frp为多个本地 HTTP 服务启用 HTTPS

2026-04-05 阅读量:7 默认分类 0

使用 https2http 插件将本地 HTTP 服务转换为 HTTPS 服务,以供外部访问。
frp服务端配置

bindPort = 7000
vhostHTTPPort = 800
vhostHTTPSPort = 4430
webServer.addr = "0.0.0.0"
webServer.port = 7500
webServer.user = "zhanghao"
webServer.password = "mima"

auth.method="token"
auth.token = "mima"

frp客户端配置

serverAddr = "your_ip"
#连接到云服务器端口,需要和frps.toml配置文件中端口一致
serverPort = 7000

auth.method = "token"
auth.token = "mima"


#web
[[proxies]]
name = "web"
type = "http"
localPort = 80
customDomains = ["your_domain"]
#web443
[[proxies]]
name = "web443"
type = "https"
customDomains = ["your_domain"]

[proxies.plugin]
type = "https2http"
localAddr = "127.0.0.1:80"
# 网站2 - 新增站点(通过nginx)
[[proxies]]
name = "web2"
type = "http"                    
localPort = 10087                
customDomains = ["xx.xx.cn"]    
#web443
[[proxies]]
name = "web443"
type = "https"
customDomains = ["xx.xx.cn"]

[proxies.plugin]
type = "https2http"
localAddr = "127.0.0.1:10087"

nginx配置

#web
    location / {
      proxy_set_header   X-Real-IP        $remote_addr;
      proxy_set_header   X-Forwarded-For  $proxy_add_x_forwarded_for;
      proxy_set_header   Host             $http_host;
      proxy_set_header   Upgrade          $http_upgrade;
      proxy_set_header   X-NginX-Proxy    true;
      proxy_set_header   Connection "upgrade";
      proxy_http_version 1.1;
      proxy_pass         http://localhost:800;
    }
# 网站2
    location / {
      proxy_set_header   X-Real-IP        $remote_addr;
      proxy_set_header   X-Forwarded-For  $proxy_add_x_forwarded_for;
      proxy_set_header   Host             $http_host;
      proxy_set_header   Upgrade          $http_upgrade;
      proxy_set_header   X-NginX-Proxy    true;
      proxy_set_header   Connection "upgrade";
      proxy_http_version 1.1;
      proxy_pass         http://localhost:800;
    }

当然,如果追求方便,可以直接用cloudflare
frp服务端无需安装Nginx、无需配置SSL证书、无需设置反向代理、无需创建网站目录

服务端配置

bindPort = 7000
vhostHTTPPort = 800
vhostHTTPSPort = 4430  #单独网站用cloudflare可以不写
webServer.addr = "0.0.0.0"
webServer.port = 7500
webServer.user = "zhanghao"
webServer.password = "mima"

auth.method="token"
auth.token = "mima"

客户端配置

serverAddr = "your_ip"
serverPort = 7000
auth.method = "token"
auth.token = "mima"

# ============== Cloudflare方案(新站点)==============
# 网站3 - 新增站点(通过Cloudflare)
[[proxies]]
name = "web3"
type = "http"                    # 只处理HTTP
localPort = 10089                 # 客户端服务器的Nginx监听10089
customDomains = ["a.xx.com"]  # 新域名

然后在cloudflare中设置
DNS:A记录指向国外服务器IP,开启代理(橙色云)
SSL/TLS:模式设为Flexible
Origin Rules:将域名回源端口设为800
关键是Origin Rules设置:
1.选择自定义筛选表达式
2.当传入请求匹配时...字段选择主机名,运算符选择等于,值输入your_domain(比如a.xx.com
3.目标端口重写到800
保存,直接访问your_domain(比如a.xx.com),这时直接就是https请求了。
小结:
Origin Rules 是 Cloudflare 的一个核心功能,它允许你在流量进入你的源站服务器之前,动态地修改回源请求的关键参数(如目标端口、主机头等),这对于将非标准端口的后端服务(如监听 800 的 FRP 服务)接入 Cloudflare 的 HTTPS 代理网络至关重要。

评论区: