Nginx优化
目录
[root@localhost ~]#cd /opt/
[root@localhost opt]#ls
nginx-1.18.0 nginx-1.18.0.tar.gz
[root@localhost opt]#date +%F
2023-08-28
[root@localhost opt]#touch `date +%F`-access.log
[root@localhost opt]#ls
2023-08-28-access.log nginx-1.18.0 nginx-1.18.0.tar.gz
1. event事件
events {
worker_connections 65536; #设置单个工作进程的最大并发连接数
use epoll;
#使用epoll事件驱动,Nginx支持众多的事件驱动,比如:select、poll、epoll,只能设置在events模块中设置。
accept_mutex on; (默认关闭,业务量不大开启)
#on为同一时刻一个请求轮流由work进程处理,而防止被同时唤醒所有worker,避免多个睡眠进程被唤醒的设置,默认为off,新请求会唤醒所有worker进程,此过程也称为"惊群",因此nginx刚安装完以后要进行适当的优化。建议设置为on
multi_accept on; (建议打开)
#ON时Nginx服务器的每个工作进程可以同时接受多个新的网络连接,此指令默认为off,即默认为一个工作进程只能一次接受一个新的网络连接,打开后几个同时接受多个。建议设置为on
}
2. http设置
- http 是一个大的语句块,包含若干个小的语句块(比如server语句块)
- http对web进行设置
- server对服务器、主机进行设置,server中包含location
格式:
http {
server {
location {
}
}
}
#日志配置部分
#远端地址 远端用户 本地时间 请求头
#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
#状态 主体 从哪个网页跳转过来的,直接访问没有跳转
# '$status $body_bytes_sent "$http_referer" '
#什么浏览器访问
# '"$http_user_agent" "$http_x_forwarded_for"';
#access_log logs/access.log main;
1.1 自定义图标
【定制小图标】
[root@localhost ~]#wget www.jd.com/favicon.ico
#放到主目录就可以了
[root@localhost ~]#ls
anaconda-ks.cfg favicon.ico initial-setup-ks.cfg 公共 模板 视频 图片 文档 下载 音乐 桌面
[root@localhost opt]#vim /apps/nginx/conf/nginx.conf
#将图标保存到指定目录访问:
location = /favicon.ico {
root /data/nginx/html/pc/images;
[root@localhost opt]#mkdir images
[root@localhost opt]#cp favicon.ico images/
[root@localhost opt]#nginx -s reload
1.2 404
[root@localhost ~]#vim /apps/nginx/conf/nginx.conf
[root@localhost ~]#cd /opt/images/
[root@localhost images]#ls
favicon.ico
[root@localhost images]#vim 404.html
[root@localhost images]#nginx -s reload
1.3 mime
[root@localhost ~]#cat /apps/nginx/conf/mime.types | head
types {
text/html html htm shtml;
text/css css;
text/xml xml;
image/gif gif;
image/jpeg jpeg jpg;
application/javascript js;
application/atom+xml atom;
application/rss+xml rss;
1.4 server下的root
root路径格式:指定文件的路径 url
Syntax: root path;
Default:
root html;
Context: http, server, location
root作用:指明软件根目录
1.5 server块构建虚拟主机
- 实际只有1台,好像有多台主机
主机一
[root@localhost ~]#vim /apps/nginx/conf/nginx.conf
#修改配置文件 要放在 http 模块里
include /etc/nginx/mime.types;
include /apps/nginx/conf.d/*.conf;
[root@localhost ~]#cd /apps/nginx/
[root@localhost nginx]#ls
client_body_temp conf fastcgi_temp html logs proxy_temp sbin scgi_temp uwsgi_temp
[root@localhost nginx]#mkdir conf.d
#建立子配置文件
[root@localhost nginx]#ls
client_body_temp conf conf.d fastcgi_temp html logs proxy_temp sbin scgi_temp uwsgi_temp
[root@localhost nginx]#cd conf.d/
[root@localhost conf.d]#vim pc.conf
server {
listen 80;
server_name www.pc.com;
root /data/nginx/html/pc/;
}
[root@localhost conf.d]#cp pc.conf m.conf
[root@localhost conf.d]#vim m.conf
server{
listen 80;
server_name www.m.com;
root /opt/html/m;
}
[root@localhost conf.d]#cd /opt/
[root@localhost opt]#ls
favicon.ico images nginx-1.18.0 nginx-1.18.0.tar.gz
[root@localhost opt]#mkdir -p html/{pc,m}
[root@localhost opt]#ls
