nginx配置 laravel 支持

nginx配置

源地址 note.youdao.com/share/?id=cb2806d2...

ssl的配置

 
ssl on;
ssl_certificate /usr/local/nginx/ssl.crt;
ssl_certificate_key /usr/local/nginx/ssl.key;
ssl_session_timeout 5m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;
ssl_prefer_server_ciphers on;

配置thinkphp项目的过滤

 
# 文件位置 ./conf/filter_thinkphp
#防注入
set $str &$query_string;
#thinkphp的模块名,控制器名,方法名不能包含特殊字符,且不能超过30个字符
if ($str ~* "&(g|m|a)=[^&]{0,}[^a-zA-Z0-9_&]") {
    return 403;
}
if ($str ~* "&(g|m|a)=[^&]{30,}") {
    return 403;
}
#请求的地址中不能有..
if ($str ~* "\.\.") {
    return 403;
}
#请求的地址中不能有 ./. 或 .\.
if ($str ~* "(\./\.|\.\\\.)") {
    return 403;
}
#漏洞屏蔽(thinkcmf中有) https://xz.aliyun.com/t/6626?spm=a2c4g.11174386.n2.4.9cc31051EvLkaF
#请求的地址中不能有 templateFile 参数
if ($str ~* "&templateFile=") {
    return 403;
}
# 主配置文件 ./conf/nginx.conf 格式如下
http {
    server {
        listen          80;
 
        include conf/filter_thinkphp;
 
        location ~ \.php$ {
            root   "E:/wamp/www";
            #有些人很聪明,访问 http://***/tupian.jpg/index.php 这种路径, php-fpm从5.3.9开始，php官方加入了一个配置"security.limit_extensions"，默认状态下只允许执行扩展名为".php"的文件  
            #但windows服务器都是用php-cgi 这就有问题了  
            #php找文件从路径开头逐个/查找,结果找到.jpg文件存在，作为php脚本执行,但是url请求的脚本文件是index.php所以这里判断下文件是否存在,不存在拒绝  
            if (!-e $request_filename) {return 403;}
            #部分文件格式不允许下载  
            if ($request_filename ~* "\.(zip|gz|rar|sql|gitignore|git|htaccess)$") {return 403;}
            #有些人很聪明,插件里面放自己的脚本文件 http://***/public/abc.php ,    因为自己用的框架只有1个入口文件,和自己加的admin.php入口文件,所以过滤其他的脚本文件  
            if ($fastcgi_script_name !~* "^/(index\.php|admin\.php)$") {return 403;}
            #当然 可以用下面的正则做过滤 2选1 即可
#            if ($fastcgi_script_name !~* "^/[a-zA-Z0-9_-]+\.php$") {
#                return 403;
#            }
            fastcgi_pass   127.0.0.1:9000;
            fastcgi_index  index.php;
            fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
            include        conf/fastcgi_params;
            fastcgi_connect_timeout 75;
            fastcgi_send_timeout 300;
            fastcgi_read_timeout 600;
            fastcgi_buffer_size 64k;
            fastcgi_buffers 8 64k;}
 
        location / {
            root    "E:/wamp/www";
            index   index.php;
 
            if (!-e $request_filename) {
                rewrite ^/(.*)$ /index.php?$1 last;}
            location ~ \.(gif|jpg|jpeg|png|bmp|swf)$ {
                expires 30d;}
            location ~ \.(js|css)$ {
                expires 10d;}}}
}

配置二级目录的laravel项目

 
http {
    server {
        listen          80;
 
