005.nginx configuration file

1. Replace the Nginx master configuration file

With the previous configuration, the LNMP environment has been built, and now we replace the Nginx configuration file:

[Email protected] ~]# cd/usr/local/nginx/conf/
[Email protected] conf]# > nginx.conf
[Email protected] conf]# vim nginx.conf

Post-write nginx.conf:

#define the user and user group that Nginx runs, must have this user in the system, can be Nologinuser nobody nobody;#start the process, usually set to equal to the number of CPUs (set to "Auto" will try to automatically detect it)Worker_processes 2;#Global error log [Debug | info | notice | warn |error | crit]error_log/usr/local/nginx/logs/Nginx_error.log Crit;#process PID Filepid/usr/local/nginx/logs/Nginx.pid;#the maximum number of file descriptors opened by an nginx process, the theoretical value should be the maximum number of open files (System value ulimit-n) and the number of nginx processes, but the Nginx allocation request is not uniform, so the recommendation is consistent with the value of ulimit-n. Worker_rlimit_nofile 1024;###Maximum number of operating modes and connectionsevents{#Epoll is a way of multiplexing Io (I/O multiplexing), but only for linux2.6 above the kernel, can greatly improve the performance of Nginx (if running on FreeBSD, using Kqueue model)Use epoll; #Maximum number of concurrent links for a single background worker processes process (maximum connections = number of connections * processes)Worker_connections 1024; }###set up an HTTP server to provide load balancing support with its reverse proxy functionhttp{#set MIME type, type defined by Mime.type fileinclude mime.types; #Default File TypeDefault_type application/octet-stream; #default Encoding    #CharSet Utf-8;    #hash table size of server nameServer_names_hash_bucket_size 3526; Server_names_hash_max_size4096; #Log_format used to set the log formatLog_format huh '$remote _addr $http _x_forwarded_for[$time _local] ""$host "$request _uri" $status"'"$http _referer" "$http _user_agent"'; #the sendfile directive specifies whether Nginx calls the Sendfile function (zero copy mode) to output the file, for normal applications,    #Must be set to on , if used for downloading applications such as disk IO heavy load applications, can be configured to off, to balance disk and network I/O processing speed, reduce the system uptime.sendfile on; #Prevent network congestionTcp_nopush on; #Connection time-out (in seconds)Keepalive_timeout 30; #Request Header time-outclient_header_timeout 3m; #time-out of the request bodyclient_body_timeout 3m; #The response time-out for the client, which is not used for the entire forwarder, but between two client read operations. If, during this time, the client does not read any data, Nginx closes the connection. send_timeout 3m; Connection_pool_size256; #upload file size limitClient_header_buffer_size 1k; #set the request cacheLarge_client_header_buffers 84k;    Request_pool_size 4k; Output_buffers432k; Postpone_output1460;    Client_max_body_size 10m;    Client_body_buffer_size 256k; #directive specifies the temporary file path to which the connection request entity attempts to writeclient_body_temp_path/usr/local/nginx/client_body_temp; Proxy_temp_path/usr/local/nginx/proxy_temp; Fastcgi_temp_path/usr/local/nginx/fastcgi_temp;    Fastcgi_intercept_errors on;        Tcp_nodelay on; #turn on gzip compressiongzip on; #Minimum compressed file sizeGzip_min_length 1k; #Compression BuffersGzip_buffers 48k; #compression LevelGzip_comp_level 5; #compressed version (default 1.1, front End If squid2.5 please use 1.0)Gzip_http_version 1.1; #compression type, the default already contains text/html, so the following will not have to write, write up will not have a problem, but there will be a warn. Gzip_types text/plain application/x-javascript text/css text/htm application/XML; #contains other configuration files, such as custom virtual hostsInclude vhosts/*. conf;}

2. Add Nginx Virtual Host configuration file

We create the Vhosts folder:

[Email protected] conf]# mkdir vhosts

[Email protected] conf]# CD vhosts

Write to the default virtual host configuration file :

[Email protected] vhosts]# vim default.conf

Write content:

 #   default virtual host configuration file   #   same listening 80 ports  Listen default  ;  #   definition use localhost to access   server_name localhost;      #    #   The root directory that the domain name can access, (we can add access to the directory, Make it inaccessible to everyone!    )  root/tmp/1233;  #   Disable all IP access! (That is, no one can access the default virtual host profile to access this site)   Deny all;}  

3. Write to the virtual host configuration file test.conf:

[Email protected] vhosts]# vim test.conf

Write content:

#Virtual Host configuration fileserver{#Listening PortListen 80; #define access using www.xxx.comserver_name www.test.com www.aaa.com www.bbb.com; #set the Access log for this virtual host (huh is the log format, defined in the Nginx master configuration file)access_log/tmp/Access.log huh; #IP access control, prohibit certain IP access to websites    #deny 10.0.0.83;       if($http _user_agent~ ' curl|baidu|111111') {                 return403; }    #nginx Domain Jump, (permanent represents permanent redirect, return HTTP status 301)    if($host!=' www.test.com ') {Rewrite ^/(. *) $ http://www.test.com/ $permanent;    } index index.html index.htm index.php; #the root directory that the domain name can accessroot/data/www; #Add a user authentication module to the specified directoryLocation ~. *admin\.php$ {        #The IP allowed to access the directoryAllow 10.0.0.83; allow127.0.0.1; #prohibit other IP access to this directorydeny all; #Certification TipsAuth_basic"huh ' s auth"; #"Save user's password files" required for authenticationauth_basic_user_file/usr/local/nginx/conf/. htpasswd; #The following sections are required to parse PHP        #include the Fastcgi_params configuration file ininclude Fastcgi_params; #Fastcgi_pass Set the way to connect PHP, (the PHP process uses the way to listen, here also set the way to connect,)Fastcgi_pass unix:/tmp/Www.sock; #Fastcgi_pass 127.0.0.1:9000;Fastcgi_index index.php; #The path to the script file request, where $fastcgi_script_name is the name of the request script. Fastcgi_param script_filename/data/www$fastcgi _script_name; }    #setting does not record the specified file type logLocation ~. *\. (GIF|JPG|JPEG|PNG|BMP|SWF|MP3|MP4|AVI|FLV|RAR|ZIP|GZ|BZ2) $    {        #files that match this matching rule are not loggedAccess_log off; #set the static file expiration timeexpires 15d; #Configure the anti-theft chain, where invalid_referer is the negative form of valid_referersValid_referers None blocked *.test.com *.aaa.com *. aminglinux.com; if($invalid _referer)                 {                         return403; }       }        #setting does not record the specified file type logLocation ~ (static|cache)        {Access_log off;    Expires 2h; }        #Set parsing PHPLocation ~ \.php${include fastcgi_params; Fastcgi_pass Unix:/tmp/Www.sock; #Fastcgi_pass 127.0.0.1:9000;Fastcgi_index index.php; Fastcgi_param Script_filename/data/www$fastcgi _script_name; }}

Note:

1./usr/local/nginx/conf/. htpasswd This encrypted file needs to be generated using the htpasswd tools inside Apache, So use this tool to install apache! first

If our Apache is installed in the/usr/local/apache2/directory, then:

[Email protected] vhosts]# CD. [Email protected] conf]#/usr/local/apache2/bin/htpasswd-c/usr/local/nginx/conf/.htpasswd huhnew password:re-type New password:adding password for user huh

Note: Use the-c parameter to create the file, if the file already exists, do not add-C

4. See if the configuration file is correct

[Email protected] vhosts]#/usr/local/nginx/sbin/nginx-tnginx:the configuration file/usr/local/nginx/conf/ nginx.conf syntax is oknginx:configuration file/usr/local/nginx/conf/nginx.conf test is successful[[email protected] vh osts]#/usr/local/nginx/sbin/nginx-s Reload

Visit Discuz:

Let's go to the host's Hosts file (not the virtual machine) to add a DNS:

[Email protected] ~]# vim/etc/hosts
The last line added statement (assuming that the current virtual machine's IP is 10.0.0.126):
10.0.0.126 www.test.com www.aaa.com www.bbb.com

Enter the domain name in the browser access: http://www.test.com

Access Success! The description of our configuration file is correct!

005.nginx configuration file