: This article mainly introduces the basic usage of nginx (start, close, and domain name ing access). If you are interested in PHP tutorials, refer to it. These days, the company's website has used nginx + tomcat to work collaboratively, and some of the content has been backed up for later work.
1. stop nginx: the stop operation is performed by sending a signal to the nginx process.
Step 1: query the nginx master process number
Ps-ef | grep nginx
Find the master process in the process List. its number is the master process number.
Step 2: send signals
Stop Nginx with ease:
Kill-QUIT master process number
Stop Nginx quickly:
Kill-TERM Master process number
Force stop Nginx:
Pkill-9 nginx
In addition, if the pid file storage path is configured in nginx. conf, the file stores the Nginx main process number. If no pid file is specified, the file is placed in the nginx logs directory. With the pid file, we do not need to first query the main process Number of Nginx, but directly send a signal to Nginx. the command is as follows:
Kill-signal type '/usr/nginx/logs/nginx. pid'
Smooth restart
If you change the configuration, restart Nginx. do you need to disable Nginx before enabling Nginx? No. you can send a signal to Nginx to restart Nginx smoothly.
Smooth restart command:
Kill-HUP enters the title or process number file path
Or use
/Usr/sbin/nginx-s reload
Note: after modifying the configuration file, it is best to check whether the modified configuration file is correct to avoid Nginx errors after restart, which may affect the stable running of the server. The command to determine whether the Nginx configuration is correct is as follows:
Nginx-t-c/usr/nginx. conf
Or
/Usr/sbin/nginx-t
2. start nginx
Start command:/usr/sbin/nginx-c/usr/nginx. conf
-C. specify the path of the configuration file.
3. nginx domain name access configuration
The configuration file for domain name A: www.a.com is as follows: (example)
server { listen 80; server_name *.a.com; location / { proxy_pass http://localhost:8080/projectA/; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; }}I actually do:
Upstream tomcat_web {server localhost: 8080 weight = 10;} server {listen 80 default_server; listen [:]: 80 default_server; server_name www.XXXXXX.net; # index. jsp # root/home/microlink/app/site; # Load configuration files for the default server block. include/etc/nginx/default. d /*. conf; location/{# root directory of jsp website Programs. generally, nginx and tomcat are in the same directory as root/home/xxx/site; index index.html index. jsp index.htm L;} location ~ . *\. Jsp $ {proxy_connect_timeout 3; proxy_send_timeout 30; limit 30; proxy_pass http: // localhost: 8080; proxy_set_header Host $ host; proxy_set_header X-Real-IP $ remote_addr; proxy_set_header X-Forwarded-For $ proxy_add_x_forwarded_for ;}
4. firewall enabling, disabling, and Status query
- View the firewall status.
Systemctl status firewalld
- View firewall status
Chkconfig iptables -- list
- Temporarily disable the firewall command. After the computer is restarted, the firewall automatically starts up.
Systemctl stop firewalld
- Permanently disable firewall commands. The firewall will not start automatically after it is restarted.
Systemctl disable firewalld
- Open the firewall command.
Systemctl enable firewalld
- (1) it takes effect permanently after restart:
- Enable: chkconfig iptables on
Close: chkconfig iptables off
(2) it takes effect immediately and becomes invalid after restart:
Enable: service iptables start
Disable: service iptables stop
You can use the preceding command to enable or disable other services in Linux.
When the firewall is enabled, make the following settings to enable the relevant ports,
Modify the/etc/sysconfig/iptables file and add the following content:
-A RH-Firewall-1-INPUT-m state -- state NEW-m tcp-p tcp -- dport 80-j ACCEPT
-A RH-Firewall-1-INPUT-m state -- state NEW-m tcp-p tcp -- dport 22-j ACCEPT
Or:
/Etc/init. d/iptables status will get a series of information, indicating that the firewall is on.
/Etc/rc. d/init. d/iptables stop disable firewall
Finally:
Enter setup under the root user to enter a graphical interface, select Firewall configuration, enter the next interface, select Security Level as Disabled, and save. Restart.
========================================================== ====================
Under fedora
/Etc/init. d/iptables stop
========================================================== ====================
Under ubuntu:
UBUNTU has no related direct commands.
Use the following command
Iptables-P INPUT ACCEPT
Iptables-P OUTPUT ACCEPT
Temporarily open all ports
No command to disable iptables on Ubuntu
========================================================== ====================
Iptables is a powerful firewall in linux. without considering the efficiency, it is powerful enough to replace most hardware firewalls. However, if the powerful firewall is improperly used, it may block not only the potential attacks, but also you. The harm brought by this may not matter to ordinary personal PCs, but imagine that if this is a server, once this happens, it is not just a normal cinema service, we still need to go to the site for recovery. How much will this cause to you?
So I want to say that you should be very careful when you type every command related to iptables.
1. when applying each rule to the DROP target, you must carefully check the rule. before applying the rule, consider the impact it has on you.
2. in redhat, we can use service iptables stop to disable the firewall, but in some versions, such as ubuntu, this command does not work, you may find many articles on the Internet that tell you to use the iptables-F command to close the firewall, but before using this command, remember to use iptables-L to check the default targets of all links in your system. The iptables-F command only clears all rules, but does not actually close iptables. imagine that if the default target of your chain is DROP, you have rules to allow specific ports, but once iptables-L is applied, after all rules are cleared, the default target will block any access, including remote ssh server management.
So the recommended command to disable the firewall is
Iptables-P INPUT ACCEPT
Iptables-P FORWARD ACCEPT
Iptables-P OUTPUT ACCEPT
Iptables-F
In short, when you want to make any changes on your server, it is best to have a test environment that has been fully tested and then applied to your server. In addition, to make good use of iptables, you must understand the running principle of iptables and know how iptables processes each data packet. In this way, rules can be accurately written to avoid unnecessary troubles.
Reference link:
<1> http://bbs.51cto.com/thread-1095321-1-1.html
<2> http://blog.csdn.net/kobejayandy/article/details/20867351
<3> http://www.cnblogs.com/freespider/p/4684586.html
<4> http://blog.csdn.net/tongzidane/article/details/42291857 (nginx installation, configuration, etc)
The above describes the basic use of nginx (start, close, and domain name ing access), including the content, hope to be helpful to friends who are interested in PHP tutorials.