        location = /kf2 {
            rewrite ^/kf2$ /kf2/ redirect;}
        location /kf2/ {
            #进入项目
            root    "E:\wamp\www\laravle\public";set $web_pre /kf2;
            index   index.php;
            #赋值自定义的uri  
            set $real_uri $uri;if ( $uri ~ /kf2/(.*)$ ) {set $real_uri $1;}
            #静态资源优先  
            if ( $real_uri ~ \.(gif|jpg|jpeg|png|bmp|swf|js|css|wmv|ogg|woff2|woff|ttf|html|eot|mp4|ico)$ ) {
                rewrite .* /$real_uri break;
                expires 30d;break;}
            # php脚本
            fastcgi_index  index.php;set $real_uri index.php;
            include        conf/fastcgi_params;set $fastcgi_script_name_real /$real_uri;
            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name_real;
            fastcgi_param  SCRIPT_NAME        $web_pre/$real_uri;
            fastcgi_param  DOCUMENT_URI       $web_pre/$real_uri;
            fastcgi_connect_timeout 75;
            fastcgi_send_timeout 300;
            fastcgi_read_timeout 100;
            fastcgi_buffer_size 64k;
            fastcgi_buffers 8 64k;if ( $real_uri ) {
                fastcgi_pass   127.0.0.1:9000;break;}return 404;}}
}

配置二级目录的 thinkphp 项目

 
http {
    server {
        listen          8290;
        ssl_certificate   conf/ssl/ssl.crt;
        ssl_certificate_key  conf/ssl/ssl.key;
        ssl_session_timeout 5m;
        ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
        ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
        ssl_prefer_server_ciphers on;
 
        server_name     _;
        client_max_body_size 100M;
        client_body_timeout 1m;
        error_page  404              /404.html;
        error_page   500 502 503 504  /50x.html;
 
        root   "E:/YS/wamp/www/GIT";
        index  index.html index.htm index.php;
 
        error_log  logs/error.8290.log  info;
 
        location = /50x.html {
            root   html;}
 
        # 8290 统一解析php文件
        include conf/denied.files.ys;
        include conf/filter.thinkphp.ys;
 
        location ~ \.php$ {if ($fastcgi_script_name !~* "^/[\/a-zA-Z0-9_-]+\.php$") {return 403;}
            fastcgi_pass   127.0.0.1:9003;
            fastcgi_index  index.php;
            fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
            include        conf/fastcgi_params;
            fastcgi_connect_timeout 75;
            fastcgi_send_timeout 300;
            fastcgi_read_timeout 600;
            fastcgi_buffer_size 64k;
            fastcgi_buffers 8 64k;}
 
        # king 8290
        location /king/ {
            #进入项目  
            #赋值自定义的uri  
            if (!-e $request_filename) {
                rewrite ^/king/index.php(.*)$ /king/index.php?s=$1 last;
                rewrite ^/king/(.*)$ /king/index.php?s=$1 last;}}}
}

laravel 过滤url的配置

 
# 文件位置 ./conf/filter.laravel.ys
# 下面内容 在 server{} 中
 
# 资源文件
location ~ \.(gif|jpg|jpeg|png|bmp|swf|js|css|wmv|ogg|woff2|woff|ttf|html|eot|mp4|ico|otf)$ {
    expires 30d;break;
}
 
# 过滤url 只能包含 0-9a-zA-Z./-_  但不能有..
location ~ \.\. {return 401;
}
location ~ [^0-9a-zA-Z\./-_] {return 402;
}
 
#这里是直接转发php的所以不会代理到别处
#nginx realip_module 模块需要在编译nginx的时候加上参数--with-http_realip_module 这里只是为了 remote_addr 是上层的 remote_addr
#laravel 有 TrustProxies 所以这里都注释掉
#可以 nginx -V 查看 大写V
# 如果被 server 127.0.0.1:8306; 代理
#set_real_ip_from   127.0.0.1;
# 如果被 server 192.168.83.180:8306; 代理
#set_real_ip_from   192.168.83.180;
#real_ip_header    X-Forwarded-For;
#real_ip_recursive on;
 
# 交给 php处理
location / {
    #进入项目
    index   index.php;
    # php脚本
    fastcgi_index  index.php;set $real_uri index.php;
 
