What are the common configurations and techniques of Nginx?
一个站点配置多个域名
server {
listen 80;
server_name ops-coffee.cn b.ops-coffee.cn;
}server_name 后跟多个域名即可,多个域名之间用空格分隔
一个服务配置多个站点
server {
listen 80;
server_name a.ops-coffee.cn;
location / {
root /home/project/pa;
index index.html;
}
}
server {
listen 80;
server_name ops-coffee.cn b.ops-coffee.cn;
location / {
root /home/project/pb;
index index.html;
}
}
server {
listen 80;
server_name c.ops-coffee.cn;
location / {
root /home/project/pc;
index index.html;
}
}基于nginx虚拟主机配置实现,nginx有三种类型的虚拟主机
基于ip的虚拟主机: 需要你的服务器上有多个地址,每个站点对应不同的地址,这种方式使用的比较少
基于端口的虚拟主机: 每个站点对应不同的端口,访问的时候使用ip:port的方式访问,可以修改listen的端口来使用
基于域名的虚拟主机: 使用最广的方式,上边例子中就是用了基于域名的虚拟主机,前提条件是你有多个域名分别对应每个站点,server_name填写不同的域名即可
nginx添加账号密码验证
server {
location / {
auth_basic "please input user&passwd";
auth_basic_user_file key/auth.key;
}
}有很多服务通过nginx访问,但本身没有提供账号认证的功能,就可以通过nginx提供的authbase账号密码认证来实现,可以用以下脚本来生成账号的密码
# cat pwd.pl #!/usr/bin/perl use strict; my $pw=$argv[0] ; print crypt($pw,$pw)."\n";
使用方法:
# perl pwd.pl ops-coffee.cn opf8bimqcaxww # echo "admin:opf8bimqcaxww" > key/auth.key
nginx开启列目录
当你想让nginx作为文件下载服务器存在时,需要开启nginx列目录
server {
location download {
autoindex on;
autoindex_exact_size off;
autoindex_localtime on;
}
}autoindex_exact_size: 为on(默认)时显示文件的确切大小,单位是byte;改为off显示文件大概大小,单位kb或mb或gb
autoindex_localtime: 为off(默认)时显示的文件时间为gmt时间;改为on后,显示的文件时间为服务器时间
默认当访问列出的txt等文件时会在浏览器上显示文件的内容,如果你想让浏览器直接下载,加上下边的配置
if ($request_filename ~* ^.*?\.(txt|pdf|jpg|png)$) {
add_header content-disposition 'attachment';
}配置默认站点
server {
listen 80 default;
}当一个nginx服务上创建了多个虚拟主机时默认会从上到下查找,如果匹配不到虚拟主机则会返回第一个虚拟主机的内容,如果你想指定一个默认站点时,可以将这个站点的虚拟主机放在配置文件中第一个虚拟主机的位置,或者在这个站点的虚拟主机上配置listen default
不允许通过ip访问
server {
listen 80 default;
server_name _;
return 404;
}可能有一些未备案的域名或者你不希望的域名将服务器地址指向了你的服务器,这时候就会对你的站点造成一定的影响,需要禁止ip或未配置的域名访问,我们利用上边所说的default规则,将默认流量都转到404去
上边这个方法比较粗暴,当然你也可以配置下所有未配置的地址访问时直接301重定向到你的网站去,也能为你的网站带来一定的流量
server {
rewrite ^/(.*)$ https://ops-coffee.cn/$1 permanent;
}直接返回验证文件
location = /xdfyle6tna.txt {
default_type text/plain;
return 200 'd6296a84657eb275c05c31b10924f6ea';
}很多时候微信等程序都需要我们放一个txt的文件到项目里以验证项目归属,我们可以直接通过上边这种方式修改nginx即可,无需真正的把文件给放到服务器上
nginx配置upstream反向代理
http {
...
