In the previous article How To Install BT VPS Control Panel And Restore WordPress Website Into It, I had done the following things.
- Install BT(宝塔) VPS control panel in a Linux VPS.
- Install Nginx server in the above Linux VPS server.
- Create a website in the Nginx server.
- Register a domain point to the website.
- Enable SSL for the website.
- Install v2ray server in the Linux VPS.
- Use the V2RayX client to connect to the v2ray server use the v2ray server port number and IP address.
In this article, I will tell you how to configure Nginx to redirect WebSocket SSL requests to the v2ray server. Because SSL requests will use the 443 port number, then this can simulate SSL requests to a domain website, this is a normal domain SSL request with the normal port number. This kind of request does not have so many characters, so can avoid being blocked.
1. Configure Nginx To Redirect SSL Request To V2ray Server.
- Log in to BT(宝塔) VPS control panel.
- Click the 网站 menu in the left navigation panel.
- Then click the website domain name link in the right website list panel.
- Click 配置文件 menu in the popup 站点修改 window left side.
- Then copy the below code at the end of the right Nginx settings text area. Please remember the location parameter’s value /MicroCode ( you can set it as anything that you want), it is the client SSL request URL path. The proxy_pass parameter’s value is the v2ray access URL with port number ( use your v2ray port number to replace the below example port number ).
access_log /www/wwwlogs/health-is-easy.website.log; error_log /www/wwwlogs/health-is-easy.website.error.log; # Remember this location path, this path will be configured in v2ray client software. location /MicroCode { proxy_redirect off; # Below is the v2ray server access url. proxy_pass http://127.0.0.1:18239; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; proxy_set_header Host $http_host; }
2. Configure V2ray Server Add streamSettings Configuration Data In /etc/v2ray/config.json File.
If you are not familiar with v2ray server configuration, please read the article How To Install V2ray On Amazon EC2 And Google Cloud Ubuntu Linux first.
- Run command sudo vim /etc/v2ray/config.json in a terminal to edit v2ray server configuration file.
- Add streamSettings configuration in inbounds settings. Please see below configuration text. The “streamSettings” —> “network” value is “ws”, the “streamSettings” —> “wsSettings” —> “path” value ( /MicroCode ) is the path value that you configured in Nginx server configuration file. In vim, press esc, i key in keyboard to begin insert text, press esc, :wq! in keyboard to save and exit.
{ "inbounds": [{ "port": 18239, "protocol": "vmess", "settings": { "clients": [ { "id": "1a*****-******-*******-*****", "level": 1, "alterId": 64 } ] }, "streamSettings": { "network": "ws", "wsSettings": { "path": "/MicroCode" // This path should be same with NGINX settings. } } }], "outbounds": [{ "protocol": "freedom", "settings": {} },{ "protocol": "blackhole", "settings": {}, "tag": "blocked" }], "routing": { "rules": [ { "type": "field", "ip": ["geoip:private"], "outboundTag": "blocked" } ] } }
- Now restart v2ray with command sudo systemctl restart v2ray.
3. Change V2ray Client Tool V2ray Server Configuration.
- I use V2RayX as a v2ray client tool. Click V2RayX icon —> Configure… menu item, then it will pop up the V2RayX configuration dialog.
- Select one v2ray server in the left VMess Servers list, then input the website domain name in the Address text box. The port number is 443. Do not forget to open the 443 port number in your Linux VPS server firewall ( amazon AWS or google cloud ). Select ws in the Network drop-down list.
- Click the transport settings… button which locates before Network drop-down list in the above window. Then click the WebSocket tab in the popup dialog, input the Nginx configuration’s location value ( /MicroCode ) in the path text box. Input “Host”:”your-website-domain-name” in the “headers” text area.
- Click the TLS tab, check the Use TLS checkbox, input your website domain name in the TLS serverName text box. Click the OK button to save the settings.
- Now when you connect to the v2ray server, the v2ray client will send an SSL request to server 443 port, and the website server will redirect the request to the v2ray server.
4. How To Fix Can Not Access Internet Through V2ray Server.
- You can refer to the article How To Debug V2ray Access Error Using V2ray Log.