# frp穿透和ssl續期
## frp配置http和https,支持在通過域名訪問本地服務,是開發小程序,app,公眾號必備,能節省上傳到服務器時間
- 準備工作
阿里云服務器一臺,環境是centos或debian,已安裝php環境,比如寶塔
nginx端口默認用了80,https默認是443
已備案頂級域名一個,已解析二級域名如: api.shanliwawa.top
假如服務器公網IP 9.9.9.9
本地客戶端win10系統,運行php環境,端口80,服務器Apache+php,注意nginx會出錯解析不了.
- 下載frp
官方 <https://github.com/fatedier/frp/releases> ,下載很慢,可以用wget命令從阿里云下載然后傳回本地,速度超快,我下載的百度云鏈接:<https://pan.baidu.com/s/1y93ICGadhURKkT0Mz4vX3A>
提取碼:a1dv
服務器端選擇 64位linux frp\_0.33.0\_linux\_amd64.tar.gz
客戶端選windows64位 frp\_0.33.0\_windows\_amd64.zip
- 服務器
服務器端只需要兩個文件frps和frps.ini
解壓到根目錄下 frp文件夾 通過cd進入frp,進入目錄執行,注意權限改為777
進入目錄 `cd /frp`
啟動命令 `nohup ./frps -c ./frps.ini &`
**服務器端管理地址 <http://9.9.9.9:7500> 默認賬號密碼admin**
frps.ini 配置如下,4443是通信端口,客戶端也必須相同,8081是服務器端口,因為80被nginx占用了,我們要用服務器端nginx反向代理,代理配置如下
```
<pre class="calibre14">```
<span class="token2">[</span>common<span class="token2">]</span>
#通信端口
bind_port <span class="token">=</span> <span class="token3">4443</span>
#http
vhost_http_port <span class="token">=</span> <span class="token3">8081</span>
#https
vhost_https_port <span class="token">=</span> <span class="token3">8082</span>
#泛解析<span class="token2">,</span>可以解析 <span class="token">*</span><span class="token2">.</span>api<span class="token2">.</span>shanliwawa<span class="token2">.</span>top
subdomain_host <span class="token">=</span>api<span class="token2">.</span>shanliwawa<span class="token2">.</span>top
#服務器面板配置賬號密碼
dashboard_port <span class="token">=</span> <span class="token3">7500</span>
dashboard_user <span class="token">=</span> admin
dashboard_pwd <span class="token">=</span> admin
```
```
- nginx配置,反向代理配置,同一個服務器可以代理https和http只需要加兩個server即可
```
<pre class="calibre14">```
server
<span class="token2">{</span>
listen <span class="token3">80</span><span class="token2">;</span>
server_name <span class="token">*</span><span class="token2">.</span>api<span class="token2">.</span>shanliwawa<span class="token2">.</span>top<span class="token2">;</span>
location <span class="token">/</span> <span class="token2">{</span>
proxy_pass http<span class="token2">:</span><span class="token">/</span><span class="token">/</span><span class="token3">127.0</span><span class="token3">.0</span><span class="token3">.1</span><span class="token2">:</span><span class="token3">8081</span><span class="token2">;</span>
proxy_set_header Host $host<span class="token2">:</span><span class="token3">80</span><span class="token2">;</span>
proxy_set_header X<span class="token">-</span>Real<span class="token">-</span>IP $remote_addr<span class="token2">;</span>
proxy_set_header X<span class="token">-</span>Forwarded<span class="token">-</span>For $proxy_add_x_forwarded_for<span class="token2">;</span>
proxy_hide_header X<span class="token">-</span>Powered<span class="token">-</span>By<span class="token2">;</span>
<span class="token2">}</span>
<span class="token2">}</span>
server
<span class="token2">{</span>
listen <span class="token3">443</span> ssl http2<span class="token2">;</span>
server_name we7<span class="token2">.</span>api<span class="token2">.</span>shanliwawa<span class="token2">.</span>top<span class="token2">;</span>
<span class="token5">if</span> <span class="token2">(</span>$server_port <span class="token">!</span><span class="token">~</span> <span class="token3">443</span><span class="token2">)</span><span class="token2">{</span>
rewrite <span class="token">^</span><span class="token2">(</span><span class="token">/</span><span class="token2">.</span><span class="token">*</span><span class="token2">)</span>$ https<span class="token2">:</span><span class="token">/</span><span class="token">/</span>$host$<span class="token3">1</span> permanent<span class="token2">;</span>
<span class="token2">}</span>
