溫馨提示×
您好,登錄后才能下訂單哦!
點擊 登錄注冊 即表示同意《億速云用戶服務條款》
您好,登錄后才能下訂單哦!
博文結構
Nginx介紹
Nginx的核心特點
Nginx平滑升級
修改Nginx版本信息
Nginx虛擬主機配置
nginx配置文件location選項的作用
配置https訪問nginx
開啟Nginx訪問認證
Nginx是一款輕量級的網頁服務器、反向代理服務器以及電子郵件代理服務器。因它的穩定性、豐富的功能集、實例配置文件和低系統資源消耗而聞名。
Nginx已經在俄羅斯最大的門戶網站上運行,同時俄羅斯有超過20%的虛擬主機平臺采用Nginx作為反向代理服務器;在國內,Nginx已經運行在淘寶、新浪、網易等多家網站使用Nginx作為Web服務器或反向代理服務器。
(1)跨平臺:Nginx 可以在大多數 OS 編譯運行,而且也有 Windows 的版本
(2)配置異常簡單:非常容易上手
(3)非阻塞、高并發連接:官方測試能夠支撐 5 萬并發連接,在實際生產環境中跑到 2~3 萬并發連接數。(這得益于 Nginx 使用了最新的 epoll 模型)
(4)事件驅動:采用 epoll 模型,支持更大的并發連接
(5)Master/Worker 結構:一個 master 進程,生成一個或多個 worker 進程
(6)內存消耗小:處理大并發的請求內存消耗非常小。在 3 萬并發連接下,開啟的 10 個 Nginx 進程才消耗 150M 內存(15Mx10=150M)
(7)內置的健康檢查功能:如果 Nginx 代理的后端的某臺 Web 服務器宕機了,不會影響 前端訪問。
(8)節省帶寬:支持 GZIP 壓縮,可以添加瀏覽器本地緩存的 Header 頭。 (9)穩定性高:用于反向代理,宕機的概率微乎其微下載軟件包
[root@localhost ~]# yum -y install pcre-devel openssl-devel
[root@localhost ~]# tar zxf nginx-1.14.0.tar.gz
[root@localhost ~]# tar zxf nginx-1.2.4.tar.gz
[root@localhost nginx-1.14.0]# ./configure --prefix=/usr/local/nginx --with-http_ssl_module && make && make install
[root@localhost nginx-1.14.0]# ln -s /usr/local/nginx/sbin/nginx /usr/local/sbin/
[root@localhost nginx-1.14.0]# nginx
[root@localhost nginx-1.14.0]# useradd nginx -s /sbin/nologin -M
[root@localhost nginx-1.2.4]# cd nginx-1.2.4/
[root@localhost nginx-1.2.4]# ./configure --prefix=/usr/local/nginx --with-http_ssl_module && make
[root@localhost nginx-1.2.4]# mv /usr/local/nginx/sbin/nginx /usr/local/nginx/sbin/nginx.old
[root@localhost nginx-1.2.4]# cp objs/nginx /usr/local/nginx/sbin/
[root@localhost nginx-1.2.4]# netstat -anpt | grep nginx
tcp 0 0 0.0.0.0:80 0.0.0.0: LISTEN 17739/nginx: master
[root@localhost nginx-1.2.4]# kill -USR2 17739
[root@localhost nginx-1.2.4]# nginx -s reload
[root@localhost ~]# kill -QUIT 17739
////平滑的關閉舊版的nginx進程
[root@localhost nginx-1.2.4]# nginx -V \\查看版本
nginx version: nginx/1.2.4
built by gcc 4.8.5 20150623 (Red Hat 4.8.5-11) (GCC)
TLS SNI support enabled
configure arguments: --prefix=/usr/local/nginx --with-http_ssl_moduleQUIT 平滑關閉
HUP 平滑重啟,重新加載配置文件
USR1 重新打開日志文件
USR2 平滑升級可執行程序
WINCH 平滑關閉工作進程[root@localhost ~]# vim /usr/src/nginx-1.2.4/src/core//nginx.h
……………… //省略部分內容
#define nginx_version 1002004
#define NGINX_VERSION "8.8.8.8" //根據實際情況修改為自己想要的信息
#define NGINX_VER "xws/" NGINX_VERSION //同上,注意修改完的lzj
[root@localhost ~]# vim /usr/src/nginx-1.2.4/src/http/ngx_http_header_filter_module.c
……………… //省略部分內容
static char ngx_http_server_string[] = "Server: xws" CRLF; //與上一個文件中修改的名稱一樣(lzj)
static char ngx_http_server_full_string[] = "Server: " NGINX_VER CRLF;
