LNMP---安装Nginx 及其配置

最新推荐文章于 2024-05-03 21:03:37 发布

置顶狙击姐姐的心

最新推荐文章于 2024-05-03 21:03:37 发布

阅读量2.6k

点赞数 6

文章标签： lnmp

本文链接：https://blog.csdn.net/qq_53318005/article/details/114628177

版权

文章目录

安装Nginx

下载
#cd /usr/local/src/
#wget http://nginx.org/download/nginx-1.16.1.tar.gz
解压
# tar zxf nginx-1.16.1.tar.gz
配置安装
#cd nginx-1.16.1/
#./configure --prefix=/usr/local/nginx
#make && make install
#vi /etc/init.d/nginx
#!/bin/bash
#chkconfig: - 30 21
#description: http service.
#Source Function Library
. /etc/init.d/functions
#Nginx Settings
NGINX_SBIN="/usr/local/nginx/sbin/nginx"
NGINX_CONF="/usr/local/nginx/conf/nginx.conf"
NGINX_PID="/usr/local/nginx/logs/nginx.pid"
RETVAL=0
prog=“Nginx”
start()
{
echo -n $ "Starting $prog: "
mkdir -p /dev/shm/nginx_temp
daemon $NGINX_SBIN -c $NGINX_CONF
RETVAL= $?
echo
return $RETVAL
}
stop()
{
echo -n $"Stopping $prog: "
killproc -p $NGINX_PID $NGINX_SBIN -TERM
rm -rf /dev/shm/nginx_temp
RETVAL= $?
echo
return $RETVAL
}
reload()
{
echo -n $"Reloading $prog: "
killproc -p $NGINX_PID $NGINX_SBIN -HUP
RETVAL= $?
echo
return $RETVAL
}
restart()
{
stop
start
}
configtest()
{
$NGINX_SBIN -c $NGINX_CONF -t
return 0
}
case “$1” in
start)
start
;;
stop)
stop
;;
reload)
reload
;;
restart)
restart
;;
configtest)
configtest
;;
*)
echo $“Usage: $0 {start|stop|reload|restart|configtest}”
RETVAL=1
esac
exit $RETVAL
#chmod 755 /etc//init.d/nginx
#chkconfig --add nginx
#chkconfig nginx on
#> /usr/local/nginx/conf/nginx.conf
#vim /usr/local/nginx/conf/nginx.conf
user nobody nobody;
worker_processes 2;
error_log /usr/local/nginx/logs/nginx_error.log crit;
pid /usr/local/nginx/logs/nginx.pid;
worker_rlimit_nofile 51200;
events
{
use epoll;
worker_connections 6000;
}
http
{
include mime.types;
default_type application/octet-stream;
server_names_hash_bucket_size 3526;
server_names_hash_max_size 4096;
log_format combined_realip ‘$remote_addr $http_x_forwarded_for [ $time_local]’
’ $host " $request_uri" $status’
’ " $http_referer" " $http_user_agent"’;
sendfile on;
tcp_nopush on;
keepalive_timeout 30;
client_header_timeout 3m;
client_body_timeout 3m;
send_timeout 3m;
connection_pool_size 256;
client_header_buffer_size 1k;
large_client_header_buffers 8 4k;
request_pool_size 4k;
output_buffers 4 32k;
postpone_output 1460;
client_max_body_size 10m;
client_body_buffer_size 256k;
client_body_temp_path /usr/local/nginx/client_body_temp;
proxy_temp_path /usr/local/nginx/proxy_temp;
fastcgi_temp_path /usr/local/nginx/fastcgi_temp;
fastcgi_intercept_errors on;
tcp_nodelay on;
gzip on;
gzip_min_length 1k;
gzip_buffers 4 8k;
gzip_comp_level 5;
gzip_http_version 1.1;
gzip_types text/plain application/x-javascript text/css text/htm
application/xml;
server
{
listen 80;
server_name localhost;
index index.html index.htm index.php;
root /usr/local/nginx/html;
location ~ .php $
{
include fastcgi_params;
fastcgi_pass unix:/tmp/php-fcgi.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /usr/local/nginx/html $fastcgi_script_name;
}
}
}
#/usr/local/nginx/sbin/nginx -t
#vim /usr/local/nginx/conf/nginx.conf
#/usr/local/nginx/sbin/nginx -t
#service nginx start
#ps aux |grep nginx
测试是否正确解析
#vi /usr/local/nginx/html/2.php