ssl_certificate <span class="token">/</span>www<span class="token">/</span>server<span class="token">/</span>panel<span class="token">/</span>vhost<span class="token">/</span>cert<span class="token">/</span>api<span class="token2">.</span>shanliwawa<span class="token2">.</span>top<span class="token">/</span>fullchain<span class="token2">.</span>pem<span class="token2">;</span>
ssl_certificate_key <span class="token">/</span>www<span class="token">/</span>server<span class="token">/</span>panel<span class="token">/</span>vhost<span class="token">/</span>cert<span class="token">/</span>api<span class="token2">.</span>shanliwawa<span class="token2">.</span>top<span class="token">/</span>privkey<span class="token2">.</span>pem<span class="token2">;</span>
ssl_protocols TLSv1 TLSv1<span class="token2">.</span><span class="token3">1</span> TLSv1<span class="token2">.</span><span class="token3">2</span> TLSv1<span class="token2">.</span><span class="token3">3</span><span class="token2">;</span>
ssl_ciphers ECDHE<span class="token">-</span>RSA<span class="token">-</span>AES128<span class="token">-</span>GCM<span class="token">-</span>SHA256<span class="token2">:</span>HIGH<span class="token2">:</span><span class="token">!</span>aNULL<span class="token2">:</span><span class="token">!</span>MD5<span class="token2">:</span><span class="token">!</span>RC4<span class="token2">:</span><span class="token">!</span>DHE<span class="token2">;</span>
ssl_prefer_server_ciphers on<span class="token2">;</span>
ssl_session_cache shared<span class="token2">:</span>SSL<span class="token2">:</span><span class="token3">10</span>m<span class="token2">;</span>
ssl_session_timeout <span class="token3">10</span>m<span class="token2">;</span>
error_page <span class="token3">497</span> https<span class="token2">:</span><span class="token">/</span><span class="token">/</span>$host$request_uri<span class="token2">;</span>
location <span class="token">/</span> <span class="token2">{</span>
proxy_ssl_server_name on<span class="token2">;</span>
proxy_set_header X<span class="token">-</span>Real<span class="token">-</span>IP $remote_addr<span class="token2">;</span>
proxy_set_header X<span class="token">-</span>Forwarded<span class="token">-</span>For $proxy_add_x_forwarded_for<span class="token2">;</span>
proxy_set_header X<span class="token">-</span>Forwarded<span class="token">-</span>Proto $scheme<span class="token2">;</span>
proxy_set_header Host $host<span class="token2">;</span>
proxy_pass https<span class="token2">:</span><span class="token">/</span><span class="token">/</span>we7<span class="token2">.</span>api<span class="token2">.</span>shanliwawa<span class="token2">.</span>top<span class="token2">:</span><span class="token3">8082</span><span class="token2">;</span>
<span class="token2">}</span>
<span class="token2">}</span>
```
```
- 客戶端配置
解壓到D盤frp下,通過cd 進入到frp,只需要frpc和frpc.ini,配置如下,9.9.9.9是我的阿里云IP,4443和上邊對應,啟動命令:
frpc -c frpc.ini
軟件不能關閉,關閉就不能訪問了
**客戶端管理地址 <http://127.0.0.1:7400> 賬號密碼admin**
```
<pre class="calibre14">```
<span class="token2">[</span>common<span class="token2">]</span>
server_addr <span class="token">=</span> <span class="token3">9.9</span><span class="token3">.9</span><span class="token3">.9</span>
server_port <span class="token">=</span> <span class="token3">4443</span>
#adminUI
admin_addr <span class="token">=</span> <span class="token3">127.0</span><span class="token3">.0</span><span class="token3">.1</span>
admin_port <span class="token">=</span> <span class="token3">7400</span>
admin_user <span class="token">=</span> admin
admin_pwd <span class="token">=</span> admin
<span class="token2">[</span>web1<span class="token2">]</span>
type <span class="token">=</span> http
local_ip <span class="token">=</span> <span class="token3">127.0</span><span class="token3">.0</span><span class="token3">.1</span>
