linux下安装nginx和配置nginx服务下某一文件夹下的时间和MD5校验
Niginx + LUA实现对Ngin下html文件夹内资源的动态访问认证
注意版本号和路径
安装nginx
yum -y install gcc zlib zlib-devel pcre-devel openssl openssl-devel
http://nginx.org/download/nginx-1.17.3.tar.gz
http://nginx.org/download/nginx-1.17.3.tar.gz
http://nginx.org/download/nginx-1.17.3.tar.gz
安装 Nginx 依赖环境
yum install gcc gcc-c++ make automake autoconf libtool pcre* zlib openssl openssl-devel
解压安装包
cd /root
tar zxvf LuaJIT-2.0.5.tar.gz
tar zxvf lua-nginx-module-0.10.13.tar.gz
tar zxvf nginx-1.15.1.tar.gz
LuaJIT 安装
cd /root/LuaJIT-2.0.5
make && make install
Nginx 添加 lua_nginx_module 模块安装
cd /root/nginx-1.15.1
./configure --add-module=…/lua-nginx-module-0.10.13/
make && make install
查看 Nginx 是否安装成功
/usr/local/nginx/sbin/nginx -v
配置Nginx环境变量,方便进行Nginx服务的启动与停止
vi /etc/profile
PATH=$PATH:/usr/local/nginx/sbin
export PATH
启动nginx
nginx
停止nginx
nginx -s stop
重启nginx
nginx -s reload
永久开始80端口
firewall-cmd --zone=public --add-port=80/tcp --permanent
重启防火墙
firewall-cmd --reload
查看防火墙状态
systemctl status firewalld
在配置文件中server节点下加入location
#修改掉原来的过滤器
配置文件完整版在下图
没用上的部分,已经找到原因
nginx安装成功,但没有起到拦截作用
[Lua value为nil判断]
(https://www.cnblogs.com/Braveliu/p/11503160.html)
配置文件没有写对,需要重新写
一些参数没有获取到
传参方式
Linux下wget或curl的操作详解
'salt’没有起作用,token没有传递过去
原因:Linux不能识别’&’
- curl 'url’这样才能识别&符 curl url 不能识别&
[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-KLIodVv4-1574670280517)(Oss-server对象存储后台管理_files/4.jpg)]
ping不通原因
nginx配置文件
linux的nginx服务器实现校验功能
nginx.conf如下:
#user nobody;
worker_processes 1;
#error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
#pid logs/nginx.pid;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
# log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
#access_log logs/access.log main;
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 65;
#gzip on;
server {
listen 80;
server_name localhost;
#charset koi8-r;
#access_log logs/host.access.log main;
location / {
root html;
index index.html index.htm;
}
location /oss/files/ {
access_by_lua '
-- 获取请求路径,不包括参数。例如:/group1/M00/00/00/wKjlpltF-K-AZQQsAABhhboA1Kk469.png
local uri = ngx.var.uri;
-- 获取请求参数
local args = ngx.req.get_uri_args();
-- 获取请求参数中时间戳信息,传入的是毫秒
local ts = args["ts"];
-- 获取请求参数中 token 信息
local token1 =args["token"];
local errs = "没有访问权限"; --定义错误提示消息
-- 更新系统缓存时间戳
ngx.update_time();
-- 获取当前服务器系统时间,ngx.time() 获取的是秒
local getTime = ngx.time() * 1000;
-- 计算时间差
local diffTime = tonumber(ts) - getTime;
-- md5 加盐加密
local token2 = ngx.md5(tostring(uri) .. "salt" .. tostring(ts));
--时间无效
if(tonumber(diffTime) <= 0) then
ngx.status = ngx.HTTP_FORBIDDEN;
ngx.say(errs);
ngx.exit(200);
end
--MD5校验
if token1 ~= token2 then
ngx.status = ngx.HTTP_FORBIDDEN;
ngx.say(errs);
ngx.exit(200);
end
';
#校验通过,允许访问资源
root html;
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
# proxy the PHP scripts to Apache listening on 127.0.0.1:80
#
#location ~ \.php$ {
# proxy_pass http://127.0.0.1;
#}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
#location ~ \.php$ {
# root html;
# fastcgi_pass 127.0.0.1:9000;
# fastcgi_index index.php;
# fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
# include fastcgi_params;
#}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
}
# another virtual host using mix of IP-, name-, and port-based configuration
#
#server {
# listen 8000;
# listen somename:8080;
# server_name somename alias another.alias;
# location / {
# root html;
# index index.html index.htm;
# }
#}
# HTTPS server
#
#server {
# listen 443 ssl;
# server_name localhost;
# ssl_certificate cert.pem;
# ssl_certificate_key cert.key;
# ssl_session_cache shared:SSL:1m;
# ssl_session_timeout 5m;
# ssl_ciphers HIGH:!aNULL:!MD5;
# ssl_prefer_server_ciphers on;
# location / {
# root html;
# index index.html index.htm;
# }
#}
}