clean up nginx.conf

All-in-One-fallbacks-Nginx/nginx.conf

@@ -1,3 +1,4 @@
+# Restrict access to the website by IP or wrong domain name) and return 400
 server {
     listen unix:/dev/shm/h1.sock proxy_protocol default_server;
     listen unix:/dev/shm/h2c.sock http2 proxy_protocol default_server;
@@ -5,7 +6,7 @@ server {
     real_ip_header proxy_protocol;
     server_name _;
     return 400;
-} #Restrict domain name access (prohibit access to the website by IP) and return 400
+}
 
 # HTTP1 UDS listener
 server {
@@ -15,7 +16,7 @@ server {
     server_name example.com behindcdn.com; # Change to your own domain name(s)
 
     location / {
-        add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always; #启用HSTS
+        add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always; # enable HSTS
         root /var/www/html; # Modify to the path of the WEB file stored by yourself (check the permissions)
         index index.html index.htm;
     }
@@ -33,10 +34,18 @@ server {
     grpc_send_timeout 1h;
     grpc_set_header X-Real-IP $remote_addr;
 
+    # Decoy website
+    location / {
+        add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always; # enable HSTS
+        root /var/www/html; # Modify to the path of the WEB file stored by yourself (check the permissions)
+        index index.html index.htm;
+    }
+
     location /trgrpc { #corresponds to serviceName in trojan-grpc config of xray
+        # POST returns 404 when negotiation fails
         if ($request_method != "POST") {
             return 404;
-        } #POST returns 404 when negotiation fails
+        }
         client_body_buffer_size 1m;
         client_body_timeout 1h;
         client_max_body_size 0;
@@ -45,9 +54,10 @@ server {
     }
 
     location /vlgrpc { # corresponds to serviceName in vless-grpc config of xray
+        # return 404 if HTTP Method is not POST
         if ($request_method != "POST") {
             return 404;
-        } #POST returns 404 when negotiation fails
+        }
         client_body_buffer_size 1m;
         client_body_timeout 1h;
         client_max_body_size 0;
@@ -56,9 +66,10 @@ server {
     }
 
     location /vmgrpc { # corresponds to serviceName in vmess-grpc config of xray
+        # return 404 if HTTP Method is not POST
         if ($request_method != "POST") {
             return 404;
-        } #POST returns 404 when negotiation fails
+        }
         client_body_buffer_size 1m;
         client_body_timeout 1h;
         client_max_body_size 0;
@@ -67,19 +78,13 @@ server {
     }
     
     location /ssgrpc { # corresponds to serviceName in shadowsocks-grpc config of xray
+        # return 404 if HTTP Method is not POST
         if ($request_method != "POST") {
             return 404;
-        } #POST returns 404 when negotiation fails
+        }
         client_body_buffer_size 1m;
         client_body_timeout 1h;
         client_max_body_size 0;
         grpc_pass grpc://127.0.0.1:3004;
     }
-
-    # Decoy website
-    location / {
-        add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always; #HSTS
-        root /var/www/html; # Modify to the path of the WEB file stored by yourself (check the permissions)
-        index index.html index.htm;
-    }
 }