github-starred/frp
2
0
Fork 0
mirror of https://github.com/fatedier/frp.git synced 2026-05-15 16:15:49 -06:00
Code Issues 40 Projects Packages Wiki Activity Actions 1

[GH-ISSUE #2254] proxy_protocol + nginx = broken header? #1792

New issue
Closed
opened 2026-05-05 13:09:32 -06:00 by gitea-mirror · 3 comments
gitea-mirror commented 2026-05-05 13:09:32 -06:00
Owner
Copy link

Originally created by @RockyLOMO on GitHub (Feb 22, 2021).
Original GitHub issue: https://github.com/fatedier/frp/issues/2254

[REQUIRED] hat version of frp are you using

Version: 0.35.1

[REQUIRED] What operating system and processor architecture are you using
OS: windows 10
CPU architecture: amd64

[REQUIRED] description of errors
client -> frps -> [frpc -> nginx(windows v1.18.0)] -> web server

proxy_protocol_version = v2
nginx error

*182 broken header: "  ü³򎫥ZW뇝ş½h՘!¾I«r1³D¿) +šXu÷+U¹>§!°Bzg°)$ú ~¾‹|‡Ž›• "

À+À/À,À0̨̩ÀÀ œ  /" while reading PROXY protocol, client: 127.0.0.1, server: 0.0.0.0:443

confile

frpc

[web-1]
type = http
local_ip = 127.0.0.1
local_port = 80
custom_domains = xx.cn
[web-2]
type = https
local_ip = 127.0.0.1
local_port = 443
custom_domains = xx.cn
proxy_protocol_version = v2

nginx

server {
    listen 443 ssl http2 proxy_protocol;
    set_real_ip_from 127.0.0.1;
    real_ip_header proxy_protocol;
    real_ip_recursive on;
    server_name xx.cn;
	
    ssl_certificate .xx.pem;
    ssl_certificate_key xx.key;
    ssl_session_cache  builtin:1000  shared:SSL:10m;
    ssl_session_timeout 5m;
    ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
    ssl_prefer_server_ciphers on;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_verify_client off;

proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $proxy_connection;
proxy_set_header X-Forwarded-Host $the_host;
proxy_set_header X-Forwarded-Proto $the_scheme;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Real-IP $remote_addr;

    add_header Strict-Transport-Security max-age=31536000;
    add_header X-Content-Type-Options nosniff;

    location / {
        proxy_pass http://xx;
    }
}

log file

Steps to reproduce the issue
1.
2.
3.

Supplementary information

Can you guess what caused this issue

Checklist:

  • [] I included all information required in the sections above
  • [] I made sure there are no duplicates of this report (Use Search)
Originally created by @RockyLOMO on GitHub (Feb 22, 2021). Original GitHub issue: https://github.com/fatedier/frp/issues/2254 <!-- From Chinese to English by machine translation, welcome to revise and polish. --> <!-- ⚠️⚠️ Incomplete reports will be marked as invalid, and closed, with few exceptions ⚠️⚠️ --> <!-- in addition, please use search well so that the same solution can be found in the feedback, we will close it directly --> <!-- for convenience of differentiation, use FRPS or FRPC to refer to the FRP server or client --> **[REQUIRED] hat version of frp are you using** <!-- Use ./frpc -v or ./frps -v --> Version: 0.35.1 **[REQUIRED] What operating system and processor architecture are you using** OS: windows 10 CPU architecture: amd64 **[REQUIRED] description of errors** client -> frps -> [frpc -> nginx(windows v1.18.0)] -> web server proxy_protocol_version = v2 nginx error ``` *182 broken header: "  ü³򎫥ZW뇝ş½h՘!¾I«r1³D¿) +šXu÷+U¹>§!°Bzg°)$ú ~¾‹|‡Ž›• " À+À/À,À0̨̩ÀÀ œ  /" while reading PROXY protocol, client: 127.0.0.1, server: 0.0.0.0:443 ``` **confile** <!-- Please pay attention to hiding the token, server_addr and other privacy information --> frpc ``` [web-1] type = http local_ip = 127.0.0.1 local_port = 80 custom_domains = xx.cn [web-2] type = https local_ip = 127.0.0.1 local_port = 443 custom_domains = xx.cn proxy_protocol_version = v2 ``` nginx ``` server { listen 443 ssl http2 proxy_protocol; set_real_ip_from 127.0.0.1; real_ip_header proxy_protocol; real_ip_recursive on; server_name xx.cn; ssl_certificate .xx.pem; ssl_certificate_key xx.key; ssl_session_cache builtin:1000 shared:SSL:10m; ssl_session_timeout 5m; ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; ssl_prefer_server_ciphers on; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_verify_client off; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $proxy_connection; proxy_set_header X-Forwarded-Host $the_host; proxy_set_header X-Forwarded-Proto $the_scheme; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Real-IP $remote_addr; add_header Strict-Transport-Security max-age=31536000; add_header X-Content-Type-Options nosniff; location / { proxy_pass http://xx; } } ``` **log file** <!-- If the file is too large, use Pastebin, for example https://pastebin.ubuntu.com/ --> **Steps to reproduce the issue** 1. 2. 3. **Supplementary information** **Can you guess what caused this issue** **Checklist**: <!--- Make sure you've completed the following steps (put an "X" between of brackets): --> - [] I included all information required in the sections above - [] I made sure there are no duplicates of this report [(Use Search)](https://github.com/fatedier/frp/issues?q=is%3Aissue)
gitea-mirror commented 2026-05-05 13:09:35 -06:00
Author
Owner
Copy link

@RockyLOMO commented on GitHub (Feb 22, 2021):

个人配置问题, 有效!

<!-- gh-comment-id:783247438 --> @RockyLOMO commented on GitHub (Feb 22, 2021): 个人配置问题, 有效!
gitea-mirror commented 2026-05-05 13:09:35 -06:00
Author
Owner
Copy link

@smallfish01 commented on GitHub (Mar 18, 2022):

您好,我也碰到了同样的问题,请问您是如何解决的?

谢谢!

<!-- gh-comment-id:1072070573 --> @smallfish01 commented on GitHub (Mar 18, 2022): 您好,我也碰到了同样的问题,请问您是如何解决的? 谢谢!
gitea-mirror commented 2026-05-05 13:09:36 -06:00
Author
Owner
Copy link

@peaceanddemocracy commented on GitHub (May 30, 2022):

我这边启用了proxy_protocol之后直接显示404报错,不知道要怎么搞

<!-- gh-comment-id:1141105334 --> @peaceanddemocracy commented on GitHub (May 30, 2022): 我这边启用了proxy_protocol之后直接显示404报错,不知道要怎么搞
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
dev
new
master
copilot/review-pull-request-5198
v0.68.1
v0.68.0
v0.67.0
v0.66.0
v0.65.0
v0.64.0
v0.63.0
v0.62.1
v0.62.0
v0.61.2
v0.61.1
v0.61.0
v0.60.0
v0.59.0
v0.58.1
v0.58.0
v0.57.0
v0.56.0
v0.55.1
v0.55.0
v0.54.0
v0.53.2
v0.53.1
v0.53.0
v0.52.3
v0.52.2
v0.52.1
v0.52.0
v0.51.3
v0.51.2
v0.51.1
v0.51.0
v0.50.0
v0.49.0
v0.48.0
v0.47.0
v0.46.1
v0.46.0
v0.45.0
v0.44.0
v0.43.0
v0.42.0
v0.41.0
v0.40.0
v0.39.1
v0.39.0
v0.38.0
v0.37.1
v0.37.0
v0.36.2
v0.36.1
v0.36.0
v0.35.1
v0.35.0
v0.34.3
v0.34.2
v0.34.1
v0.34.0
v0.33.0
v0.32.1
v0.32.0
v0.31.2
v0.31.1
v0.31.0
v0.30.0
v0.29.1
v0.29.0
v0.28.2
v0.28.1
v0.28.0
v0.27.1
v0.27.0
v0.26.0
v0.25.3
v0.25.2
v0.25.1
v0.25.0
v0.24.1
v0.24.0
v0.23.3
v0.23.2
v0.23.1
v0.23.0
v0.22.0
v0.21.0
v0.20.0
v0.19.1
v0.19.0
v0.18.0
v0.17.0
v0.16.1
v0.16.0
v0.15.1
v0.15.0
v0.14.1
v0.14.0
v0.13.0
v0.12.0
v0.11.0
v0.10.0
v0.9.3
v0.9.2
v0.9.1
v0.9.0
v0.8.1
v0.8.0
v0.7.0
v0.6.0
v0.5.0
v0.3.0
v0.2.0
v0.1.0
Labels
Clear labels   
In Progress

   
WIP

   
WaitingForInfo

   
bug

   
doc

   
duplicate

   
easy

   
enhancement

   
future

   
help wanted

   
invalid

   
lifecycle/stale

   
need-issue-template

   
need-usage-help

   
no plan

   
proposal

   
pull-request

Mirrored from GitHub Pull Request

  
question

   
todo
No labels
In Progress
WIP
WaitingForInfo
bug
doc
duplicate
easy
enhancement
future
help wanted
invalid
lifecycle/stale
need-issue-template
need-usage-help
no plan
proposal
pull-request
question
todo
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/frp#1792
No description provided.
Delete branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?