Use of common nginx modules

Install nginx in Linux source code

First install the development tools: "development tools", "server platform development", and "additional development"

1. Yum -- disablerepo = -- enablerepo = c6-media install PCRE-devel OpenSSL-devel-y

2. groupadd-r nginx

3. useradd-r-g nginx create account and group

4. libevent-2.0.16-stable.tar.gz-C/usr/local/src/tar-zxvf/

5. nginx-1.6.0.tar.gz-C/usr/local/src/tar-zxvf/

6. CD/usr/local/src

7. CD libevent-2.0.16-stable/

8 ../configure -- prefix =/usr/local/libevent

9. Make & make install

10. Vim/etc/lD. So. conf. d/libevent. conf indicates the path of the library file.

650) This. width = 650; "src =" http://s3.51cto.com/wyfs02/M01/4D/3F/wKioL1ROPhORGSf_AABTDOX93_E085.jpg "Title =" 1.png" alt = "wkiol1rophorgsf_aabtdox93_e085.jpg"/>

11. ldconfig refresh

12. ldconfig-PV | grep libevent

13. CD/usr/local/src/nginx-1.6.0/

14. Compile (install required modules)

. /Configure -- conf-Path =/etc/nginx. conf -- error-log-Path =/var/log/nginx/error. log -- http-log-Path =/var/log/nginx/access. log -- PID-Path =/var/run/nginx. PID -- lock-Path =/var/lock/nginx. lock -- user = nginx -- group = nginx -- with-http_ssl_module -- with-http_flv_module -- with-http_stub_status_module -- with-http_gzip_static_module -- http-client-body-temp-Path =/var/tmp/nginx/client/-- http- proxy-temp-Path =/var/tmp/nginx/Proxy/-- http-FastCGI-temp-Path =/var/tmp/nginx/fcgi/-- With-PCRE

-- Add-module =/usr/local/src/healthcheck_nginx_upstreams-master

15. Make & make install

16. mkdir-PV/var/tmp/nginx/client/

17. Write the path in VIM/etc/profile.

650) This. width = 650; "src =" http://s3.51cto.com/wyfs02/M01/4D/3E/wKiom1ROPdDx38fmAADbbjdffL0559.jpg "Title =" 2.png" alt = "wkiom1ropddx38fmaadbbjdffl0559.jpg"/>

18. Service iptables stop

19. setenforce 0

20. pkill-9 nginx

21. netstat-tupln | grep 80

22. nginx

23. Vim/etc/init. d/nginxd write a STARTUP script

 

Open a browser to access the Web page. The following default web page appears.

650) This. width = 650; "src =" http://s3.51cto.com/wyfs02/M00/4D/3F/wKioL1ROPjbAWzyEAAHmUc4hFeA992.jpg "Title =" 3.png" alt = "wkiol1ropjbawzyeaahmuc4hfea992.jpg"/>

Access Module: Source Control

1. Vim/etc/nginx. conf add content to the Sever site

650) This. width = 650; "src =" http://s3.51cto.com/wyfs02/M00/4D/3E/wKiom1ROPfWhgamNAABYax7I8qM100.jpg "Title =" 4.png" alt = "wkiom1ropfwhgamnaabyax7i8qm100.jpg"/>

Service nginx restart

Allow access from 192.168.88.10 to prevent access from other IP addresses in the CIDR block.

Open a PC and set the address to 192.168.88.10 for access.

650) This. width = 650; "src =" http://s3.51cto.com/wyfs02/M02/4D/3F/wKioL1ROPmyjC0_SAAHBXPIWrm8276.jpg "Title =" 5.png" alt = "wkiol1ropmyjc0_saahbxpiwrm8276.jpg"/>

Modify the address to another address in the 192.168.88.0 CIDR Block for access.

650) This. width = 650; "src =" http://s3.51cto.com/wyfs02/M00/4D/3F/wKioL1ROPofxW_kyAADKnj5ZVCk660.jpg "Title =" 6.png" alt = "wkiol1ropofxw_kyaadknj5zvck660.jpg"/>

Implemented source control!