    #include        conf/fastcgi_params;
fastcgi_param  QUERY_STRING       $query_string;
fastcgi_param  REQUEST_METHOD     $request_method;
fastcgi_param  CONTENT_TYPE       $content_type;
fastcgi_param  CONTENT_LENGTH     $content_length;
 
fastcgi_param  SCRIPT_NAME        $fastcgi_script_name;
fastcgi_param  REQUEST_URI        $request_uri;
fastcgi_param  DOCUMENT_URI       $document_uri;
fastcgi_param  DOCUMENT_ROOT      $document_root;
fastcgi_param  SERVER_PROTOCOL    $server_protocol;
fastcgi_param  REQUEST_SCHEME     $scheme;
fastcgi_param  HTTPS              $https if_not_empty;
 
fastcgi_param  GATEWAY_INTERFACE  CGI/1.1;
fastcgi_param  SERVER_SOFTWARE    nginx/$nginx_version;
 
fastcgi_param  REMOTE_ADDR        $remote_addr;
fastcgi_param  REMOTE_PORT        $remote_port;
fastcgi_param  SERVER_ADDR        $server_addr;
fastcgi_param  SERVER_PORT        $server_port;
fastcgi_param  SERVER_NAME        $server_name;
 
# PHP only, required if PHP was built with --enable-force-cgi-redirect
fastcgi_param  REDIRECT_STATUS    200;
 
 
    set $fastcgi_script_name_real /$real_uri;
    fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name_real;
    fastcgi_param  SCRIPT_NAME        /$real_uri;
    fastcgi_param  DOCUMENT_URI       /$real_uri;
    fastcgi_connect_timeout 75;
    fastcgi_send_timeout 300;
    fastcgi_read_timeout 100;
    fastcgi_buffer_size 64k;
    fastcgi_buffers 8 64k;
    fastcgi_pass   127.0.0.1:9004;break;
}
# 文件位置 ./conf/demo.ys.conf
#nginx 做代理的一层
 
#定义集群
upstream demo{
    server 127.0.0.1:8306;
    server 127.0.0.1:8307;
}
server {
    listen          8305;
    server_name     _;
    client_max_body_size 100M;
    client_body_timeout 1m;
    error_log  logs/error.8305.log  info;
 
    location / {
        proxy_pass http://demo;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Real-PORT $remote_port;
        #我是最外层 所以我的 X-Forwarded-For 配置为真实客户端ip 内层的代理 可以配置为 proxy_add_x_forwarded_for 把自己的ip add进去
        proxy_set_header X-Forwarded-For $remote_addr;
        proxy_set_header X-NginX-Proxy true;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header X-Forwarded-Prefix /;
        #laravel的TrustProxies配置后需要X-Forwarded-For|X-Forwarded-Proto|X-Forwarded-Prefix
    }
 
    location /test/ {
        proxy_pass http://demo/;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Real-PORT $remote_port;
        #我是最外层 所以我的 X-Forwarded-For 配置为真实客户端ip 内层的代理 可以配置为 proxy_add_x_forwarded_for 把自己的ip add进去
        proxy_set_header X-Forwarded-For $remote_addr;
        proxy_set_header X-NginX-Proxy true;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header X-Forwarded-Prefix /test/;
        #laravel的TrustProxies配置后需要X-Forwarded-For|X-Forwarded-Proto|X-Forwarded-Prefix
    }
}
 
#web-01 web项目
server {
    listen          8306;
    server_name     _;
    client_max_body_size 100M;
    client_body_timeout 1m;
    error_page  404              /404.html;
    error_page   500 502 503 504  /50x.html;
    root   "E:\YS\wamp\www\GIT\demo\public";
    error_log  logs/error.8306.log  info;
    location = /50x.html {
        root   html;}
    include conf/filter.laravel.ys;
}
#web-02 web项目
server {
    listen          8307;
    server_name     _;
    client_max_body_size 100M;
    client_body_timeout 1m;
    error_page  404              /404.html;
    error_page   500 502 503 504  /50x.html;
    root   "E:\YS\wamp\www\GIT\demo\public";
    error_log  logs/error.8307.log  info;
    location = /50x.html {
        root   html;}
    include conf/filter.laravel.ys;
}
// laravel 项目配置文件
// App\Http\Middleware\TrustProxies.php
<?php
 
namespace App\Http\Middleware;
 
use Fideloper\Proxy\TrustProxies as Middleware;
use Illuminate\Http\Request;
 
class TrustProxies extends Middleware
{
    /**
     * The trusted proxies for this application.
     *
     * @var array|string|null
     */
    protected $proxies = [// 这里配置 ???'127.0.0.1',];
 
