tengine修改服务器名,tengine 的安装部署和配置优化

user  www website;

worker_processes     auto;

worker_cpu_affinity  auto;

error_log  /var/log/nginx/nginx_error.log  error;

pid        /dev/shm/nginx.pid;

#Specifies the value for maximum file descriptors that can be opened by this process.

worker_rlimit_nofile 51200;

dso {

load ngx_http_footer_filter_module.so;

load ngx_http_limit_conn_module.so;

load ngx_http_limit_req_module.so;

load ngx_http_sysguard_module.so;

load ngx_http_upstream_ip_hash_module.so;

load ngx_http_upstream_least_conn_module.so;

load ngx_http_upstream_session_sticky_module.so;

}

events

{

use epoll;

worker_connections 51200;

}

http

{

include       mime.types;

default_type  application/octet-stream;

log_format  access  '$remote_addr - $remote_user [$time_local] "$request" '

'$status $body_bytes_sent "$http_referer" '

'"$http_user_agent" $http_x_forwarded_for';

open_log_file_cache max=1000 inactive=20s min_uses=2 valid=1m;

server_names_hash_bucket_size 128;

#linux 2.4+

sendfile on;

tcp_nopush     on;

tcp_nodelay on;

#tengine

server_info off;

server_tag off;

#server_tag Apache;

server_tokens off;

server_name_in_redirect off;

keepalive_timeout 60;

client_header_buffer_size 16k;

client_body_timeout 60;

client_max_body_size 8m;

large_client_header_buffers 4 32k;

fastcgi_intercept_errors on;

fastcgi_hide_header X-Powered-By;

fastcgi_connect_timeout 180;

fastcgi_send_timeout 180;

fastcgi_read_timeout 180;

fastcgi_buffer_size 128k;

fastcgi_buffers 4 128K;

fastcgi_busy_buffers_size 128k;

fastcgi_temp_file_write_size 128k;

fastcgi_temp_path /dev/shm;

#open_file_cache max=51200 inactive=20s;

#open_file_cache_valid    30s;

#open_file_cache_min_uses 2;

#open_file_cache_errors   off;

gzip on;

gzip_min_length  1k;

gzip_comp_level 5;

gzip_buffers     4 16k;

gzip_http_version 1.1;

gzip_types       text/plain application/x-javascript text/css application/xml;

gzip_proxied any;

limit_req_log_level error;

limit_req_zone $binary_remote_addr $uri zone=two:30m rate=10r/s;

#访问限制白名单

geo $white_ip {

#ranges;

default 0;

127.0.0.1/32 1;

182.55.21.28/32 1;

192.168.0.0/16 1;

61.199.67.0/24 1;

}

client_body_buffer_size  512k;

proxy_connect_timeout    5;

proxy_read_timeout       60;

proxy_send_timeout       5;

proxy_buffer_size        16k;

proxy_buffers            4 32k;

proxy_busy_buffers_size 64k;

proxy_temp_file_write_size 64k;

#注：proxy_temp_path和proxy_cache_path指定的路径必须在同一分区

proxy_temp_path   /opt/nginx/proxy_temp_dir;

#设置Web缓存区名称为cache_www，内存缓存空间大小为3000MB，1天没有被访问的内容自动清除，硬盘缓存空间大小为30GB。

proxy_cache_path  /opt/nginx/proxy_cache_www  levels=1:2   keys_zone=cache_www:3000m inactive=1d max_size=20g;

upstream www_server {

server   192.168.0.131:80;

}

server

{

listen       80 default;

server_name  _;

return 444;

access_log  off;

}

server

{

listen       80;

server_name

index index.html index.htm index.php;

root  /opt/htdocs/www;

access_log  /var/log/nginx/proxy. access buffer=24k;

if (-d $request_filename){

rewrite ^/(.*)([^/])$ permanent;

}

limit_req_whitelist geo_var_name=white_ip geo_var_value=1;

limit_req zone=two burst=50 forbid_action=/visitfrequently.html;

location @visitfrequently {

rewrite ^ /visitfrequently.html;

}

location ~/\.ht {

deny all;

}

#用于清除缓存，假设一个URL为，通过访问就可以清除该URL的缓存。

location ~ /purge(/.*)

{

#设置只允许指定的IP或IP段才可以清除URL缓存。

allow            127.0.0.1;

allow            192.168.0.0/16;

deny            all;

proxy_cache_purge    cache_www   $host$1$is_args$args;

error_page 405 =200 /purge$1; #处理squidclient purge的时候出现的405错误

}

if ( $request_method = "PURGE" ) {

rewrite ^(.*)$ /purge$1 last;

}

location /

{

error_page 502 504 /502.html;

proxy_set_header Host  $host;

#proxy_set_header X-Forwarded-For  $remote_addr;

proxy_set_header X-Real-IP $remote_addr;

proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

proxy_pass

add_header      X-Cache   Cache-Skip;

}

location ~ 404\.html$

{

proxy_set_header Host  $host;

#proxy_set_header X-Forwarded-For  $remote_addr;

proxy_set_header X-Real-IP $remote_addr;

proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

proxy_pass

add_header      X-Cache   Cache-Skip;

}

location ~ .*\.(htm|html|)?$

{

#如果后端的服务器返回502、504、执行超时等错误，自动将请求转发到upstream负载均衡池中的另一台服务器，实现故障转移。

proxy_next_upstream http_502 http_504 error timeout invalid_header;

proxy_cache cache_www;

#对不同的HTTP状态码设置不同的缓存时间

proxy_cache_valid  200 304 5m;

#以域名、URI、参数组合成Web缓存的Key值，Nginx根据Key值哈希，存储缓存内容到二级缓存目录内

proxy_cache_key $host$uri$is_args$args;

proxy_set_header Host  $host;

proxy_http_version 1.1;

#proxy_set_header X-Forwarded-For  $remote_addr;

proxy_set_header X-Real-IP $remote_addr;

proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

proxy_pass

#支持后台expires

proxy_ignore_headers "Cache-Control" "Expires";

add_header      X-Cache   Cache;

}

location ~* ^.+\.(jpg|jpeg|gif|png|rar|zip|css|js)$ {

valid_referers none blocked *.c1gstudio.com;

if ($invalid_referer) {

rewrite ^/

return 412;

break;

}

access_log   off;

#如果后端的服务器返回502、504、执行超时等错误，自动将请求转发到upstream负载均衡池中的另一台服务器，实现故障转移。

proxy_next_upstream http_502 http_504 error timeout invalid_header;

proxy_cache cache_www;

#对不同的HTTP状态码设置不同的缓存时间

proxy_cache_valid  200 304 5m;

#以域名、URI、参数组合成Web缓存的Key值，Nginx根据Key值哈希，存储缓存内容到二级缓存目录内

proxy_cache_key $host$uri$is_args$args;

proxy_set_header Host  $host;

proxy_http_version 1.1;

#proxy_set_header X-Forwarded-For  $remote_addr;

proxy_set_header X-Real-IP $remote_addr;

proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

proxy_pass

#支持后台expires

proxy_ignore_headers "Cache-Control" "Expires";

add_header      X-Cache   Cache;

}

}

}