Linux CentOS VMware nginx anti-theft chain, nginx access control, Nginx parsing PHP-related configuration, Nginx Proxy

First, nginx anti-theft chain

The configuration is as follows and can be combined with the above configuration.

Location ~* ^.+\. (Gif|jpg|png|swf|flv|rar|zip|doc|pdf|gz|bz2|jpeg|bmp|xls) $

{

Expires 7d;

Valid_referers none blocked Server_names *.test.com;

if ($invalid _referer)

{

return 403;

}

Access_log off;

}

Second, Nginx access control

Requirements: Access to the/admin/directory request, only a few IP access is allowed, configured as follows:

location/admin/

{

Allow 192.168.1.1101;

Allow 127.0.0.1;

Deny all;

}

mkdir/data/wwwroot/test.com/davery/

echo "Test,test" >/data/wwwroot/test.com/davery/1.html

-T &&-S reload

Curl-x127.0.0.1:80 Test.com/davery/1.html-i

Curl-x192.168.133.130:80 Test.com/davery/1.html-i

can match the regular

Location ~. * (abc|image)/.*\.php$

{

Deny all;

}

Restrictions according to User_agent

if ($http _user_agent ~ ' spider/3.0| Youdaobot| Tomato ')

{

return 403;

}

Deny all is the same as the return 403 effect

Three, Nginx parsing PHP related configuration

The configuration is as follows:

Vim/usr/local/nginx/conf/vhost/test.com.conf

Location ~ \.php$

{

Include Fastcgi_params;

Fastcgi_pass Unix:/tmp/php-fcgi.sock;

Fastcgi_index index.php;

Fastcgi_param Script_filename/data/wwwroot/test.com$fastcgi_script_name;

}

Fastcgi_pass used to specify the address or socket of the PHP-FPM listener

[Email protected] ~]# vi/data/wwwroot/test.com/3,php

Four, nginx agent

Cd/usr/local/nginx/conf/vhost

Vim proxy.conf//Add the following:

Server

{

Listen 80;

server_name ask.apelearn.com;

Location/

{

Proxy_pass http://121.201.9.155/;

Proxy_set_header Host $host;

Proxy_set_header X-real-ip $remote _addr;

Proxy_set_header x-forwarded-for $proxy _add_x_forwarded_for;

}

}

Linux CentOS VMware nginx anti-theft chain, nginx access control, Nginx parsing PHP-related configuration, Nginx Proxy