背景配置

frpc.toml

transport.protocol = "tcp"
transport.tls.enable = true
transport.tls.disableCustomTLSFirstByte = true


[[proxies]]
name = "http"
type = "tcp"
localIP = "127.0.0.1"
localPort = 8787
remotePort = 7501
transport.useEncryption = true
transport.useCompression = true

然后宝塔反向代理127.0.0.1:7501
部分路由可以访问 部分路由提示

Forbidden for ip(xxxx) and host(frp.xxx.com)

解决方法:

location ^~ / {  
proxy_pass http://127.0.0.1:7501;  
# 注释掉以下行,避免传递真实客户端 IP  
# proxy_set_header X-Real-IP $remote_addr;  
# proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;  
# 或者将 X-Real-IP 改为 127.0.0.1  
proxy_set_header X-Real-IP 127.0.0.1;  
proxy_set_header Host $http_host;  
proxy_set_header X-Real-Port $remote_port;  
proxy_set_header X-Forwarded-Proto $scheme;  
proxy_set_header X-Forwarded-Host $host;  
proxy_set_header X-Forwarded-Port $server_port;  
proxy_set_header REMOTE-HOST $remote_addr;  
proxy_connect_timeout60s;  
proxy_send_timeout600s;  
proxy_read_timeout600s;  
proxy_http_version1.1;  
proxy_set_header Upgrade $http_upgrade;  
proxy_set_header Connection $connection_upgrade;  
}
Last modification:February 2, 2026
© Allow specification reprint
如果觉得我的文章对你有用,请随意赞赏