@hhjmk 你的博客写旁路接入,具体怎么搞?
下载雷池的安装脚本,打开,找到compose的链接把他下载下来,然后把有关tengine的东西全删掉,再去1p里找到openresty,装的时候带上t1k的编译参数,最后在nginx主配置文件里加上t1k的配置就行了
能够说清楚点或者描述一下方向吗
被宝塔开心版惯坏了(
根据这里手写 .env
docker compose up -d
- /data/safeline/resources/detector:/resources/detector
entrypoint:
- /bin/sh
- -c
- |
luarocks install lua-resty-t1k --server https://luarocks.cn
ln -s /usr/local/openresty/luajit/share/lua/5.1/resty/* /usr/local/openresty/lualib/resty/
/usr/local/openresty/bin/openresty -g "daemon off;"
创建一个/你的1p安装目录/1panel/apps/openresty/openresty/www/common/t1k.conf
,加进去:
access_by_lua_block {
local t1k = require "resty.t1k"
local t = {
mode = "block",
host = "unix:/resources/detector/snserver.sock",
port = 8000,
connect_timeout = 1000,
send_timeout = 1000,
read_timeout = 1000,
req_body_size = 1024,
keepalive_size = 256,
keepalive_timeout = 60000,
remote_addr = "http_x_forwarded_for: 1",
}
local ok, err, _ = t1k.do_access(t, true)
if not ok then
ngx.log(ngx.ERR, err)
end
}
header_filter_by_lua_block {
local t1k = require "resty.t1k"
t1k.do_header_filter()
}
如需对静态站点也套上WAF,可以新建t1k_static_stie_location_root.conf
,添加如下内容:
location ~ / {
index index.html index.htm index.php default.php default.htm default.html;
include /www/common/t1k.conf;
}
把他include进你喜欢的地方
1 个赞
1 个赞
既然你看完了我的回复,那买个雷池专业版帮我冲冲业绩吧
限时299一个月,现在购买享以后同价续费
不确定买不买可以找我试用一下专业版,试用直接激活到你的设备上
前提:安装成功(