一、安裝nginx
[root@lnmp conf]# tar zxvf nginx-1.8.0.tar.gz
[root@lnmp conf]# cd nginx-1.8.0
[root@lnmp conf]# ./configure --prefix=/usr/local/nginx
[root@lnmp conf]# make && make install
[root@lnmp conf]# vim /etc/init.d/nginx
#!/bin/bash
# chkconfig: - 30 21
# description: http service.
# Source Function Library
. /etc/init.d/functions
# Nginx Settings
NGINX_SBIN="/usr/local/nginx/sbin/nginx"
NGINX_CONF="/usr/local/nginx/conf/nginx.conf"
NGINX_PID="/usr/local/nginx/logs/nginx.pid"
RETVAL=0
prog="Nginx"
start()
{
echo -n $"Starting $prog: "
mkdir -p /dev/shm/nginx_temp
daemon $NGINX_SBIN -c $NGINX_CONF
RETVAL=$?
echo
return $RETVAL
}
stop()
echo -n $"Stopping $prog: "
killproc -p $NGINX_PID $NGINX_SBIN -TERM
rm -rf /dev/shm/nginx_temp
reload()
echo -n $"Reloading $prog: "
killproc -p $NGINX_PID $NGINX_SBIN -HUP
restart()
stop
start
configtest()
$NGINX_SBIN -c $NGINX_CONF -t
return 0
case "$1" in
start)
start
;;
stop)
stop
reload)
reload
restart)
restart
configtest)
configtest
*)
echo $"Usage: $0 {start|stop|reload|restart|configtest}"
RETVAL=1
esac
exit $RETVAL
[root@lnmp conf]# chmod 755 /etc/init.d/nginx
[root@lnmp conf]# chkconfig --add nginx
[root@lnmp conf]# chkconfig nginx on
[root@lnmp conf]# mv nginx.conf nginx.conf.bak
[root@lnmp conf]# vim /usr/local/nginx/conf/nginx.conf
user nobody nobody; (啟動nginx的使用者)
worker_processes 2; (定義子程序)
error_log /usr/local/nginx/logs/nginx_error.log crit; (錯誤日志)
pid /usr/local/nginx/logs/nginx.pid; (pid位置)
worker_rlimit_nofile 51200; (最多打開多少檔案)
events
use epoll;
worker_connections 6000; (程序最多多少連接配接)
}
http
include mime.types;
default_type application/octet-stream;
server_names_hash_bucket_size 3526;
server_names_hash_max_size 4096;
log_format combined_realip '$remote_addr $http_x_forwarded_for [$time_local]'
' $host "$request_uri" $status'
' "$http_referer" "$http_user_agent"';
sendfile on;
tcp_nopush on;
keepalive_timeout 30;
client_header_timeout 3m;
client_body_timeout 3m;
send_timeout 3m;
connection_pool_size 256;
client_header_buffer_size 1k;
large_client_header_buffers 8 4k;
request_pool_size 4k;
output_buffers 4 32k;
postpone_output 1460;
client_max_body_size 10m;
client_body_buffer_size 256k;
client_body_temp_path /usr/local/nginx/client_body_temp;
proxy_temp_path /usr/local/nginx/proxy_temp;
fastcgi_temp_path /usr/local/nginx/fastcgi_temp;
fastcgi_intercept_errors on;
tcp_nodelay on;
gzip on;
gzip_min_length 1k;
gzip_buffers 4 8k;
gzip_comp_level 5;
gzip_http_version 1.1;
gzip_types text/plain application/x-javascript text/css text/htm
application/xml;
server (http服務)
{
listen 80; (監聽80端口)
server_name localhost; (設定域名)
index index.html index.htm index.php; (設定首頁)
root /usr/local/nginx/html; (設定通路主目錄)
location ~ \.php$ (定義php解析)
{
include fastcgi_params;
fastcgi_pass unix:/tmp/php-fcgi.sock;
#fastcgi_pass 127.0.0.1:9000; (和上面一行的意思相同,隻是不同的寫法,監聽127.0.0.1:9000)
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /usr/local/nginx/html$fastcgi_script_name;
}
}
[root@lnmp conf]# /usr/local/nginx/sbin/nginx -t (檢查文法錯誤)
[root@lnmp conf]# /etc/init.d/nginx start (啟動nginx)
[root@lnmp conf]# netstat -lntp |grep 80 (檢視80端口)
[root@lnmp conf]# ps aux |grep nginx (檢視nginx服務,可看到2個work子程序)
二、nginx預設虛拟主機
Nginx預設主機:
[root@lnmp ~]# vim /usr/local/nginx/conf/nginx.conf (删除server及下面的,在http最後添加)
include vhost/*.conf; (指定虛拟主機目錄,并讀取以.conf結尾的檔案)
:wq退出儲存
[root@lnmp ~]# mkdir /usr/local/nginx/conf/vhost (建立虛拟主機目錄)
[root@lnmp ~]# vim aaa.com.conf (建立虛拟主機配置檔案并添加以下内容:)
server
listen 80 default_server; (紅色的字表示設定這個虛拟主機為預設虛拟主機)
server_name aaa.com;
index index.html index.htm index.php;
root /data/wwwroot/default;
[root@lnmp vhost]# mkdir -p /data/wwwroot/default/ (建立虛拟主機的通路目錄)
[root@lnmp vhost]# echo "This is a default site." >/data/wwwroot/default/index.html (編寫虛拟主機首頁)
[root@lnmp vhost]# /usr/local/nginx/sbin/nginx -t (檢查配置檔案文法錯誤)
[root@lnmp vhost]# /usr/local/nginx/sbin/nginx -s reload (重新加載配置檔案)
[root@lnmp vhost]# curl localhost (curl本機,發現到達nginx的虛拟主機首頁)
This is a default site.