favicon.ico html images nginx-1.18.0 nginx-1.18.0.tar.gz
[root@localhost opt]#tree
[root@localhost opt]#nginx -s reload
[root@localhost ~]#vim /etc/hosts
[root@localhost ~]#cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.8.100 www.pc.com www.m.com
主机二
[root@localhost ~]#curl www.pc.com
pcpcpcp
[root@localhost ~]#curl www.m.com
mmmmmmmm
主机一
[root@localhost ~]#cd /apps/nginx/conf.d/
[root@localhost conf.d]#ls
m.conf pc.conf
[root@localhost conf.d]#vim m.conf
[root@localhost conf.d]#cat m.conf
server{
listen 999;
server_name www.m.com;
root /opt/html/m;
}
[root@localhost conf.d]#nginx -s reload
主机二
[root@localhost ~]#curl 192.168.8.100
pcpcpcp
[root@localhost ~]#curl 192.168.8.100:999
mmmmmmmm
主机一
[root@localhost conf.d]#vim pc.conf
[root@localhost conf.d]#vim m.conf
[root@localhost conf.d]#cat pc.conf
server{
listen 192.168.8.100:80;
server_name www.pc.com;
root /opt/html/pc;
}
[root@localhost conf.d]#cat m.conf
server{
listen 192.168.8.188:80;
server_name www.m.com;
root /opt/html/m;
}
[root@localhost conf.d]#nginx -s reload
[root@localhost conf.d]#ifconfig ens33:0 192.168.8.188/24
主机二
[root@localhost ~]#curl 192.168.8.100
pcpcpcp
[root@localhost ~]#curl 192.168.8.188
mmmmmmmm
1.6 alias 别名
别名设置
server {
listen 80;
server_name www.kgc.com;
location /news {
root /opt/nginx/html/pc/;
#相当于追加 将文件夹news追加到/opt/nginx/html/pc/news
}
location /study{
alias /mnt/nginx/sports/;
#相当于替换 你访问 study 就是访问/mnt/nginx/sports
}
}
主机一:
[root@localhost ~]#cd /apps/nginx/
[root@localhost nginx]#ls
client_body_temp conf conf.d fastcgi_temp ht
[root@localhost nginx]#cd conf.d
[root@localhost conf.d]#ls
[root@localhost conf.d]#vim pc.conf
[root@localhost conf.d]#cat pc.conf
server {
listen 192.168.8.100:80;
server_name www.pc.com;
location /wwe {
root /opt/html;
}
}
#root相当于追加在后面
[root@localhost conf.d]#nginx -s reload
[root@localhost opt]#mkdir html
[root@localhost opt]#cd html
[root@localhost html]#ls
[root@localhost html]#mkdir wwe
[root@localhost html]#ls
wwe
[root@localhost html]#echo wwe > wwe/index.html
主机二:
[root@localhost ~]#curl 192.168.8.100/wwe/
wwe
主机一:
[root@localhost conf.d]#vim pc.conf
[root@localhost conf.d]#cat pc.conf
server {
listen 192.168.8.100:80;
server_name www.pc.com;
location /wwe {
root /opt/html;
}
location /oop {
alias /opt/html;
}
}
#alias相当于等价置换
[root@localhost conf.d]#nginx -s reload
[root@localhost html]#echo oop > index.html
[root@localhost html]#cat index.html
oop
[root@localhost html]#ls
index.html wwe
[root@localhost html]#pwd
/opt/html
主机二:
[root@localhost ~]#curl 192.168.8.100/oop/
oop
1.7 location匹配
location / { #匹配根及根后面的
root html;
index index.html index.htm; #先找index.html,后找index.htm,找不到显示404
}
location = /favicon.ico { #精确匹配
root /data/images;
}
- location作用:去匹配 www.baidu.com/
- url:统一资源定位符(文件路径描述符)
- location只能写在server里,location也可以嵌套location
#语法规则:
location [ = | ~ | ~* | ^~ ] uri { ... }
= #用于标准url前,需要请求字串与uri精确匹配,大小敏感,如果匹配成功就停止向下匹配并立即处理请求
^~ #用于标准url前,表示包含正则表达式,并且匹配以指定的正则表达式开头,对URI的最左边部分做匹配检查,不区分字符大小写
~ #用于标准url前,表示包含正则表达式,并且区分大小写
~* #用于标准url前,表示包含正则表达式,并且不区分大写
不带符号 #匹配起始于此uri的所有的uri
\ #用于标准url前,表示包含正则表达式并且转义字符。可以将 . * ?等转义为普通符号
#匹配优先级从高到低:
=, ^~, ~/~*, 不带符号
#越精确优先级越高
location = / { #精确匹配
[ configuration A ]
}
location / { #不带符号,匹配所有
[ configuration B ]
}
location /documents/ { #起始域documents,不带符号
[ configuration C ]
}
location ^~ /images/ { #以images开头
[ configuration D ]
}
location ~* \.(gif|jpg|jpeg)$ { #以.gif.jpg.jpeg开头不区分大小写
[ configuration E ]
}
www.baidu.com/documents/document.html
www.baidu.com/documents/1.jpg
访问路径是 /
访问路径是 /index.html
访问路径是 /documents/document.html
访问路径是 /images/1.gif
访问路径是 /documents/1.jpg
- 主机一:
[root@localhost conf.d]#vim pc.conf
[root@localhost conf.d]#cat pc.conf
server {
listen 80;
server_name www.pc.com;
location =/index.html {
root /mnt/html;
}
location /index.html {
root /opt/html;
}
}
[root@localhost conf.d]#nginx -s reload
[root@localhost html]#cd /mnt
[root@localhost mnt]#echo mnt > index.html
[root@localhost mnt]#cat index.html
mnt
[root@localhost mnt]#ls
index.html
[root@localhost mnt]#mkdir html
[root@localhost mnt]#mv index.html html/
[root@localhost mnt]#ls
html
[root@localhost mnt]#nginx -s reload
主机二:
[root@localhost ~]#curl 192.168.8.100/
mnt
- 主机一:
[root@localhost conf.d]#vim pc.conf
[root@localhost conf.d]#cat pc.conf
server {
listen 80;
server_name www.pc.com;
location /index.html {
root /mnt/html;
}
location ~* /A.?\.jpg {
root /opt/html;
}
}
[root@localhost conf.d]#nginx -s reload
[root@localhost html]#cd /opt
[root@localhost opt]#ls
favicon.ico html images index.html nginx-1.18.0 nginx-1.18.0.tar.gz
[root@localhost opt]#cd html/
[root@localhost html]#ls
index.html wwe
[root@localhost html]#rz -E
rz waiting to receive.
[root@localhost html]#ls
a.jpg index.html wwe
[root@localhost html]#pwd
/opt/html
浏览器
浏览器访问192.168.8.100/A.jpg
访问失败,因为系统区分大小写
[root@localhost html]#cp a.jpg A.jpg
[root@localhost html]#ls
a.jpg A.jpg index.html wwe
[root@localhost conf.d]#vim pc.conf
[root@localhost conf.d]#cat pc.conf
server {
listen 80;
server_name www.pc.com;
location = /1.jpg {
root /data/nginx/static1;
index index.html;
}
location /1.jpg {
root /data/nginx/static2;
index index.html;
}
location ~* \.(gif|jpg|jpeg|bmp|png|tiff|tif|ico|wmf|js)$ {
root /data/nginx/static3;
index index.html;
}
}
[root@localhost conf.d]#nginx -s reload
[root@localhost data]#mkdir nginx/static{1..3} -p
[root@localhost data]#ls nginx
static1 static2 static3
[root@localhost data]#cd nginx/static1
[root@localhost static1]#rz -E
rz waiting to receive.
[root@localhost static1]#ls
1.jpg
[root@localhost static1]#cd ../static2
[root@localhost static2]#rz -E
rz waiting to receive.
[root@localhost static2]#ls
03.jpg
[root@localhost static2]#mv 03.jpg 1.jpg
[root@localhost static2]#ls
1.jpg
[root@localhost static2]#cd ../static3
[root@localhost static3]#rz -E
rz waiting to receive.
[root@localhost static3]#ls
04.jpg
[root@localhost static3]#mv 04.jpg 1.jpg
[root@localhost static3]#ls
1.jpg
[root@localhost nginx]#ls
static1 static2 static3
[root@localhost nginx]#tree
.
