EECDH+CHACHA20-draft:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
        ssl_prefer_server_ciphers on;
        ssl_session_cache shared:SSL:10m;
        ssl_session_timeout 10m;
        add_header Strict-Transport-Security "max-age=31536000";
        error_page 497  https://$host$request_uri;
        #SSL-END


       location / {
           proxy_pass http://backend;
           proxy_set_header Host $http_host;
           proxy_set_header X-Real-IP $remote_addr;
           proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
           proxy_set_header X-Forwarded-Proto $scheme;
       }
       
        # 防止静态资源找不到
       location ~ .* {
           proxy_pass http://backend;
           proxy_set_header Host $http_host;
           proxy_set_header X-Real-IP $remote_addr;
           proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
           proxy_set_header X-Forwarded-Proto $scheme;
       }

       location ~ .*\.(gif|jpg|jpeg|bmp|png|ico|txt|js|css)$ {
            expires      12h;
        }

       location ~ .*\.war$ {
              return 404;
          }


      location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$ {
          expires      30d;
          error_log off;
          access_log /dev/null;
      }
      
      location ~ .*\.(js|css)?$ {
          expires      12h;
          error_log off;
          access_log /dev/null; 
      }
}
```

**tomcat**

```bash
      <Host name="localhost"  appBase="webapps"
            unpackWARs="true" autoDeploy="true">
            <!-- 添加这行
                <Valve className="org.apache.catalina.valves.RemoteIpValve" protocolHeaderHttpsValue="https" remoteIpHeader="X-Forwarded-For" protocolHeader="X-Forwarded-Proto" />
            -->
            <Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs"
               prefix="localhost_access_log" suffix=".txt"
               pattern="%h %l %u %t &quot;%r&quot; %s %b" />
               <!-- path是访问路径， docBase是项目实际路径-->
          <Context crossContext="true" path="/"  docBase="./xxxx" reloadable="true" />
      </Host>
```


---

# Agent Instructions
This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com.

## Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://close.gitbook.io/yun-wei-bi-ji/centos/tomcat/nginx-qian-duan-https-+tomcat-hou-duan-http-fei-80443-duan-kou-fan-xiang-dai-li-de-pei-zhi-fang-shi.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.