nginx基础模块
nginx基础模块
目录索引
应用场景:
yum源私有仓库
根据之前做的小游戏界面测试
`1.编写Nginx配置文件
[root@web01 /etc/nginx/conf.d]# cat game.conf
server {
listen 80;
server_name game.oldboy.com;
location / {
root /etc/nginx/conf.d;
index index.html;
}
}
`2.根据配置文件上传代码
[root@web01 /etc/nginx/conf.d]# rz html5.zip #拖进来这个文件
[root@web01 /etc/nginx/conf.d]# unzip html5.zip
`3.重载nginx服务
[root@web01 code]# systemctl restart nginx #立即重启
[root@web01 code]# systemctl reload nginx #平滑重启
`4.配置域名解析
Windows: C:\Windows\System32\drivers\etc #进这个配置文件
10.0.0.7 game.oldboy.com #加上这句话
Mac sudo vim /etc/hosts
10.0.0.7 game.oldboy.com
能正常打开网页
基于这个网页修改配置文件
`改配置文件
[root@web01 /etc/nginx/conf.d]# cat game.conf
server {
listen 80;
server_name game.oldboy.com;
location / {
root /etc/nginx/conf.d;
index index.html;
autoindex on; # 给这个命令
}
}
重新登陆网页 还是有游戏界面
`移走文件
[root@web01 /etc/nginx/conf.d]# ls
bbs.oldmeng.conf game index.html www.oldmeng.conf
blog.oldmeng.conf game.conf __MACOSX
ceshi html5.zip readme.txt
default.conf img status.conf
[root@web01 /etc/nginx/conf.d]# mv index.html /tmp/
`再次刷新 就变成目录树结构了
把tmp下的文件移动回去就好了
如果想永远树状目录 直接注释
[root@web01 /etc/nginx/conf.d]# cat game.conf
server {
listen 80;
server_name game.oldboy.com;
location / {
root /etc/nginx/conf.d;
#index index.html; 注释掉
autoindex on;
}
}
伪造一个阿里云镜像网站
[root@web01 /etc/nginx/conf.d]# cp game.conf autoindex.conf
[root@web01 /etc/nginx/conf.d]# cat autoindex.conf
server {
listen 80;
server_name module.oldboy.com;
location / {
root /module;
autoindex on;
}
}
[root@web01 /etc/nginx/conf.d]# mkdir /module/{centos,redhat}{5..7}/ -p
[root@web01 /etc/nginx/conf.d]# nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
[root@web01 /etc/nginx/conf.d]# systemctl restart nginx
hosts解析
10.0.0.7 module.oldboy.com
登录module.oldboy.com
出现树状目录
复制阿里云镜像网站
[root@web01 ~]# cat 1
#!/bin/bash
../
atomic/
centosplus/
cloud/
configmanagement/
cr/
dotnet/
extras/
fasttrack/
isos/
nfv/
opstools/
os/
paas/
rt/
sclo/
storage/
updates/
virt/
[root@web01 ~]# cat 1 |sed -r 's#(.*)#mkdir /module/centos7/\1 -p #g'|bash
解决乱码
`1.字符集
[root@web01 /etc/nginx/conf.d]# cat autoindex.conf
server {
listen 80;
server_name module.oldboy.com;
charset utf-8,gbk; #这个命令加上 针对这一个网页
location / {
root /module;
autoindex on;
}
}
[root@web01 /etc/nginx/conf.d]# nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
[root@web01 /etc/nginx/conf.d]# systemctl restart nginx
`2.大小
[root@web01 /etc/nginx/conf.d]# cat autoindex.conf
server {
listen 80;
server_name module.oldboy.com;
charset utf-8,gbk;
location / {
root /module;
autoindex on;
autoindex_exact_size off; #加上这个命令
}
}
[root@web01 /etc/nginx/conf.d]# nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
[root@web01 /etc/nginx/conf.d]# systemctl restart nginx
`3.时间
[root@web01 /etc/nginx/conf.d]# cat autoindex.conf
server {
listen 80;
server_name module.oldboy.com;
charset utf-8,gbk;
location / {
root /module;
autoindex on;
autoindex_exact_size off;
autoindex_localtime on; #加上这个命令
}
}
[root@web01 /etc/nginx/conf.d]# nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
[root@web01 /etc/nginx/conf.d]# systemctl restart nginx
`整体配置
[root@web01 /etc/nginx/conf.d]# cat autoindex.conf
server {
listen 80;
server_name module.oldboy.com;
charset utf-8,gbk;
location / {
root /etc/nginx/conf.d;
index index.html;
}
location /download {
root /module;
autoindex on;
autoindex_exact_size off;
autoindex_localtime on;
}
}
[root@web01 /etc/nginx/conf.d]# nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
[root@web01 /etc/nginx/conf.d]# systemctl restart nginx
'访问网站时会出现404报错
'因为你访问的是根下面的download 要么就在module下创建一个download目录,把所有东西塞进去,要么把root改掉
[root@web01 /etc/nginx/conf.d]# cat autoindex.conf
server {
listen 80;
server_name module.oldboy.com;
charset utf-8,gbk;
location / {
root /etc/nginx/conf.d;
index index.html;
}
location /download {
alias /module; #把root改成alias
autoindex on;
autoindex_exact_size off;
autoindex_localtime on;
}
}
[root@web01 /etc/nginx/conf.d]# nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
[root@web01 /etc/nginx/conf.d]# systemctl restart nginx
'访问module.oldboy.com 跳转游戏界面
'访问module.oldboy.com/download 跳转树状目录界面
nginx状态监控
[root@web01 /etc/nginx/conf.d]# cat autoindex.conf
server {
listen 80;
server_name module.oldboy.com;
charset utf-8,gbk;
location / {
root /etc/nginx/conf.d;
index index.html;
}
location /download {
alias /module;
autoindex on;
autoindex_exact_size off;
autoindex_localtime on;
}
location /nginx_status {
stub_status;
}
}
[root@web01 /etc/nginx/conf.d]# nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
[root@web01 /etc/nginx/conf.d]# systemctl restart nginx
`访问网站就可以 module.oldboy.com/nginx_status
`nginx状态页面
Active connections: 2
server accepts handled requests
3 3 33
Reading: 0 Writing: 1 Waiting: 1
Active connections # 当前活动客户端连接数,包括Waiting等待连接数。
accepts # 已接受总的TCP连接数。
handled # 已处理总的TCP连接数。
requests # 客户端总的http请求数。
Reading # 当前nginx读取请求头的连接数。
Writing # 当前nginx将响应写回客户端的连接数。
Waiting # 当前等待请求的空闲客户端连接数。
# 注意, 一次TCP的连接,可以发起多次http的请求, 如下参数可配置进行验证
keepalive_timeout 0; # 类似于关闭长连接
keepalive_timeout 65; # 65s没有活动则断开连接
nginx访问控制
基于ip地址做限制
[root@web01 /etc/nginx/conf.d]# cat autoindex.conf
server {
listen 80;
server_name module.oldboy.com;
charset utf-8,gbk;
location / {
root /etc/nginx/conf.d;
index index.html;
auth_basic "Auth access Blog Input your Passwd!";
auth_basic_user_file auth_conf;
}
location /download {
alias /module;
autoindex on;
autoindex_exact_size off;
autoindex_localtime on;
auth_basic "Auth access Blog Input your Passwd!";
auth_basic_user_file auth_conf;
}
location /nginx_status {
stub_status;
deny 10.0.0.1/32; #就加上这个模块
allow all; #就加上这个模块
}
}
2.参数配置
#拒绝10网段,允许其他网段
deny 10.0.0.0/24 ;
allow all;
#拒绝10.0.0.1访问,允许其他访问
deny 10.0.0.1 ;
allow all;
#只允许172网段访问
allow 172.16.1.0/24;
deny all;
#只允许172.16.1.7可以访问
allow 172.16.1.7;
deny all;
基于用户密码做限制
[root@web01 ~]# yum install httpd-tools -y
[root@web01 ~]# htpasswd -b -c /etc/nginx/auth_conf oldboy(用户名) 123(密码)
[root@web01 /etc/nginx/conf.d]# cat autoindex.conf
server {
listen 80;
server_name module.oldboy.com;
charset utf-8,gbk;
location / {
root /etc/nginx/conf.d;
index index.html;
auth_basic "Auth access Blog Input your Passwd!";
auth_basic_user_file auth_conf;
第一句的意思是提示
第二句的意思是密码文件
#加上这两句
}
location /download {
alias /module;
autoindex on;
autoindex_exact_size off;
autoindex_localtime on;
auth_basic "Auth access Blog Input your Passwd!";
auth_basic_user_file auth_conf;
第一句的意思是提示
第二句的意思是密码文件
#加上这两句
}
#location /nginx_status {
#stub_status;
#}
}
基于连接数做限制
[root@web01 /etc/nginx/conf.d]# cat bbs.oldmeng.conf
limit_req_zone $binary_remote_addr zone=req_zone:10m rate=1r/s; #加上这句话
server {
listen 80;
server_name bbs.oldmeng.com;
access_log /var/log/nginx/bbs.log main;
limit_req zone=req_zone burst=5 nodelay; #加上
limit_req_status 412;出现412界面 #加上
location / {
root /usr/share/nginx/html/bbs;
index index.html index.htm;
}
location /tatus {
stub_status on;
}
}
记得hosts解析
压测
[root@web01 /etc/nginx/conf.d]# ab -n 50 -c 20 http://bbs.oldmeng.com/index.html
基于优先级限制
1.Location语法示例
location [=|^~|~|~*|!~|!~*|/] /uri/ { ...
}
匹配符 匹配规则 优先级
= 精确匹配 1
^~ 以某个字符串开头 2
~ 区分大小写的正则匹配 3
~* 不区分大小写的正则匹配 4
!~ 区分大小写不匹配的正则 5
!~* 不区分大小写不匹配的正则 6
/ 通用匹配,任何请求都会匹配到 7