1、虚拟主机
[root@server1 conf]# pwd
/usr/local/lnmp/nginx/conf
[root@server1 conf]# vim nginx.conf
http{
...
121 server{
122 listen 80;
123 server_name www.westos.org;
124
125 location /{
126 root /www1;
127 index index.html;
128 }
129 }
130 server{
131 listen 80;
132 server_name www.linux.org;
133
134 location /{
135 root /www2;
136 index index.html;
137 }
138 }
139 }
[root@server1 conf]# cd /www1
[root@server1 www1]# cat index.html
www.westos.org
[root@server1 www1]# cd /www2
[root@server1 www2]# cat index.html
www.linux.org
[root@server1 www2]# nginx -s reload
测试:
2.https
[root@server1 ~]# cd /usr/local/lnmp/nginx/conf/
[root@server1 conf]# vim nginx.conf
#HTTPS server
server {
listen 443 ssl;
server_name www.westos.org;
ssl_certificate cert.pem;
ssl_certificate_key cert.pem;
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
location / {
root /www1;
index index.html index.htm;
}
}
[root@server1 conf]# nginx -t
nginx: [emerg] BIO_new_file("/usr/local/lnmp/nginx/conf/cert.pem") failed (SSL: \
error:02001002:system library:fopen:No such file or directory:fopen('/usr/local/lnmp/nginx\
/conf/cert.pem','r') error:2006D080:BIO routines:BIO_new_file:no such file)
[root@server1 conf]# cd /etc/pki/tls/certs
[root@server1 certs]# make cert.pem
[root@server1 certs]# cp cert.pem /usr/local/lnmp/nginx/conf/
[root@server1 certs]# nginx -t
[root@server1 certs]# nginx -s reload
测试:
浏览器输入:www.westos.org
3、重定向
[root@server1 conf]# vim nginx.conf
server{
listen 80;
server_name www.westos.org westos.org;
rewrite ^(.*)$ https://www.westos.org permanent;
}
[root@server1 conf]# nginx -t
[root@server1 conf]# nginx -s reload
301永久重定向 302临时重定向
server{
listen 80;
server_name www.westos.org westos.org;
rewrite ^(.*)$ https://www.westos.org$1 permanent;
}
server{
listen 80;
server_name www.westos.org westos.org;
rewrite ^/bbs$ http://bbs.westos.org permanent;
}
server{
listen 80;
server_name www.westos.org westos.org;
rewrite ^/bbs/(.*)$ http://bbs.westos.org/$1 permanent;
}
server{
listen 80;
server_name bbs.westos.org;
rewrite ^/(.*)$ http://www.westos.org/bbs/$1 permanent;
}
server{
listen 80;
server_name www.westos.org westos.org bbs.westos.org;
//Nginx支持正则匹配,这可以减少server的数量
if ($host = "bbs.westos.org"){
rewrite ^/(.*)$ http://www.westos.org/bbs/$1 permanent;
}
location /{
root /www1;
index index.html;
}
}
4、防盗链
(1)首先,我们先看看盗链过程:
server1:
[root@server1 conf]# vim nginx.conf
server{
listen 80;
server_name www.westos.org westos.org
location /{
root /www1;
index index.html;
}
[root@server1 www1]# ls images/ //server1的/www1/images下有一张图片
iso7.gif
server2:
[root@server2 html]# cat index.html
<html>
<body>
<img src="http://www.westos.org/images/vim.jpg">
</body>
</html>
//server2将其默认发布页设为server1主机上的图片
[root@server2 html]# /etc/init.d/httpd restart
测试: 访问server2时,访问到了server1的图片
(2)防盗链
server1服务器防盗链
[root@server1 conf]# vim nginx.conf
server{
listen 80;
server_name www.westos.org westos.org
location ~ \.(gif|jpg|png)$ {
root /www1;
valid_referers none blocked www.westos.org;
if ($invalid_referer) {
return 403;
}
}
测试:再次访问时将不能访问
(3)我们不仅可以在其盗链时直接拒绝,还可以做个重定向
[root@server1 conf]# vim nginx.conf
location ~ \.(gif|jpg|png)$ {
root /www1;
valid_referers none blocked www.westos.org;
if ($invalid_referer) {
rewrite ^/ http://bbs.westos.org/daolian.jpg;
}
}
server{
listen 80;
server_name bbs.westos.org;
location / {
root /www2;
index index.html;
}
}
[root@server1 www2]# ls
daolian.jpg index.html
测试: