升级过程
阿里云一直在报错提示有一个nginx漏洞。Nginx HTTP/2和mp4模块远程拒绝服务漏洞
创建文件 /etc/yum.repo.d/nginx.repo
[nginx]
name=nginx repo
baseurl=http://nginx.org/packages/mainline/centos/7/$basearch/
gpgcheck=0
enabled=1
如果是RHEL则如下内容
[nginx]
name=nginx repo
baseurl=http://nginx.org/packages/mainline/rhel/7/$basearch/
gpgcheck=0
enabled=1
再执行 yum update nginx
即可,升级之后,再重新启动nginx。
报错
nginx: [warn] the "ssl" directive is deprecated, use the "listen ... ssl" directive instead in /etc/nginx/vhost/site1.conf:14
nginx: [warn] the "ssl" directive is deprecated, use the "listen ... ssl" directive instead in /etc/nginx/vhost/pma.conf:26
移除 ssl on
在 listen 443 http2 ssl
加入即可。nginx 1.17 比 nginx1.12配置更清晰。
状态
[root@f2 vhost]# systemctl status nginx
● nginx.service - nginx - high performance web server
Loaded: loaded (/usr/lib/systemd/system/nginx.service; enabled; vendor preset: disabled)
Active: active (running) since Tue 2019-05-21 11:14:47 CST; 2 months 9 days ago
Docs: http://nginx.org/en/docs/
Main PID: 9408 (nginx)
CGroup: /system.slice/nginx.service
├─ 9408 nginx: master process /usr/sbin/nginx
├─ 9410 nginx: worker process is shutting down
├─30376 nginx: worker process
└─30377 nginx: worker process
May 21 11:14:47 fl2 systemd[1]: Starting The nginx HTTP and reverse proxy server...
May 21 11:14:47 fl2 nginx[15219]: nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
May 21 11:14:47 fl2 nginx[15219]: nginx: configuration file /etc/nginx/nginx.conf test is successful
May 21 11:14:47 fl2 systemd[1]: Started The nginx HTTP and reverse proxy server.
参考:https://www.prado.lt/5-minute-upgrade-nginx-1-12-to-1-17-on-centos-7-rhel-7