Shulou(Shulou.com)05/31 Report--

This article mainly introduces Frp to do intranet penetration to visit the home Web website, the article is very detailed, has a certain reference value, interested friends must read it!

Frp do intranet penetration visit home Web website frp do intranet penetration visit home Web website

Server-side configuration

Refer to the previous article and add a "vhost_http_port" parameter to the previous article to receive HTTP requests. Firewall or pagoda panel on the server side, release the port used by frp. It needs to be noted that on the server side of the demonstration here, I used nginx to listen on port 80 and forward the access from the domain name to port 8080 used by frps. Of course, you can also directly let frps use port 80.

[common] bind_addr=0.0.0.0 bind_port = 7000 vhost_http_port = 8080 token=12310086 dashboard_port = 7500 dashboard_user = admin dashboard_pwd = admin123

Perform modified files with frps

. / frps-c frps.ini

Settings of machines that provide Web services in the intranet

The intranet provides the following settings for the machine on the web side

[common] server_addr = server IP server_port = 7000 token=12310086 [http] # connection name is set at will, type = http local_ip = 127.0.0.1 local_port = 80 use_encryption = false use_compression = true custom_domains = frp.xxxx.cn # your domain name

Description

"use_encryption" whether to enable encryption, I choose not to enable here, can be enabled according to the situation.

"use_compression" whether to compress data, compressed transmission speed will be faster, self-test how much faster.

"custom_domains" is a bound access domain name and must be set. If not, frpc cannot be started.

. / frpc-c frpc.ini

When the frpc is connected to the frps, there will be feedback on the FPS side and a new connection can be seen in the panel.

Then the bound domain name is resolved to the server-side ip, and the domain name can be used to access the private network machine. Frps will have a connection prompt when you visit.

If frpc does not start, the following error will be reported.

access control

If you want to add a layer of access control, add "http_user" and "http_pwd" parameters to the http service configuration for frpc.ini:

Http_user = admin http_pwd = admin [common] server_addr = server IP server_port = 7000 token=12310086 [http] # connection name is set at will, type = http local_ip = 127.0.0.1 local_port = 80 use_encryption = false use_compression = true http_user = admin http_pwd = admin custom_domains = frp.xxxx.cn # your domain name

Execution process

Port 80 on the intranet side runs the website.

The frpc on the intranet side reads the configuration and forwards port 80 of the intranet machine to port 8080 on the server side.

Port 80 is monitored with nginx on the server side, and the access request from the domain name is forwarded to port 8080 monitored by frps.

The port 8080 of the server forwards the request to port 80 of the intranet.

In this way, the horizontal jump is repeated, and the web service of the internal network is accessed through the external network.

Matters needing attention

Although the server-side frps is listening on port 8080, direct access to the public network IP:8080 is invalid.

If you need to bind multiple domain names to the same private network service, add other domain names to "custom_domains" in English.

The https certificate can be configured on the nginx on the server side or on the intranet side using the frp plug-in

His other

If only one domain name is needed for the whole process of the frp anti-substitution website, and different services correspond to different secondary domain names, frps adds a "subdomain_host" parameter, parameter values fill in domain names without prefixes, frpc adds a "subdomain" parameter, and parameter values only enter domain name prefixes. For example, if we want to access frp.example.com and tomcat.example.com, both domain names are resolved to the public network server

Frps.ini

[common] bind_addr=0.0.0.0 bind_port = 7000 vhost_http_port = 8080 token=12310086 dashboard_port = 7500 dashboard_user = admin dashboard_pwd = admin123 subdomain_host= example.com

Frpc.ini

[common] server_addr = 103.255.61.100 server_port = 7000 token=12310086 [http] type = http local_ip = 127.0.0.1 local_port = 80 use_encryption = false use_compression = true subdomain = frp [tomecat] type = http local_ip = 127.0.0.1 local_port = 8080 use_encryption = false use_compression = true subdomain = tomcat above are all the contents of the article "Frp do intranet penetration to visit the Web website at home". Thank you for reading! Hope to share the content to help you, more related knowledge, welcome to follow the industry information channel!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.