    /**
     * The headers that should be used to detect proxies.
     *
     * @var int
     */
    protected $headers = Request::HEADER_X_FORWARDED_FOR | Request::HEADER_X_FORWARDED_HOST | Request::HEADER_X_FORWARDED_PORT | Request::HEADER_X_FORWARDED_PROTO | Request::HEADER_X_FORWARDED_AWS_ELB | Request::HEADER_X_FORWARDED_PREFIX;
}

	ssl on;
	ssl_certificate /usr/local/nginx/ssl.crt;
	ssl_certificate_key /usr/local/nginx/ssl.key;
	ssl_session_timeout 5m;
	ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
	ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;
	ssl_prefer_server_ciphers on;

	# 文件位置 ./conf/filter_thinkphp
	#防注入
	set $str &$query_string;
	#thinkphp的模块名,控制器名,方法名不能包含特殊字符,且不能超过30个字符
	if ($str ~* "&(g\|m\|a)=[^&]{0,}[^a-zA-Z0-9_&]") {
	return 403;
	}
	if ($str ~* "&(g\|m\|a)=[^&]{30,}") {
	return 403;
	}
	#请求的地址中不能有..
	if ($str ~* "\.\.") {
	return 403;
	}
	#请求的地址中不能有 ./. 或 .\.
	if ($str ~* "(\./\.\|\.\\\.)") {
	return 403;
	}
	#漏洞屏蔽(thinkcmf中有) https://xz.aliyun.com/t/6626?spm=a2c4g.11174386.n2.4.9cc31051EvLkaF
	#请求的地址中不能有 templateFile 参数
	if ($str ~* "&templateFile=") {
	return 403;
	}
	# 主配置文件 ./conf/nginx.conf 格式如下
	http {
	server {
	listen 80;

	include conf/filter_thinkphp;

	location ~ \.php$ {
	root "E:/wamp/www";
	#有些人很聪明,访问 http://***/tupian.jpg/index.php 这种路径, php-fpm从5.3.9开始，php官方加入了一个配置"security.limit_extensions"，默认状态下只允许执行扩展名为".php"的文件
	#但windows服务器都是用php-cgi 这就有问题了
	#php找文件从路径开头逐个/查找,结果找到.jpg文件存在，作为php脚本执行,但是url请求的脚本文件是index.php所以这里判断下文件是否存在,不存在拒绝
	if (!-e $request_filename) {return 403;}
	#部分文件格式不允许下载
	if ($request_filename ~* "\.(zip\|gz\|rar\|sql\|gitignore\|git\|htaccess)$") {return 403;}
	#有些人很聪明,插件里面放自己的脚本文件 http://***/public/abc.php , 因为自己用的框架只有1个入口文件,和自己加的admin.php入口文件,所以过滤其他的脚本文件
	if ($fastcgi_script_name !~* "^/(index\.php\|admin\.php)$") {return 403;}
	#当然可以用下面的正则做过滤 2选1 即可
	# if ($fastcgi_script_name !~* "^/[a-zA-Z0-9_-]+\.php$") {
	# return 403;
	# }
	fastcgi_pass 127.0.0.1:9000;
	fastcgi_index index.php;
	fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
	include conf/fastcgi_params;
	fastcgi_connect_timeout 75;
	fastcgi_send_timeout 300;
	fastcgi_read_timeout 600;
	fastcgi_buffer_size 64k;
	fastcgi_buffers 8 64k;}

	location / {
	root "E:/wamp/www";
	index index.php;

	if (!-e $request_filename) {
	rewrite ^/(.*)$ /index.php?$1 last;}
	location ~ \.(gif\|jpg\|jpeg\|png\|bmp\|swf)$ {
	expires 30d;}
	location ~ \.(js\|css)$ {
	expires 10d;}}}
	}

