1 About Nginx Module
Nginx uses different modules to achieve different functions, there are mainly 2 groups of important modules:
(1) Nginx core modules (required)
including Main, Events
(2) Standard HTTP modules (although not required, but will be installed by default, no changes recommended)
Typical include
Core, Access, FastCGI, Gzip, Log, Proxy, Rewrite, Upstream
2 NGINX directory structure
/application/nginx |--client_body_temp |--conf | |--fastcgi.conf #fastcgi配置文件 | |--Fastcgi.conf.default #default文件均属于备份文件 | |--Fastcgi_params | |--Fastcgi_params.default | |--Koi-utf | |--Koi-win | |--Mime.types | |--Mime.types.default | |--nginx.conf #Nginx主配置文件 | |--Nginx.conf.default | |--nginx.conf.qinbf-20131101 | |--Scgi_params | |--Scgi_params.default | |--Uwsgi_params | |--Uwsgi_params.default | '--Win-utf |--fastcgi_temp |--html | |--50x.html #错误优雅显示文件 | '--index.html |--logs | |--Access.log #访问日志 | |--Error.log #错误日志 | '--Nginx.pid |--proxy_temp |--Sbin | '--Nginx |--scgi_temp '--uwsgi_temp 9 Directories, files |
3 nginx.conf configuration file
Worker_processes 1; #ps-ef |grep Nginx can see the number of child threads to Nginx Events { Worker_connections 1024; #可以理解为最大并发数 } HTTP { Include Mime.types; Default_type Application/octet-stream; Sendfile on; Keepalive_timeout 65; server {#一个server相当于apache的一个vhost, you can replicate multiple server modules to configure multiple hosts Listen 80; server_name localhost; Location/{#相当于htdocs root HTML; Index index.html index.htm; } Error_page 502 503 504/50x.html; #优雅显示页面 Location =/50x.html { root HTML; } } } |
4 domain-based virtual host configuration
HTTP { Include Mime.types; One by one default_type Application/octet-stream; Sendfile on; Keepalive_timeout 65; 14 server { 80 Listen; server_name www.etiantian.org; 18 Location/{ root HTML; Index index.html index.htm; 22} 23 Error_page 502 503 504/50x.html; Location =/50x.html { root HTML; 27 28} 29 30} 31 32} Then check the syntax, graceful restart [Email protected] conf]#/application/nginx/sbin/nginx-t Nginx:the configuration file/application/nginx-1.2.9/conf/nginx.conf syntax is OK Nginx:configuration file/application/nginx-1.2.9/conf/nginx.conf Test is successful [Email protected] conf]#/application/nginx/sbin/nginx-s Reload [Email protected] conf]# NETSTAT-TUPNL |grep 80 TCP 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 21475/nginx To configure the virtual host process: 1) Copy the Server tab segment, to the end, note the end of the HTTP before closing the curly braces 2) Change the root directory of the server_name and corresponding Web pages 3) Create the root directory of the corresponding Web page and build the test file 4) Check syntax, restart service 5) Parse in host file 6) Browser Access |
5 Disable IP Access
To prevent a malicious domain name from being parsed to its own server, you must configure the Disable IP access
server { Listen default; return 500; } #这段配置, is to access a domain name that is not configured as a virtual host for this server and returns a 500 error by default #也可以利用rewrite规则, the malicious resolution to the server domain name access traffic, import into their own site server { Listen default; Rewrite ^ (. *) http://www.etiantian.com permanent; } #域名解析到本地服务器, but does not configure the local server's virtual host for the domain name, it jumps to the site defined by rewrite #server_name _; The meaning of this represents the result of direct access to the input IP address #listen Default_server; Default_server This parameter is used after Nginx version 0.8 |
6 nginx log Configuration and cutting
There is no better nginx log cutting tool
The format definition of the log: Log_format commonlog ' $remote _addr-$remote _user [$time _local] "$request" ' ' $status $body _bytes_sent ' $http _referer ' ' "$http _user_agent" "$http _x_forwarded_for"; server { Listen 80; server_name www.etiantian.com; Location/{ root/data0/www/www; Index index.html index.htm; } Error_page 502 503 504/50x.html; Location =/50x.html { root HTML; } Access_log/app/logs/www_access.log Commonlog; #日志格式的调用 } |
192.168.1.1--[22/nov/2013:00:27:32 +0800] "Get/favicon.ico http/1.1" 404 570 "-" "mozilla/5.0 (Windows NT 6.1; WOW64) applewebkit/537.36 (khtml, like Gecko) chrome/28.0.1500.95 safari/537.36 ""-" |
Log Cut Script
#!/bin/bash Date= ' Date +%y%m%d ' Nginx_dir= "/application/nginx" Nginx_logs= "/app/logs" Log_name= "Www_access" Cd/tmp [-D $Nginx _logs] && cd $Nginx _logs | | Exit 1 [-F $Log _name.log] &&/bin/mv $Log _name.log ${log_name}.${date}.log | | Exit 1 If [$?-eq 0-a-F $Nginx _dir/logs/nginx.pid] Then KILL-USR1 ' Cat $Nginx _dir/logs/nginx.pid ' #把nginx的日志重命名相当于删除文件, the Nginx service needs to be restarted Fi And then cut every night 12 o'clock. Crontab-e XX * * * */bin/sh/root/scripts/cut_nginx_log.sh >/dev/null 2>&1 |
Count IP and sort awk ' {print '} ' Www_access.log | Sort | uniq-c | Sort-rn-k 1 | Head |
7 Nginx configuration file optimization
Worker_processes 1; Events { Worker_connections 1024; } HTTP { Include Mime.types; Default_type Application/octet-stream; Sendfile on; Keepalive_timeout 65; Log_format commonlog ' $remote _addr-$remote _user [$time _local] "$request" ' ' $status $body _bytes_sent ' $http _referer ' ' "$http _user_agent" "$http _x_forwarded_for"; Include extra/www.conf; Include extra/bbs.conf; Include extra/blog.conf; Include extra/default.conf; } |
Imitate the Apache configuration file, write the configuration of the virtual host in the config file of the extra directory, and then call it in the form of include.
8 Nginx alias and connection status information configuration
#别名其实就是以相应的别名配置虚拟主机, then use the rewrite rule to jump to the primary domain. Specifically write a configuration file with the following contents: server { Listen 80; server_name etiantian.com; Rewrite ^ (. *) http://www.etiantian.com permanent; } This file will then be called in the Nginx file: include extra/www_alias.conf |
That is, configure a virtual host file with the following contents:
server { Listen 80; server_name status.etiantian.com; Location/{ Stub_status on; Access_log off; } } This configuration file is then called in the nginx.conf file |
Linux Course notes Nginx deep application Practice