[root@localhost ~]# vim /usr/src/nginx-1.2.4/src/http/ngx_http_special_response.c
……………… //省略部分內容
static u_char ngx_http_error_tail[] =
"<hr><center>xws</center>" CRLF //注意與上兩個文件中修改的lzj要一致
"</body>" CRLF
"</html>" CRLF
;
[root@localhost ~]# cd /usr/src/nginx-1.2.4/
[root@localhost nginx-1.2.4]# ./configure --prefix=/usr/local/nginx --with-http_ssl_module && make
[root@localhost ~]# mv /usr/local/nginx/sbin/nginx /usr/local/nginx/sbin/nginx.bak
[root@localhost ~]# cp /usr/src/nginx-1.2.4/objs/nginx /usr/local/nginx/sbin/
[root@localhost ~]# nginx -s stop //停止nginx服務
[root@localhost ~]# nginx //開啟nginx服務
[root@localhost ~]# curl -I 127.0.0.1
HTTP/1.1 200 OK
Server: xws/8.8.8.8 //查看版本信息
Date: Sat, 30 Nov 2019 15:06:32 GMT
Content-Type: text/html
Content-Length: 612
Last-Modified: Sat, 30 Nov 2019 14:42:09 GMT
Connection: keep-alive
Accept-Ranges: bytes[root@localhost ~]# vim /usr/local/nginx/conf/nginx.conf \\在http中加入以下
http {
include mime.types;
default_type application/octet-stream;
server { \\從這里開始加
listen 80;
server_name www.accp.com;
location / {
root /accp;
index index.html index.htm;
}
}
server {
listen 80;
server_name www.bdqn.com;
location / {
root /bdqn;
index index.html index.htm;
}
}
[root@localhost ~]# mkdir /bdqn
[root@localhost ~]# mkdir /accp
[root@localhost ~]# vim /bdqn/index.html
www.bdqn.com
[root@localhost ~]# vim /accp/index.html
www.accp.com
[root@localhost ~]# nginx -s reload
[root@localhost ~]# vim /etc/hosts
192.168.148.130 www.bdqn.com
192.168.148.130 www.accp.com
[root@localhost ~]# curl www.bdqn.com
www.dbqn.com
[root@localhost ~]# curl www.accp.com
www.accp.comroot:實際訪問的文件會被拼接URL的路徑
alias:實際訪問的文件路徑不會拼接URL的路徑[root@localhost /]# vim /usr/local/nginx/conf/nginx.conf
location ^~ /www {
root /var/www/html;
//當訪問192.168.148.130/www/時,尋找/var/www/html下的www目錄下的文件
index index.html index.htm;
}
[root@localhost /]# mkdir -p /var/www/html/www/
[root@localhost /]# vim /var/www/html/www/index.html
www
[root@localhost /]# nginx -s reload訪問如下:
[root@localhost /]# vim /usr/local/nginx/conf/nginx.conf
location ^~ /test {
alias /var/www/html;
\\尋找/var/www/html下的網頁文件
index index.html index.htm;
}
[root@localhost /]# vim /var/www/html/index.html
test
[root@localhost /]# nginx -s reload訪問如下:
[root@localhost /]# vim /usr/local/nginx/conf/nginx.conf
location ~* \.(gif|jpg|jpeg|png|css|js|ico)$ {
root /webroot/res/;
\\當訪問以上內容結尾的頁面就會去找//webroot/res路徑下的文件
index index.html index.htm;
}
[root@localhost /]# mkdir /webroot/res -p
[root@localhost /]# mv u=3485698722\,1702346544\&fm\=26\&gp\=0.jpg /webroot/res/a.png