├── static1
│ └── 1.jpg
├── static2
│ └── 1.jpg
└── static3
└── 1.jpg
3 directories, 3 files
浏览器访问192.168.8.100/1.jpg
[root@localhost conf.d]#vim pc.conf
[root@localhost conf.d]#cat pc.conf
server {
listen 80;
server_name www.pc.com;
#location = /1.jpg {
#root /data/nginx/static1;
#index index.html;
#}
location /1.jpg {
root /data/nginx/static2;
index index.html;
}
location ~* \.(gif|jpg|jpeg|bmp|png|tiff|tif|ico|wmf|js)$ {
root /data/nginx/static3;
index index.html;
}
}
[root@localhost conf.d]#nginx -s reload
[root@localhost conf.d]#vim pc.conf
[root@localhost conf.d]#cat pc.conf
server {
listen 80;
server_name www.pc.com;
#location = /1.jpg {
#root /data/nginx/static1;
#index index.html;
#}
location /1.jpg {
root /data/nginx/static2;
index index.html;
}
#location ~* \.(gif|jpg|jpeg|bmp|png|tiff|tif|ico|wmf|js)$ {
#root /data/nginx/static3;
#index index.html;
#}
}
[root@localhost conf.d]#nginx -s reload
1.8 access模块 四层控制
[root@localhost conf.d]#vim pc.conf
[root@localhost conf.d]#cat pc.conf
server {
listen 80;
server_name www.pc.com;
root /apps/nginx/html;
location / {
deny 192.168.8.102;
}
}
[root@localhost conf.d]#nginx -s reload
[root@localhost ~]#curl 192.168.8.100/
<html>
<head><title>403 Forbidden</title></head>
<body>
<center><h1>403 Forbidden</h1></center>
<hr><center>nginx/1.18.0</center>
</body>
</html>
浏览器访问192.168.8.100
1.9 验证模块 需要输入用户名和密码
- htpasswd:此命令来自于 httpd-tools 包,如果没有安装 一下即可:yum install httpd-tools.x86_64 -y
使用方法:
第一次生成文件
htpasswd -c 文件路径 姓名 #交互式生成密码
htpasswd -bc 文件路径 姓名 密码 #直接将密码跟在后面
-c 代表新建用户名和密码对应的文件
-b 将密码跟在用户名后
非第一次
htpasswd 文件路径 姓名 #交互式生成密码
htpasswd -b 文件路径 姓名 密码 #直接将密码跟在后面
[root@localhost conf.d]#yum install httpd
httpd-devel.x86_64 httpd-manual.noarch httpd-tools.x86_64 httpd.x86_64
[root@localhost conf.d]#yum install httpd-tools.x86_64 -y
[root@localhost conf.d]#htpasswd -cb /data/.httpuser aav 123456
Adding password for user aav
[root@localhost conf.d]#cd /data
[root@localhost data]#ls
nginx
[root@localhost data]#ls -a
. .. .httpuser nginx
[root@localhost data]#cat .httpuser
aav:$apr1$iHbLjeNj$B5dp6pWGUKa1B2z8/pgRY0
[root@localhost data]#cd -
/apps/nginx/conf.d
[root@localhost conf.d]#htpasswd -b /data/.httpuser iiu 123456
Adding password for user iiu
[root@localhost conf.d]#cd -
/data
[root@localhost data]#cat .httpuser
aav:$apr1$iHbLjeNj$B5dp6pWGUKa1B2z8/pgRY0
iiu:$apr1$wOeEdpRd$Ys.mfYTZFIUwAtVxU6IyI/
[root@localhost data]#htpasswd /data/.httpuser mmm
New password:
Re-type new password:
Adding password for user mmm
[root@localhost data]#cat .httpuser
aav:$apr1$iHbLjeNj$B5dp6pWGUKa1B2z8/pgRY0
iiu:$apr1$wOeEdpRd$Ys.mfYTZFIUwAtVxU6IyI/
mmm:$apr1$orT9J9el$hkEJRpuYy338fBMEIpyxs1
[root@localhost conf.d]#vim pc.conf
[root@localhost conf.d]#cat pc.conf
server {
listen 80;
server_name www.pc.com;
root /apps/nginx/html;
location /admin {
root /mnt/html;
auth_basic "Welcome to nginx!";
auth_basic_user_file /data/.httpuser;
}
}
[root@localhost conf.d]#nginx -s reload
[root@localhost opt]#cd /mnt
[root@localhost mnt]#ls
html
[root@localhost mnt]#cd html/
[root@localhost html]#ls
index.html
[root@localhost html]#mkdir admin
[root@localhost html]#cp index.html admin/
[root@localhost html]#ls admin/
index.html
浏览器访问192.168.8.100/admin
在火狐浏览器访问192.168.8.100/admin
浙公网安备 33010602011771号