!!:還有一個需要注意的是,如果不加紅色字型的字段,再找server時會根據檔案名排序,比如:aaa.com.cnf和bbb.com.cnf,aaa肯定是在前,是以aaa.com.cnf是預設虛拟主機
三、Nginx使用者認證
nginx使用者認證
用到了之前httpd的htpasswd功能。
[root@lnmp ~]# vim /usr/local/nginx/conf/vhost/test.com.conf (建立一個虛拟主機)
listen 80;
server_name test.com;
root /data/wwwroot/test.com;
location /
auth_basic "Auth"; (定義使用者認證的名字)
auth_basic_user_file /usr/local/nginx/conf/htpasswd (定義使用者名密碼檔案)
因為要使用到httpd的htpasswd功能,則需要安裝httpd,可以直接yum安裝,直接敲htpasswd指令,
[root@lnmp ~]# htpasswd -c /usr/local/nginx/conf/htpasswd lty (c是生成使用者檔案,若要添加則不需要,否則會覆寫原檔案)
New password:
Re-type new password:
Adding password for user lty
檢查文法錯誤,并且重新加載配置檔案:(如果配置檔案出現錯誤,reload不會使錯誤的配置檔案生效)
[root@lnmp ~]# /usr/local/nginx/sbin/nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
[root@lnmp ~]# /usr/local/nginx/sbin/nginx -s reload
檢測:
[root@lnmp ~]# curl -x127.0.0.1:80 test.com -I (不加使用者發現401,需要使用者認證)
HTTP/1.1 401 Unauthorized
Server: nginx/1.8.0
Date: Thu, 14 Dec 2017 04:15:02 GMT
Content-Type: text/html
Content-Length: 194
Connection: keep-alive
WWW-Authenticate: Basic realm="Auth"
[root@lnmp ~]# curl -ulty:westos -x127.0.0.1:80 test.com (-u指定使用者和密碼後,傳回值)
test.com
1.需求;通路一個目錄或者檔案時,才需要使用者認證。
實作:
[root@lnmp ~]# vim /usr/local/nginx/conf/vhost/test.com.conf
location /admin (使用者認證時加上admin目錄)
auth_basic "Auth";
auth_basic_user_file /usr/local/nginx/conf/htpasswd;
檢測文法錯誤并且重新加載配置檔案:
[root@lnmp ~]# curl -x127.0.0.1:80 test.com (通路test.com時不需要密碼也可以傳回值)
[root@lnmp ~]# curl -x127.0.0.1:80 test.com/admin (通路test.com下的admin時,401需要使用者認證)
<html>
<head><title>401 Authorization Required</title></head>
<body bgcolor="white">
<center><h1>401 Authorization Required</h1></center>
<hr><center>nginx/1.8.0</center>
</body>
</html>
需求,通路test.com下的1.php需要使用者認證,
location /admin/1.php (這裡修改比對到1.php)
[root@lnmp ~]# curl -x127.0.0.1:80 test.com/admin/1.php (不加使用者密碼通路發現401)
[root@lnmp ~]# curl -ulty:westos -x127.0.0.1:80 test.com/admin/1.php (加使用者密碼通路則正常傳回)
touch file.php
四、nginx域名重定向
httpd配置檔案裡server_name後面不支援寫多個域名,就算寫了多個,也預設識别第一個
nginx的配置檔案server_name後面則支援寫多個域名,
server_name test.com test1.com test2.com; (server_name後跟多個域名)
if ($host != 'test.com' ) { (如果域名不是test.com)
rewrite ^/(.*)$ http://test.com/$1 permanent; (rewrite到test.com,permanent301報錯 redirect302報錯)
檢查文法錯誤并且重新加載配置檔案:
[root@lnmp ~]# curl -x127.0.0.1:80 test1.com/admin/1.php -I (通路test1時,提示301,跳轉到test.comx下)
HTTP/1.1 301 Moved Permanently
Date: Thu, 14 Dec 2017 05:03:32 GMT
Content-Length: 184
Location: http://test.com/admin/1.php
[root@lnmp ~]# curl -x127.0.0.1:80 test2.com/admin/1.php -I (通路test2時,提示301,跳轉到test.comx下)
Date: Thu, 14 Dec 2017 05:03:38 GMT
五、Nginx配置檔案詳解
<a href="http://www.ha97.com/5194.html">http://www.ha97.com/5194.html</a>
<a href="https://my.oschina.net/duxuefeng/blog/34880">https://my.oschina.net/duxuefeng/blog/34880</a>
本文轉自 小新銳 51CTO部落格,原文連結:http://blog.51cto.com/13407306/2057083,如需轉載請自行聯系原作者
![修改or隐藏nginx版本号[圖]](data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=)