upstream tomcats {
server 192.168.106.176 weight=1;
server 192.168.106.177 weight=1;
}
server {
location /ops-coffee/ {
proxy_pass http://tomcats;
proxy_set_header host $host;
proxy_set_header x-real-ip $remote_addr;
proxy_set_header x-forwarded-for $proxy_add_x_forwarded_for;
proxy_set_header x-forwarded-proto $scheme;
}
}
}稍不注意可能会落入一个proxy_pass加杠不加杠的陷阱,这里详细说下proxy_pass http://tomcats与proxy_pass http://tomcats/的区别:
虽然只是一个/的区别但结果确千差万别。分为以下两种情况:
1. 目标地址中不带uri(proxy_pass http://tomcats)。此时新的目标url中,匹配的uri部分不做修改,原来是什么就是什么。
location /ops-coffee/ {
proxy_pass http://192.168.106.135:8181;
}
http://domain/ops-coffee/ --> http://192.168.106.135:8181/ops-coffee/
http://domain/ops-coffee/action/abc --> http://192.168.106.135:8181/ops-coffee/action/abc2. 目标地址中带uri(proxy_pass http://tomcats/,/也是uri),此时新的目标url中,匹配的uri部分将会被修改为该参数中的uri。
location /ops-coffee/ {
proxy_pass http://192.168.106.135:8181/;
}
http://domain/ops-coffee/ --> http://192.168.106.135:8181
http://domain/ops-coffee/action/abc --> http://192.168.106.135:8181/action/abcnginx upstream开启keepalive
upstream tomcat {
server ops-coffee.cn:8080;
keepalive 1024;
}
server {
location / {
proxy_http_version 1.1;
proxy_set_header connection "";
proxy_pass http://tomcat;
}
}nginx在项目中大多数情况下会作为反向代理使用,例如nginx后接tomcat,nginx后接php等,这时我们开启nginx和后端服务之间的keepalive能够减少频繁创建tcp连接造成的资源消耗,配置如上
keepalive: 指定每个nginxworker可以保持的最大连接数量为1024,默认不设置,即nginx作为client时keepalive未生效
proxy_http_version 1.1: 开启keepalive要求http协议版本为http 1.1
proxy_set_header connection "": 为了兼容老的协议以及防止http头中有connection close导致的keepalive失效,这里需要及时清掉http头部的connection
404自动跳转到首页
server {
location / {
error_page 404 = @ops-coffee;
}
location @ops-coffee {
rewrite .* / permanent;
}
}网站出现404页面不是特别友好,我们可以通过上边的配置在出现404之后给自动跳转到首页去
The above is the detailed content of What are the common configurations and techniques of Nginx?. For more information, please follow other related articles on the PHP Chinese website!
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
AI Hentai Generator
Generate AI Hentai for free.
Hot Article
Hot Tools
Notepad++7.3.1
Easy-to-use and free code editor
SublimeText3 Chinese version
Chinese version, very easy to use
Zend Studio 13.0.1
Powerful PHP integrated development environment
Dreamweaver CS6
Visual web development tools
SublimeText3 Mac version
God-level code editing software (SublimeText3)
Hot Topics
1359
52
How to allow external network access to tomcat server
Apr 21, 2024 am 07:22 AM
To allow the Tomcat server to access the external network, you need to: modify the Tomcat configuration file to allow external connections. Add a firewall rule to allow access to the Tomcat server port. Create a DNS record pointing the domain name to the Tomcat server public IP. Optional: Use a reverse proxy to improve security and performance. Optional: Set up HTTPS for increased security.
How to run thinkphp
Apr 09, 2024 pm 05:39 PM
Steps to run ThinkPHP Framework locally: Download and unzip ThinkPHP Framework to a local directory. Create a virtual host (optional) pointing to the ThinkPHP root directory. Configure database connection parameters. Start the web server. Initialize the ThinkPHP application. Access the ThinkPHP application URL and run it.
Welcome to nginx!How to solve it?
Apr 17, 2024 am 05:12 AM
To solve the "Welcome to nginx!" error, you need to check the virtual host configuration, enable the virtual host, reload Nginx, if the virtual host configuration file cannot be found, create a default page and reload Nginx, then the error message will disappear and the website will be normal show.
How to communicate between docker containers
Apr 07, 2024 pm 06:24 PM
There are five methods for container communication in the Docker environment: shared network, Docker Compose, network proxy, shared volume, and message queue. Depending on your isolation and security needs, choose the most appropriate communication method, such as leveraging Docker Compose to simplify connections or using a network proxy to increase isolation.
How to register phpmyadmin
Apr 07, 2024 pm 02:45 PM
To register for phpMyAdmin, you need to first create a MySQL user and grant permissions to it, then download, install and configure phpMyAdmin, and finally log in to phpMyAdmin to manage the database.
How to deploy nodejs project to server
Apr 21, 2024 am 04:40 AM
Server deployment steps for a Node.js project: Prepare the deployment environment: obtain server access, install Node.js, set up a Git repository. Build the application: Use npm run build to generate deployable code and dependencies. Upload code to the server: via Git or File Transfer Protocol. Install dependencies: SSH into the server and use npm install to install application dependencies. Start the application: Use a command such as node index.js to start the application, or use a process manager such as pm2. Configure a reverse proxy (optional): Use a reverse proxy such as Nginx or Apache to route traffic to your application
How to generate URL from html file
Apr 21, 2024 pm 12:57 PM
Converting an HTML file to a URL requires a web server, which involves the following steps: Obtain a web server. Set up a web server. Upload HTML file. Create a domain name. Route the request.
What to do if the installation of phpmyadmin fails
Apr 07, 2024 pm 03:15 PM
Troubleshooting steps for failed phpMyAdmin installation: Check system requirements (PHP version, MySQL version, web server); enable PHP extensions (mysqli, pdo_mysql, mbstring, token_get_all); check configuration file settings (host, port, username, password); Check file permissions (directory ownership, file permissions); check firewall settings (whitelist web server ports); view error logs (/var/log/apache2/error.log or /var/log/nginx/error.log); seek Technical support (phpMyAdmin
