Example of configuring server proxy Tengine in nginx

Tengine is an open-source software built on nginx. It adds a lot of feature, and you can use custom memory management. Whether it is a front-end proxy or a front-end cache, the effect is very cute.
Nginx and tengine are slightly different. Please refer to the official Wiki and Tengine.

# Select user nobody as needed; # It is recommended to set the number of CPU cores of the machine worker_processes 1; # The number of opened worker_rlimit_nofile51200 previously set when configuring the machine; # Record error logs error_log logs/error. log; # pid logs/nginx. pid ;## set the maximum number of connections and use epoll to improve efficiency events {worker_connections 1024; useepoll;} http {include mime. types; default_type application/octet-stream; # configure the log access_log logs/access. log; # limit_req_zone $ binary_remote_addr zone = one: 10 mrate = 1r/s; limit_req_log_level error; # support sendfile on; ## use sendfile tcp_nopush on; # Disable basic information server_info off; # set keepalive_timeout 50 based on your website; # enable gzip. It doesn't matter if IE6 is not considered here, disable GZIP gzip on; gzip_proxied any; gzip_clear_etag on according to UA; gzip_types text/plain application/x-javascript text/css application/xml text/javascript application/javascript; # loading site configuration include vhosts /*;}

Like apache, it simply blocks some access and adds and modifies it based on your own situation.

# Robots.txt does not record location =/robots.txt {access_log off; log_not_found off;} # favicon. ico does not record location =/favicon. ico {access_log off; log_not_found off;} # hide files without recording and prohibit access to location ~ /\. {Access_log off; log_not_found off; deny all ;}# nonexistent backup files are not recorded and access to location ~ is prohibited ~ * "Bbs \. zip" {access_log off; log_not_found off; deny all;} location ~ * "Wwwroot \. zip" {access_log off; log_not_found off; deny all;} location ~ *". *\. Asp $ |. *\. aspx $ |. *\. jsp $ |. *\. mdb |. *\. log "{access_log off; log_not_found off; deny all;} location ~ * "Ckeditor/" target = "_ blank"> fckeditor | ckfinder | ~ Root "{access_log off; log_not_found off; deny all ;}#~ The end file is not recorded and access to location is prohibited ~~ $ {Access_log off; log_not_found off; deny all ;}# set the cache of common files to 30 days location ~. * \. (Gif | jpg | jpeg | png | bmp | swf | js | css) $ {expires30d ;### some settings for blocking injection ## location ~ * "Union. * select. * \ (| union. * all. * select. * | concat. * \ ("{deny all ;}### some settings to prevent regular exploitation ## location ~ * "Proc/self/environ" {deny all ;}### some settings for blocking spam comments ## if ($ http_user_agent ~ "\ B (ultram | unicauca | valium | viagra | vicodin | xanax | exceptions | erections | hoodia | huronriveracres | impotence | levitra | libido | ambien | blue \ spill | cialis | cocaine ejaculation | erectile | lipitor | phentermin | pro [sz] ac | sandyauer | tramadol | troyhamby) \ B ") {return404 ;### block UA settings ## set $ block_user_agents0; # deny access without UA if ($ http_user_agent ~ "^ $") {Set $ block_user_agents1;} # reject wget and curlif ($ http_user_agent ~ "Wget | wget | curl | libwww-perl | httplib | WordPress | PycURL | POE: Component: Client | InetURL | Microsoft URL Control") {set $ block_user_agents1 ;} if ($ http_user_agent ~ "WebCopier | Offline Explorer | Sphider | mail") {set $ block_user_agents1;} if ($ http_user_agent ~ "Opera/9 \. 0 \ (Windows NT5 \. 1; U; en \) | Opera/6 \. 01 \ (Windows ME; U \) \ [en \] ") {set $ block_user_agents1;} if ($ http_user_agent ~ "Mozilla/3 \. 0") {set $ block_user_agents1;} if ($ http_user_agent ~ "DotBot | YandexBot | Superfeedr") {set $ block_user_agents1;} if ($ block_user_agents = 1) {return404 ;}

Processing of access by default IP address
 

### Default IP address # server {listen 80 default; server_name _; location/{# if (your condition) {return200 ;} # prohibit direct access to the IP address return444 ;}}

Simple configuration of access rules, used with fast-cgi programs such as hhvm, and omitted directory inversion.
Here, there is a difference between apache and nginx in details. apache rewrite-L is forced redirection. If nginx is to implement implicit 301, the proxy mode must be used.

# Soulteary.com www.111cn. netserver {listen80; server_name soulteary.com www.111cn.net; # if data separation is performed, remove it. # Client_max_body_size 10 m; access_log/yourpath/javaserror_log/yourpath/export server_name_in_redirect off; include nginx-security.conf; root/yourpath/export index. php index.html index.htm; location ~ /\. (Gif | jpg | png | css | js | ico | swf | svg) $ {expires max;} location/{try_files $ uri // index. php? Q = $ uri & $ args;} location ~ \. (Hh | php) $ {login on; fastcgi_pass 127.0.0.1: 9000; fastcgi_index index. php; fastcgi_param SCRIPT_FILENAME $ document_root $ fastcgi_script_name; include fastcgi_params ;}}

Set nginx as the node frontend forwarding.
Of course, if your node runs directly at the frontend, modify it as appropriate. You can directly retrieve the remoteAddress for the IP address and do not trust the forwarding.

Upstreamghost_soulteary_upstream {server127.0.0.1: 2378; keepalive64;} server {listen80; server_name www. soulteary. im soulteary. im; if_modified_since before; server_name_in_redirect off; include nginx-node-security.conf; location/{bytes; percent; proxy_pass http: // percent; proxy_ignore_headersX-Accel-Expires Expires Cache-Control; proxy_ignore_headers Set-Cookie; proxy_hide_header Set-Cookie; proxy_hide_headerX-powered-by; proxy_set_headerX-Real-IP $ remote_addr; proxy_set_headerX-Forwarded-For $ proxy_add_x_forwarded_for; proxy_set_header Host $ http_host; expires10m ;}}

If you only need a simple static site, you can use the following configuration:

# Www.111cn. netserver {listen80; server_name www.111cn.net; access_log/yourpath/assumerror_log/yourpath/commandid off; include nginx-security.conf; valid_referers none blocked server_names * inclusoulteary.com; if ($ response) {rewrite ^/"http://www.baidu.com/s? Wd = mom said don't leeching "last; return404;} root/yourpath/www.111cn.net/public; index index.html ;}

Next, write the settings for network/redis/hhvm/ghost.