local_port <span class="token">=</span> <span class="token3">80</span>
subdomain <span class="token">=</span> home
<span class="token2">[</span>web2<span class="token2">]</span>
type <span class="token">=</span> https
local_ip <span class="token">=</span> <span class="token3">127.0</span><span class="token3">.0</span><span class="token3">.1</span>
local_port <span class="token">=</span> <span class="token3">443</span>
subdomain <span class="token">=</span>we7
```
```
- 啟動vbs腳本
```
<pre class="calibre14">```
dim objShell
set objShell<span class="token">=</span>wscript<span class="token2">.</span><span class="token1">createObject</span><span class="token2">(</span><span class="token4">"WScript.Shell"</span><span class="token2">)</span>
msgbox <span class="token4">"啟動frpc.exe進程成功"</span>
iReturnCode<span class="token">=</span>objShell<span class="token2">.</span><span class="token1">Run</span><span class="token2">(</span><span class="token4">"C:\app\frp\frpc.exe -c C:\app\frp\frpc.ini"</span><span class="token2">,</span><span class="token3">0</span><span class="token2">,</span>TRUE<span class="token2">)</span>
```
```
- 關閉vbs腳本
```
<pre class="calibre14">```
<span class="token1">CreateObject</span><span class="token2">(</span><span class="token4">"WScript.Shell"</span><span class="token2">)</span><span class="token2">.</span>Run <span class="token4">"taskkill /f /im frpc.exe"</span><span class="token2">,</span> <span class="token3">0</span>
msgbox <span class="token4">"關閉frpc.exe進程成功"</span>
```
```
## ssl配置
1. 登錄 <https://www.sslforfree.com>,點擊續期,中間一個,下載驗證文件,放到本地,然后通過http方式訪問;
2. 此時需要關閉本地服務器強制SSL,以及轉發服務器配置文件第一個;
3. 剪切掉,然后保存,驗證文件,然后下載得到三個文件;
4. 將ca\_bundle.crt復制到certificate.crt,得到兩個證書;然后放到本地apache服務器;
5. 最后還需要將兩個證書,部署到寶塔服務器ssl,主要是修改服務器配置文件,參考上邊配置;
- 簡介
- 第一章 數據庫
- Mysql/mariadb
- 函數
- 基礎
- 增刪改索引
- 標準查詢
- 高級查詢
- TIDB集群mysql解決方案
- Redis
- 語言基礎
- 5種數據類型
- 其他類型
- Sqlite
- 語言基礎
- 常用查詢
- 第二章 PHP
- 語言基礎
- 第一課 流程控制和運算
- 第二課 數組
- 第三課 日期時間
- 第四課 常用函數
- 第五課 字符串
- 第六課 文件操作
- 第七課 面向對象
- 第八課 正則表達式
- 第九課 圖片處理生成
- 第十課 curl/memche
- 第十一課 mysql和pdo
- 第十三課 cookie和session
- 第十四課 xml操作
- 第十五課 php5.3+新特性
- 第十六課 php7+
- 第十七課 密碼安全
- 廢棄函數
- php命令行
- redis應用
- 算法
- 排序算法
- 基礎算法
- 無限級分類
- 自定義函數Fn
- 查找算法
- 自定義函數數據函數fn
- laravel
- 路由
- 常用語句
- 數據庫
- dingo/api
- Yii2
- 控制器
- 常用類
- 數據庫
- redis
- thinkphp6
- TP6文檔
- TP6插件
- dedecms
- 織夢標簽大全
- 數據庫操作
- 內置函數和定義函數
- 織夢核心改動
- 織夢插件/底層標簽開發
- PHP相關工具
- composer
- php開發環境phpenv
- Phpstorm使用
- windows編譯php擴展
- PHP開源庫
- 開源項目管理禪道
- sns_auth
- php-casbin權限控制
- php-jwt
- 微信SDKeasywechat
- querylist采集庫
- workerman
- Box/Spout處理excel和csv
- dll擴展
- redis/memche/xdebug
- redis
- Lua
- php_xlswriter
- event
- swoole
- 常用代碼庫
- 微擎框架
- 第一課全局變量
- 第二課常用函數
- 第三課自定義微擎獨有函數
- 第四課數據庫操作
- 第五課微信端回復
- 第六課微擎高級操作
- 第八課global函數列表
- mainfest.xml詳解
- js方法
- 人人商城
- 第一課model解讀
- 第二課常用語句解讀
- 第三課常用js解讀
- 第四課附錄常見問題
- 第五課附錄處理報表|支付
- 常用JSON狀態碼
- 第三章 JavaScript
- js基礎
- 瀏覽器對象
- 語言基礎
- html5接口
- ES6新語法
- vue
- 基礎語法
- 京東vueUI組件
- uniapp
- 組件開發規范
- nodejs
- 基礎知識
- 安裝node
- nvm不同版本node切換
- js常用標準庫
- zepto/jquery
- weui
- js圖標庫
- elementUI
- validator表單驗證
- layer彈出層
- requirejs
- wow動畫
- 動畫animate
- swiper4
- 百度編輯器
- flyio/axios/qs
- jquery.form
- bootstrap3
- clipboard復制
- slideout側滑
- imagehover.css圖片懸停動畫
- webpack打包
- Bulma UI框架
- store 客戶端存儲
- lottie動畫創建庫
- sweetalert
- js自定義函數
- 常見JSSDK
- 微信公眾號JSSDK
- 騰訊地圖jssdk
- 微信小程序
- 第四章 編程語言
- markdown語言
- Dart語言
- Dart語言基礎
- Flutter框架
- Lua語言
- 字符串,數組,表
- 自定義方法
- go語言
- 第1.1語言基本語法
- 第1.2流程控制
- 第1.3函數
- 第1.4結構體
- 第1.5接口
- 第1.6包
- go語言框架Gin
- CSS3語言
- CSS與CSS3
- 選擇符
- 屬性
- css3
- loading動畫
- HTML5語言
- less
- sass
- C#
- 基礎知識
- 函數
- 第五章 開發工具
- git
- nginx/apache服務器
- Linux常用操作
- crontab定時任務
- 注冊表與cmd
- 阿里云ECS
- frp穿透和ssl續期
- 寶塔安裝
- 樹莓派
- 瀏覽器模擬
- 火狐/chrome常用插件
- WSL安裝使用
- mac brew和終端命令
- win10相關