Auth module: Authentication

Because httpd-tools has the htpasswd tool, install httpd-tools first.

1. Vim/etc/nginx. conf add content to the Sever site

650) This. width = 650; "src =" http://s3.51cto.com/wyfs02/M00/4D/3E/wKiom1ROPmuQHAuyAADUWuDd6sM088.jpg "Title =" 7.png" alt = "wkiom1ropmuqhauyaaduwudd6sm088.jpg"/>

2. Create an account in htpasswd-C/etc/nginx/. htpasswd zhangsan and enter the password.

3. Restart service nginxd restart

Open a browser to test

650) This. width = 650; "src =" http://s3.51cto.com/wyfs02/M01/4D/3F/wKioL1ROPtjRz8r0AAH7Rh5MYjs668.jpg "Title =" 8.png" alt = "wkiol1roptjrz8r0aah7rh5myjs668.jpg"/>

 

Authentication is implemented!

SSL module: secure encryption

1. CD/etc/pki/tls/

2. Vim OpenSSL. COF

Change files and issue certificates to other organizations

650) This. width = 650; "src =" http://s3.51cto.com/wyfs02/M02/4D/3F/wKioL1ROPvKiowlTAAENxYuPFgI396.jpg "Title =" 9.png" alt = "wkiol1ropvkiowltaaenxyupfgi396.jpg"/>

Change Default Value

650) This. width = 650; "src =" http://s3.51cto.com/wyfs02/M02/4D/3F/wKioL1ROPwXTHT7NAAEvgXDZNiM195.jpg "Title =" 10.png" alt = "wkiol1ropwxtht7naaevgxdznim195.jpg"/>

3. Echo "01"> serial number of the serial record

4. OpenSSL genrsa 1024> ../CA/private/cakey. pem generate a private key

5. CD/etc/pki/CA/

6. chmod 600 private/cakey. pem Change permissions

7. CD/etc/nginx/certs/

8. OpenSSL ca-In nginx. req-out nginx. Cert generates certificates for itself

9. mkdir/etc/nginx/certs create directory to store certificates

10. CD/etc/nginx/certs/

11. OpenSSL genrsa 1024> nginx. Key generates the Private Key

12. chmod 600 nginx. Key

13. OpenSSL req-New-key nginx. Key-out nginx. req

14. OpenSSL ca-In nginx. req-out nginx. Cert

15. Vim/etc/nginx. conf open port 443 and encrypt access

650) This. width = 650; "src =" http://s3.51cto.com/wyfs02/M00/4D/3F/wKioL1ROP0LgslrKAAFUfaQC-5g484.jpg "Title =" 11.png" alt = "wKioL1ROP0LgslrKAAFUfaQC-5g484.jpg"/>

Open a browser to access https: // 192.168.88.100

650) This. width = 650; "src =" http://s3.51cto.com/wyfs02/M00/4D/3E/wKiom1ROPwGA3iR7AAF6F7qOtE4996.jpg "Title =" 12.png" alt = "wkiom1ropwga3ir7aaf6f7qote4996.jpg"/>

Show certificate chain

16. CD/etc/nginx/certs

17. CP/etc/pki/CA/cacert. pem ./

18. CP nginx. cert./nginx. cert. Bak

19. Cat nginx. cert. Bak cacert. pem> nginx. Cert

View the following files

650) This. width = 650; "src =" http://s3.51cto.com/wyfs02/M01/4D/3F/wKioL1ROP26SIMfBAAEfuJErLTc355.jpg "Title =" 13.png" alt = "wkiol1rop26simfbaaefujerltc355.jpg"/>

Open the browser to access https: // 192.168.88.100, and then click View Certificate

650) This. width = 650; "src =" http://s3.51cto.com/wyfs02/M01/4D/3E/wKiom1ROP1OgNzLLAAEmdwU9kb0463.jpg "style =" float: none; "Title =" 14.png" alt = "wkiom1rop1ognzllaaemdwu9kb0463.jpg"/>