[root@localhost /]# ls /webroot/res
a.png
[root@localhost /]# nginx -s reload
[root@localhost /]# vim /usr/local/nginx/conf/nginx.conf
location ~* .(gif|jpg|jpeg|png|css|js|ico)$ {
\\這個加入上面的命令上面,要不容易報錯
rewrite .(gif|jpg) /error.png;
}
[root@localhost /]# mv xxx.jfif /usr/local/nginx/html/error.png
[root@localhost /]# ls /usr/local/nginx/html/
[root@localhost /]# nginx -s reload
開啟nginx的https功能,需要編譯是添加選項- -with-http_ ssl module
[root@localhost ca]# mkdir /usr/local/nginx/ca
[root@localhost ca]# cd /usr/local/nginx/ca/
[root@localhost ca]# openssl genrsa -out ca.key 4096
\\一下內容隨便填
Generating RSA private key, 4096 bit long modulus
......................................++
.......................++
e is 65537 (0x10001)
[root@localhost ca]# openssl req -new -x509 -days 7304 -key ca.key -out ca.crt
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:aa
State or Province Name (full name) []:cc
Locality Name (eg, city) [Default City]:vv
Organization Name (eg, company) [Default Company Ltd]:as
Organizational Unit Name (eg, section) []:df
Common Name (eg, your name or your server's hostname) []:ff
Email Address []:asd
[root@localhost ca]# ls
ca.crt ca.key
[root@localhost ca]# nginx -s stop
[root@localhost ca]# nginx
[root@localhost ca]# vim /usr/local/nginx/conf/nginx.conf
server { \\原來的server中添加如下:
listen 443 ssl;
server_name localhost;
ssl_certificate /usr/local/nginx/ca/ca.crt; \\證書存放的路徑
ssl_certificate_key /usr/local/nginx/ca/ca.key; \\密鑰存放路徑
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;
access_log /usr/local/nginx/logs/https-access.log;
nginx使用http2版本,需要nginx版本在1. 10以上,安裝時需要添加編譯選項--with-http v2 module
http2.0版本只能在https上使用,修改上- -步配置文件listen 443 ssl http2;
[root@localhost nginx-1.14.0]# cd nginx-1.14.0/
[root@localhost nginx-1.14.0]# ./configure --prefix=/usr/local/nginx --with-http_ssl_module --with-http_v2_module
[root@localhost nginx-1.14.0]# make
//開啟nginx認證頁面 需要使用htpasswd命令生成用戶信息
[root@localhost /]# yum -y install httpd-tools
[root@localhost ~]# htpasswd -c /usr/local/nginx/.passwd xws
New password:
Re-type new password:
Adding password for user xws
//用戶認證信息存放路徑是/usr/local/nginx/.passwd
//若要向.passwd中添加第二個用戶,需要省略“-c”選項,否則會覆蓋之前的所有用戶。
[root@localhost ~]# vim /usr/local/nginx/conf/nginx.conf
............... //省略部分內容
location / {
root html;
index index.html index.htm;
auth_basic "請輸入登錄賬號"; //添加提示語句
auth_basic_user_file /usr/local/nginx/.passwd; //認證信息存放路徑
}免責聲明:本站發布的內容(圖片、視頻和文字)以原創、轉載和分享為主,文章觀點不代表本網站立場,如果涉及侵權請聯系站長郵箱:is@yisu.com進行舉報,并提供相關證據,一經查實,將立刻刪除涉嫌侵權內容。