	http {
	server {
	listen 8290;
	ssl_certificate conf/ssl/ssl.crt;
	ssl_certificate_key conf/ssl/ssl.key;
	ssl_session_timeout 5m;
	ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
	ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
	ssl_prefer_server_ciphers on;

	server_name _;
	client_max_body_size 100M;
	client_body_timeout 1m;
	error_page 404 /404.html;
	error_page 500 502 503 504 /50x.html;

	root "E:/YS/wamp/www/GIT";
	index index.html index.htm index.php;

	error_log logs/error.8290.log info;

	location = /50x.html {
	root html;}

	# 8290 统一解析php文件
	include conf/denied.files.ys;
	include conf/filter.thinkphp.ys;

	location ~ \.php$ {if ($fastcgi_script_name !~* "^/[\/a-zA-Z0-9_-]+\.php$") {return 403;}
	fastcgi_pass 127.0.0.1:9003;
	fastcgi_index index.php;
	fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
	include conf/fastcgi_params;
	fastcgi_connect_timeout 75;
	fastcgi_send_timeout 300;
	fastcgi_read_timeout 600;
	fastcgi_buffer_size 64k;
	fastcgi_buffers 8 64k;}

	# king 8290
	location /king/ {
	#进入项目
	#赋值自定义的uri
	if (!-e $request_filename) {
	rewrite ^/king/index.php(.*)$ /king/index.php?s=$1 last;
	rewrite ^/king/(.*)$ /king/index.php?s=$1 last;}}}
	}

	# 文件位置 ./conf/filter.laravel.ys
	# 下面内容在 server{} 中

	# 资源文件
	location ~ \.(gif\|jpg\|jpeg\|png\|bmp\|swf\|js\|css\|wmv\|ogg\|woff2\|woff\|ttf\|html\|eot\|mp4\|ico\|otf)$ {
	expires 30d;break;
	}

	# 过滤url 只能包含 0-9a-zA-Z./-_ 但不能有..
	location ~ \.\. {return 401;
	}
	location ~ [^0-9a-zA-Z\./-_] {return 402;
	}

	#这里是直接转发php的所以不会代理到别处
	#nginx realip_module 模块需要在编译nginx的时候加上参数--with-http_realip_module 这里只是为了 remote_addr 是上层的 remote_addr
	#laravel 有 TrustProxies 所以这里都注释掉
	#可以 nginx -V 查看大写V
	# 如果被 server 127.0.0.1:8306; 代理
	#set_real_ip_from 127.0.0.1;
	# 如果被 server 192.168.83.180:8306; 代理
	#set_real_ip_from 192.168.83.180;
	#real_ip_header X-Forwarded-For;
	#real_ip_recursive on;

	# 交给 php处理
	location / {
	#进入项目
	index index.php;
	# php脚本
	fastcgi_index index.php;set $real_uri index.php;

	#include conf/fastcgi_params;
	fastcgi_param QUERY_STRING $query_string;
	fastcgi_param REQUEST_METHOD $request_method;
	fastcgi_param CONTENT_TYPE $content_type;
	fastcgi_param CONTENT_LENGTH $content_length;

	fastcgi_param SCRIPT_NAME $fastcgi_script_name;
	fastcgi_param REQUEST_URI $request_uri;
	fastcgi_param DOCUMENT_URI $document_uri;
	fastcgi_param DOCUMENT_ROOT $document_root;
	fastcgi_param SERVER_PROTOCOL $server_protocol;
	fastcgi_param REQUEST_SCHEME $scheme;
	fastcgi_param HTTPS $https if_not_empty;

	fastcgi_param GATEWAY_INTERFACE CGI/1.1;
	fastcgi_param SERVER_SOFTWARE nginx/$nginx_version;

	fastcgi_param REMOTE_ADDR $remote_addr;
	fastcgi_param REMOTE_PORT $remote_port;
	fastcgi_param SERVER_ADDR $server_addr;
	fastcgi_param SERVER_PORT $server_port;
	fastcgi_param SERVER_NAME $server_name;