<?php echo "test php scripts"; ?>

#curl localhost/2.php
test php scripts //证明解析成功

Nginx配置

默认虚拟主机

配置
#vi /usr/local/nginx/conf/nginx.conf
//首先修改配置文件
在最后一个结束符号}前加一行配置：
include vhost/*.conf;
意思就是/usr/local/nginx/conf/host下面的所有以.conf结尾的文件都会被加载
#mkdir /usr/local/nginx/conf/vhost
#cd /usr/local/nginx/conf/vhost
#vim default.conf
server
{
listen 80 default_server;
server_name aaa.com;
index index.html index.htm index.php;
root /data/nginx/default;
}
#/usr/local/nginx/sbin/nginx -t
*nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful *
#/usr/local/nginx/sbin/nginx -s reload
mkdir -p /data/nginx/default
#echo “default_server” > /data/nginx/default/index.html
//创建索引页
测试
#curl -x127.0.0.1:80 aaa.com
//访问aaa.com
default_server
#curl -x127.0.0.1:80 1212.com
//访问一个没有定义过的域名，也会访问aaa.com
default_server
测试成功

用户认证

配置
#cd /usr/local/nginx/conf/vhost
#vi test.com.conf
server
{
listen 80;
server_name test.com;
index index.html index.htm index.php;
root /data/nginx/test.com;

location /
{
auth_basic “Auth”;
//打开认证
auth_basic_user_file /usr/local/nginx/conf/htpasswd;
//指定用户密码文件
}
}
#yum install -y httpd
//安装httpd，也可以使用之前编译安装的Apache2.4
下面创建和更新用于基本认证的用户认证密码文件：
#htpasswd -c /usr/local/nginx/conf/htpasswd dongying
#/usr/local/nginx/sbin/nginx -t
#/usr/local/nginx/sbin/nginx -s reload
#mkdir /data/nginx/test.com
#echo “test.com” > /data/nginx/test.com/index.html
测试
#curl -I -x127.0.0.1:80 test.com
状态码401
#curl -udongying:000000 -x127.0.0.1:80 test.com
测试成功
#systemctl stop firewalld
# setenforce 0
//关闭防火墙、selinux
编辑C:\Windows\System32\drivers\etc\hosts文件，添加映射
打开浏览器访问test.com

域名重定向

配置
#vi /usr/local/nginx/conf/vhost/test.com.conf
server
{
listen 80;
server_name test.com test1.com test2.com;
//是server_name后面可以跟多个域名
index index.html index.htm index.php;
root /data/nginx/test.com;

if ($ host != ‘test.com’ ){
rewrite ^(.*)$ http://test.com/$1 permanent;
//permanent为永久重定向，相当于httpd的R=301
}
}
#/usr/local/nginx/sbin/nginx -t
#/usr/local/nginx/sbin/nginx -s reload
测试
#curl -x127.0.0.1:80 test1.com/123.txt -I
测试成功

Nginx的访问日志

配置
先来看看Nginx的日志格式
#grep -A2 log_format /usr/local/nginx/conf/nginx.conf

//combined_realip为日志格式名字， $ remote_addr为网站的用户的出口IP；
// $ http_x_forwarded_for 为代理服务器的IP，如果使用了代理，则会记录IP
// $ time_local为当前时间； $host为主机名； $request_uri为访问的URL地址
// $ status为状态码， $http_referer为referer地址， $http_user_agent为user_agent

修改配置文件
#vi /usr/local/nginx/conf/vhost/test.com.conf
server
{
listen 80;
server_name test.com;
index index.html index.htm index.php;
root /data/nginx/test.com;
if ($host != ‘test.com’ ){
rewrite ^(.*) $ http://test.com/$1 permanent;
}
access_log /tmp/1.log combined_realip;
}
//使用access_log来指定日志的存储路径，最后面为日志的格式名字
#/usr/local/nginx/sbin/nginx -t
#/usr/local/nginx/sbin/nginx -s reload
测试
#curl -x127.0.0.1:80 test.com/111 -I
状态码404
#cat /tmp/1.log
127.0.0.1
测试成功

