1替换模块

server{
sub_filter nginx 'ale';
sub_filter_once on;
location /{
root /usr/share/nginx/html;
index index.html index.htm
}
}

2.文件读取模块

sendfile     on|off
tcp_nopush     on|off #当包累计到一定大小后再发送
tcp_nodelay   on|off #当开启ack数据包立即发送除去

3.文件压缩

http{
ngx_http_gzip_module 模块名
gzip on;
gzip_http_version 1.1;
gzip_types text/plain application/javascript application/x-javascript text/css application/xml text/javascript application/x-httpd-php
image/jpeg image/gif image/png;
gzip static on;
}

4.页面缓存

vim /etc/nginx/nginx.conf
location /{
    root /usr/share/nginx/html;
    index index.html index.htm;
    expires 24h;
}

5.防盗链

location ~*\.(gif|jpg|png|bmp)${
    root /a.com;
    index index.html index.htm;
    valid_referers none blocked *.a.com server_names ~tianyun ~\.google\. ~.baidu\.;
  if($invalid_referers){
   return
403;
  #rewrite.*http//a.com/403.jpg;
}

6.访问限制

ngx_http_limit_req_module
ngx_http_limit_conn_module #通过IP地址 限制链接tcp
http{
limit_req_zone $binary_remote_addr zone=req_zone:10m rate=1r/s;
限制请求 二进制地址,限制策略的名称,占用10m空间,允许每秒1次请求
limit_conn_zone $binary_remote_addr zone=conn_zone:10m;
server{
location/{
limit_req zone=req_zone;
limit_conn conn_zone 1;
引用 限制策略的名称
} } }

7.ip访问控制

ngx_http_access_module
Syntax:allow address |CICD|unix|all;
Context:http,server,location,limit_except
deny all

8.用户访问控制

基于用户(username&password)
module:ngx_http_auth_basic_module
方法一:
Syntax: auth_basic string|off
context:http,server,location,limit_except
方法二:
Syntax: auth_basic_user_file file;
Context: http,server,location,limit_except
创建密码文件
htpasswd -cm /etc/nginx/conf.d/passwd user10 会话密码
htpasswd -m /etc/nginx/conf.d/passwd user10
配置:server{
  auth_basic"nginx access test";
  auth_basic_user_file /etc/nginx/conf.d/passwd

 

9.随机主页模块

server{
  root /app;
  randow_index on; 
}

 

10.HTTP协议解析

11.测试工具

yum install -y httpd-tools
ab -n 100 -c 10 http://服务器IP地址/