650) This. width = 650; "src =" http://s3.51cto.com/wyfs02/M02/4D/3F/wKioL1ROP6jjm30yAACnLnKT2WE448.jpg "style =" float: none; "Title =" 15.png" alt = "wkiol1rop6jjm30yaacnlt2we448.jpg"/>

Certificate path to view the certificate chain

Rewrite module: Redirection

1. Vim/etc/nginx. conf add content to the Sever site

All redirected to http://www.sina.com.cn when accessing the main site

650) This. width = 650; "src =" http://s3.51cto.com/wyfs02/M02/4D/3E/wKiom1ROP3Dj6iZiAAB4OWTlmzI679.jpg "Title =" 16.png" alt = "wkiom1rop3dj6iziaab4owtlmzi679.jpg"/>

Open a browser to access http: // 192.168.88.100/automatically jump to Sina

650) This. width = 650; "src =" http://s3.51cto.com/wyfs02/M00/4D/3F/wKioL1ROP9LDMp5eAAHxcwWKP8E997.jpg "Title =" 17.png" alt = "wkiol1rop9ldmp5eaahxcwwkp8e997.jpg"/>

Redirection completed

Proxy module: reverse proxy

Open a server with the address 192.168.88.10 and access it. The content is as follows:

650) This. width = 650; "src =" http://s3.51cto.com/wyfs02/M00/4D/3E/wKiom1ROP56zLYhPAAFQopcF2Jg666.jpg "Title =" 18.png" alt = "wkiom1rop56zlyhpaafqopcf2jg666.jpg"/>

In addition, open the nginx server at 192.168.88.100:

1. Vim/etc/nginx. conf add content to the Sever site

When you access the main site, reverse proxy to 192.168.88.10 server.

650) This. width = 650; "src =" http://s3.51cto.com/wyfs02/M01/4D/3F/wKioL1ROQAiAkKWKAAC6I9ffv8M975.jpg "Title =" 19.png" alt = "wkiol1roqaiakkwkaac6i9ffv8m975.jpg"/>

Service nginxd restart

Open the browser to access http: // 192.168.88.100/PIC, proxy to 192.168.88.10

650) This. width = 650; "src =" http://s3.51cto.com/wyfs02/M01/4D/3E/wKiom1ROP8ygDpwEAAEFVavDQp8420.jpg "Title =" Maid alt = "wkiom1rop8ygdpweaaefvavdqp8420.jpg"/>

Add cache for reverse proxy

1. Edit Vim/etc/nginx. conf as follows:

650) This. width = 650; "src =" http://s3.51cto.com/wyfs02/M02/4D/3E/wKiom1ROP-DzuOC9AAJf8Mo75Lc662.jpg "Title =" 21.png" alt = "wKiom1ROP-DzuOC9AAJf8Mo75Lc662.jpg"/>

Restart nginxd and the cache directory does not contain any files.

650) This. width = 650; "src =" http://s3.51cto.com/wyfs02/M00/4D/3F/wKioL1ROQEmA2DVoAADGty_VVII483.jpg "Title =" 22.png" alt = "wkiol1roqema2dvoaadgty_vvii483.jpg"/>

Open a browser to access http: // 192.168.88.100/PIC

650) This. width = 650; "src =" http://s3.51cto.com/wyfs02/M00/4D/3E/wKiom1ROQAyjGYjoAAEGqSRQ_c8964.jpg "Title =" 23.png" alt = "wkiom1roqayjgyjoaaegqsrq_c8964.jpg"/>

View the cache directory to generate the cache.

650) This. width = 650; "src =" http://s3.51cto.com/wyfs02/M01/4D/3E/wKiom1ROQGCyQDVJAAESq7n6V4E600.jpg "Title =" 24.png" alt = "wkiom1roqgcyqdvjaaesq7n6v4e600.jpg"/>

This article is from the "Wang chaofeng 51cto blog" blog, please be sure to keep this source http://wangcf1009.blog.51cto.com/8589325/1568757

Use of common nginx modules