配置静态文件不记录日志并添加过期时间

配置
#vi /usr/local/nginx/conf/vhost/test.com.conf
server
{
listen 80;
server_name test.com test1.com test2.com;
index index.html index.htm index.php;
root /data/nginx/test.com;
if ( $ host != ‘test.com’ ){
rewrite ^(. * )$ http://test.com/ $ 1 permanent;
}
location ~ .* .(gif|jpg|jpeg|png|bmp|swf)$
{
expires 7d;
access_log off;
}
location ~ .*.(js|css)$
{
expires 12h;
}
access_log /tmp/1.log combined_realip;
}
#/usr/local/nginx/sbin/nginx -t
#echo “11111” > /data/nginx/test.com/1.js
//创建js文件
#echo “22222” > /data/nginx/test.com/2.jpg
//创建jpg文件
#touch /data/nginx/test.com/1.jss
//创建一个对比的文件
测试
#curl -I -x127.0.0.1:80 test.com/1.js
状态码200
#curl -I -x127.0.0.1:80 test.com/2.jpg
状态码200
#curl -I -x127.0.0.1:80 test.com/1.jss
状态码200
#cat /tmp/1.log
查看日志
测试成功

Nginx防盗链

配置
#vi /usr/local/nginx/conf/vhost/test.com.conf
server
{
listen 80;
server_name test.com test1.com test2.com;
index index.html index.htm index.php;
root /data/nginx/test.com;
if ($ host != ‘test.com’ ){
rewrite ^(.* )$ http://test.com/ $ 1 permanent;
}
location ~ . * \ . (gif|jpg|jpeg|png|bmp|swf)$
{
expires 7d;
valid_referers none blocked server_names *.test.com ;
if ($invalid_referer) {
return 403;
//如果来源网址的不是test.com的域名，则返回403
}
access_log /tmp/1.log combined_realip;
}
}
#/usr/local/nginx/sbin/nginx -t
#/usr/local/nginx/sbin/nginx -s reload
# service nginx stop
# service nginx start
测试
#curl -x127.0.0.1:80 -e “http://test.com/1.txt” test.com/2.jpg -I
状态码200
#curl -x127.0.0.1:80 -e “http://aaa.com/1.txt” test.com/2.jpg -I
状态码403
测试成功

在这里插入图片描述

访问控制

配置
#vi /usr/local/nginx/conf/vhost/test.com.conf
server
{
listen 80;
server_name test.com test1.com test2.com;
index index.html index.htm index.php;
root /data/nginx/test.com;
location /admin/
{
allow 192.168.63.139;
allow 127.0.0.1;
deny all;
}
}
//使访问admin目录下只允许192.168.63.139和127.0.0.1访问
# /usr/local/nginx/sbin/nginx -t
# /usr/local/nginx/sbin/nginx -s reload
#mkdir /data/nginx/test.com/admin
#echo “123” > /data/nginx/test.com/admin/1.html
测试
#curl -x127.0.0.1:80 test.com/admin/1.html
123
在vmware中给虚拟机添加一块网卡，设置为仅主机模式，查看IP，使用IP为请求代理，访问test.com/admin/1.html
#curl -x192.168.188.128:80 test.com/admin/1.html -I
状态码403
测试成功

在这里插入图片描述

Nginx解析PHP

配置
#vi /usr/local/nginx/conf/vhost/test.com.conf
server
{
listen 80;
server_name test.com test1.com test2.com;
index index.html index.htm index.php;
root /data/nginx/test.com;
if ( $ host != ‘test.com’ ) {
rewrite ^/(.*)$ http://test.com/ $ 1 permanent;
}
location ~ .php$
{
include fastcgi_params;
fastcgi_pass unix:/tmp/php-fcgi.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /data/nginx/test.com$fastcgi_script_name;
}
access_log /tmp/1.log combined_realip;
}
//fastcgi_pass用来指定php-fpm的地址
# vim /data/nginx/test.com/3.php

<?php phpinfo(); ?>

# curl -x192.168.248.128:80 test.com/3.php

<?php phpinfo(); ?>

重新加载nginx
# /usr/local/nginx/sbin/nginx -t
# /usr/local/nginx/sbin/nginx -s reload
# curl -x192.168.248.128:80 test.com/3.php
状态码502；

狙击姐姐的心

关注

6
点赞
踩
7

收藏

觉得还不错? 一键收藏
7
评论
LNMP---安装Nginx 及其配置

文章目录安装NginxNginx配置默认虚拟主机用户认证域名重定向Nginx的访问日志配置静态文件不记录日志并添加过期时间Nginx防盗链访问控制Nginx解析PHP安装Nginx下载 #cd /usr/local/src/ #wget http://nginx.org/download/nginx-1.16.1.tar.gz解压 # tar zxf nginx-1.16.1.tar.gz配置安装 #cd nginx-1.16.1/ #./configure
复制链接

扫一扫