nginx.conf

http {

    # 隐藏 nginx 版本
    server_tokens off;

    # 限制连接数
    limit_conn_zone $binary_remote_addr zone=conn_limit_per_ip:10m;

    # 请求限速（防爆破）
    limit_req_zone $binary_remote_addr zone=req_limit_per_ip:10m rate=5r/s;

}

conf.d/www.conf

server {

    listen 443 ssl;
    server_name yourdomain.com;

    # SSL 示例
    ssl_certificate /etc/ssl/cert.pem;
    ssl_certificate_key /etc/ssl/key.pem;

    # 安全 header
    add_header X-Frame-Options SAMEORIGIN;
    add_header X-Content-Type-Options nosniff;
    add_header X-XSS-Protection "1; mode=block";

    location /jidejin439h2udenwdh29h489fcuedh2f39/ {
        rewrite ^/jidejin439h2udenwdh29h489fcuedh2f39/(.*)$ /$1 break;
        # 连接限制
        limit_conn conn_limit_per_ip 10;

        # 请求限制
        limit_req zone=req_limit_per_ip burst=10;

        limit_req_status 429;

        # Basic Auth
        auth_basic "Private Server";
        auth_basic_user_file /etc/nginx/.htpasswd;

        proxy_pass http://127.0.0.1:6000;

        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

    }