	# PHP only, required if PHP was built with --enable-force-cgi-redirect
	fastcgi_param REDIRECT_STATUS 200;


	set $fastcgi_script_name_real /$real_uri;
	fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name_real;
	fastcgi_param SCRIPT_NAME /$real_uri;
	fastcgi_param DOCUMENT_URI /$real_uri;
	fastcgi_connect_timeout 75;
	fastcgi_send_timeout 300;
	fastcgi_read_timeout 100;
	fastcgi_buffer_size 64k;
	fastcgi_buffers 8 64k;
	fastcgi_pass 127.0.0.1:9004;break;
	}
	# 文件位置 ./conf/demo.ys.conf
	#nginx 做代理的一层

	#定义集群
	upstream demo{
	server 127.0.0.1:8306;
	server 127.0.0.1:8307;
	}
	server {
	listen 8305;
	server_name _;
	client_max_body_size 100M;
	client_body_timeout 1m;
	error_log logs/error.8305.log info;

	location / {
	proxy_pass http://demo;
	proxy_set_header Host $host;
	proxy_set_header X-Real-IP $remote_addr;
	proxy_set_header X-Real-PORT $remote_port;
	#我是最外层所以我的 X-Forwarded-For 配置为真实客户端ip 内层的代理可以配置为 proxy_add_x_forwarded_for 把自己的ip add进去
	proxy_set_header X-Forwarded-For $remote_addr;
	proxy_set_header X-NginX-Proxy true;
	proxy_set_header X-Forwarded-Proto $scheme;
	proxy_set_header X-Forwarded-Prefix /;
	#laravel的TrustProxies配置后需要X-Forwarded-For\|X-Forwarded-Proto\|X-Forwarded-Prefix
	}

	location /test/ {
	proxy_pass http://demo/;
	proxy_set_header Host $host;
	proxy_set_header X-Real-IP $remote_addr;
	proxy_set_header X-Real-PORT $remote_port;
	#我是最外层所以我的 X-Forwarded-For 配置为真实客户端ip 内层的代理可以配置为 proxy_add_x_forwarded_for 把自己的ip add进去
	proxy_set_header X-Forwarded-For $remote_addr;
	proxy_set_header X-NginX-Proxy true;
	proxy_set_header X-Forwarded-Proto $scheme;
	proxy_set_header X-Forwarded-Prefix /test/;
	#laravel的TrustProxies配置后需要X-Forwarded-For\|X-Forwarded-Proto\|X-Forwarded-Prefix
	}
	}

	#web-01 web项目
	server {
	listen 8306;
	server_name _;
	client_max_body_size 100M;
	client_body_timeout 1m;
	error_page 404 /404.html;
	error_page 500 502 503 504 /50x.html;
	root "E:\YS\wamp\www\GIT\demo\public";
	error_log logs/error.8306.log info;
	location = /50x.html {
	root html;}
	include conf/filter.laravel.ys;
	}
	#web-02 web项目
	server {
	listen 8307;
	server_name _;
	client_max_body_size 100M;
	client_body_timeout 1m;
	error_page 404 /404.html;
	error_page 500 502 503 504 /50x.html;
	root "E:\YS\wamp\www\GIT\demo\public";
	error_log logs/error.8307.log info;
	location = /50x.html {
	root html;}
	include conf/filter.laravel.ys;
	}
	// laravel 项目配置文件
	// App\Http\Middleware\TrustProxies.php
	<?php

	namespace App\Http\Middleware;

	use Fideloper\Proxy\TrustProxies as Middleware;
	use Illuminate\Http\Request;

	class TrustProxies extends Middleware
	{
	/**
	* The trusted proxies for this application.
	*
	* @var array\|string\|null
	*/
	protected $proxies = [// 这里配置 ???'127.0.0.1',];

	/**
	* The headers that should be used to detect proxies.
	*
	* @var int
	*/
	protected $headers = Request::HEADER_X_FORWARDED_FOR \| Request::HEADER_X_FORWARDED_HOST \| Request::HEADER_X_FORWARDED_PORT \| Request::HEADER_X_FORWARDED_PROTO \| Request::HEADER_X_FORWARDED_AWS_ELB \| Request::HEADER_X_FORWARDED_PREFIX;
	}