Proxy模块,用于把请求后抛给服务器节点或upstream服务器池
常用配置,具体看手册
请求头传递
proxy_redirect off ;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header REMOTE-HOST $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
client_max_body_size 50m;
client_body_buffer_size 256k;
proxy_connect_timeout 30;
proxy_send_timeout 30;
proxy_read_timeout 60;
proxy_buffer_size 256k;
proxy_buffers 4 256k;
proxy_busy_buffers_size 256k;
proxy_temp_file_write_size 256k;
proxy_max_temp_file_size 128m;
proxy_pass http://nginx.23673.com;
user root;
worker_processes 1;
#跟cpu核数一致
#error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
#pid logs/nginx.pid;
events {
worker_connections 1024;
}
http {
#limit_req_zone 113.246.155.223 zone=one:1m rate=1r/s;
include mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
#access_log /usr/local/nginx/logs/access.log main;
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 65;
#gzip on;
#include /usr/local/nginx/conf/default/*.conf;
#判断客户端地址是否在白名单列表,如果在返回0在白名单列表,否则返回1
geo $white {
default 1;
#include '/conf/ip.conf';
127.0.0.1/32 0;
192.168.1.0/24 0;
}
#如果满足条件返回二进制ip地址
map $white $limit {
1 $binary_remote_addr;
0 "";
}
limit_req_zone $limit zone=two:10m rate=1r/s;
limit_req_status 503;
limit_req_log_level info;
#设置缓存目录
proxy_cache_path /usr/local/nginx/cache levels=1:2 keys_zone=my_cache:10m max_size=1g inactive=10s use_temp_path=off;
server {
listen 80;
server_name nginx.23673.com;
access_log /usr/local/nginx/logs/$host main;
set $test "server.log";
gzip on;
gzip_comp_level 6;
gzip_types application/javascript text/css;
location ~ \.php$ {
proxy_http_version 1.1;
proxy_pass https://www.jd.com;
#请求头设置
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header connection keep-alive;
proxy_set_header REMOTE-HOST $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
#时间设置
proxy_connect_timeout 30;
proxy_send_timeout 30;
proxy_read_timeout 60;
proxy_cache my_cache; #开启缓存了
proxy_cache_valid 200 302 10m; #不同的响应头设置不同缓存时间
proxy_cache_valid 404 1m;
#proxy_hide_header
}
location / {
#limit_req zone=one burst=3 nodelay;
root /www;
#limit_req zone=two;
#default_type text/html;
#return 200 "$limit";
index nginx.23673.html index.htm;
}
#~* \.(gif|jpeg|jpg|mp3)$
#location ^~ /img/ {
# alias /www/img/;
#alias /www/img/1.jpg 正则匹配出完整路径
# expires 10s;
# access_log off;
#}
#正则匹配的形式
location ~* (.*)(\.gif|jpeg|jpg|mp3)$ {
alias /www/img/$1$2;
#alias /www/img/1.jpg 正则匹配出完整路径
expires 10s;
access_log off;
}
# server_name_in_redirect off;
location /if {
#if ( $http_user_agent ~* (mobile|nokia|iphone|ipad|android|samsung|htc|blackberry) ) {
# rewrite ^(.*) http://peter.23673.com$1 permanent;
#}
#匹配文件不存在
#if (!-e $request_filename) {
#proxy_pass http://127.0.0.1:9501;
#}
}
#隐藏index.php xxxx/api/public/index.php -> xxxx/api/aa/bb
location /api {
#匹配文件不存在
#if (!-e $request_filename) {
#}
#rewrite ^/api/(.*)$ /api/public/index.html/$1 break;
#框架根据请求地址,路由
#rewrite ^/api/(.*)$ /abc/public/index.html/$1 last; 隐藏了真实的路径
}
location /abc/ {
root /www;
}
location /ecshop {
root /www;
#商品页面
# /ecshop/goods-3.html ---->/ecshop/goods.php?id=3
rewrite goods-(\d+)\.html$ /ecshop/goods.php?id=$1 break;
# 栏目页面
#/ecshop/category-2-b1.html -> /ecshop/category.php?id=3&brand=1
}
#location ~.*\.(sql|log|txt|jar|war|sh|py|php) {
# deny all;
#}
location /test {
root /www;
allow 47.98.147.49;
deny 192.168.1.0/24;
deny 113.246.155.223;
deny all;
#index nginx.23673.html index.htm;
}
#location ^~ /test {
# default_type text/html;
# return 200 'test';
#}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
}