一、nginx的网页重写
调整用户浏览的URL,看起来规范 合乎开发及产品人员的需求;为了让搜索引擎收录网站内容,让用户体验更好企业会将动态URL地址伪装成静态地址提供服务,网站更换新域名后,例如,访问京东的360buy.com会跳转到jd.com,根据特殊的变量、目录、客户端信息进行跳转;URL重写有利于网站首选域的确定,对于同一资源页面多条路径的301重定向有助于URL权重的集中
1. 网页的重写
vim /usr/local/nginx/conf/nginx.conf
server {
listen 80;
server_name www.westos.org;
rewrite ^/(.*)$ https://www.westos.org/$1;
}
}
systemctl restart nginx
在测试机中测试
输入curl -I www.westos.org网页会自动跳转到https://www.westos.org
curl -I www.westos.org
2. 不同域名的重写
方法一:
在server1中编写不同域名的重写规则
vim /usr/local/nginx/conf/nginx.conf
server {
listen 80;
server_name www.westos.org;
#rewrite ^/(.*)$ https://www.westos.org/$1;
rewrite ^/bbs$ https://bbs.westos.org permanent;
rewrite ^/bbs/(.*)$ http://bbs.westos.org/$1 permanent;
}
server {
listen 80;
server_name bbs.westos.org;
location / {
root /bbs;
index index.html;
}
}
systemctl reload nginx
在测试机中的本地解析文件中写入解析
vim /etc/hosts
172.25.31.1 server1 server1.example.org www.westos.org bbs.westos.org
访问不同域名的网页,观察网页是否重写
curl bbs.westos.org
curl -I www.westos.org/bbs
curl -I www.westos.org/bbs/index.html
方法二:
将方法一中的设置注释,然后继续写网页重写规则
vim /usr/local/nginx/conf/nginx.conf
server {
listen 80;
server_name www.westos.org bbs.westos.org;
#rewrite ^/(.*)$ https://www.westos.org/$1;
rewrite ^/bbs$ https://bbs.westos.org permanent;
rewrite ^/bbs/(.*)$ http://bbs.westos.org/$1 permanent;
if ($host = "bbs.westos.org") {
rewrite ^/(.*)$ http://www.westos.org/$1 permanent;
}
location / {
root /web;
index index.html;
}
}
systemctl reload nginx
在测试机进行测试
curl -I bbs.westos.org
curl -I bbs.westos.org/index.html
二、盗链和反倒链
1. 盗链的实现
server1中注释掉网页重写内容
vim /usr/local/nginx/conf/nginx.conf
systemctl reload nginx
设置好配置文件,我们需要在server1的/web目录下放入图片
server2的配置文件设置需要盗链的网页
vim /usr/local/nginx/conf/nginx.conf
server {
listen 80;
server_name daolian.westos.com;
charset utf-8;
location / {
root /web;
index index.html;
}
}
在server2中编写盗链网页
vim /web/index.html
<html>
<body>
<br>盗链图片</br>
<img src="http://www.westos.org/vim.jpg">
</body>
</html>
在测试机中设置server2的解析
vim /etc/hosts
172.25.31.2 server2 daolian.westos.org
测试:
在网页中直接输入域名daolian.westos.org,我们可以看到server1中的图片
2. 反倒链
在server1中设置反盗链规则
location / {
root /web;
index index.html;
}
location ~* \.(gif|jpg|png|jpeg)$ {
root /web;
valid_referers none blocked www.westos.org;
if ($invalid_referer) {
return 403; #如果不合法则返回错误信息403
}
}
}
systemctl reload nginx
测试:在网页中输入daolian.westos.org观察
三、openrestry做反向代理
下载openrestry软件,对该软件进行解压和编译
tar zxf openresty-1.15.8.1.tar.gz
cd openresty-1.15.8.1/
./configure --prefix=/usr/local/openresty
gmake && gmake install
解压和编译
安装软件
将nginx配置文件中的实验设置注释掉,写入新的配置信息
vim /usr/local/nginx/conf/nginx.conf
http {
upstream westos {
server 127.0.0.1:8080;
}
proxy_cache_path /tmp/nginxcache levels=1:2 keys_zone=my_cache:10m max_size=10g inactive=60m use_temp_path=off;
server {
listen 80;
server_name www.westos.org;
location / {
proxy_set_header Host $host;
proxy_set_header X-Real_IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_cache my_cache;
proxy_cache_key $host$uri$is_args$args;
proxy_cache_valid 200 304 302 1d;
proxy_pass http://westos;
}
}
}
systemctl reload nginx
#设置本地解析
vim /etc/hosts
172.25.65.1 www.westos.org
curl -I www.westos.org #关闭前访问
systemctl stop nginx
curl -I www.westos.org #关闭后访问,可以看出有缓存
四、openresty+nginx实现监控统计功能
#实验准备
goaccess-1.3.tar.gz
GeoIP-devel-1.5.0-11.el7.x86_64.rpm
#安装和解压软件
yum install -y GeoIP-devel-1.5.0-11.el7.x86_64.rpm
tar zxf goaccess-1.3.tar.gz
#编译和安装
cd goaccess-1.3
./configure --prefix=/usr/local/goaccess --enable-utf8 --enable-geoip=legacy --with-openssl
make && make install
#制作软连接
/usr/local/openresty/nginx/sbin/nginx -s stop
cd /usr/local/goaccess/bin
ln -s /usr/local/goaccess/bin/goaccess /usr/bin
#配置服务
cd /usr/local/nginx/logs
goaccess access.log -o ../html/report.html --real-time-html --time-format='%H:%M:%S' --date-format='%d/%b/%Y' --log-format=COMBINED
#在开启一个shell连接该主机
vim /usr/local/nginx/conf/nginx.conf
server {
listen 8080;
server_name localhost;
}
location /report.html {
alias /usr/local/nginx/html/report.html;
}
systemctl reload nginx
#测试
http://172.25.65.1:8080/report.html