Home > Developer > Web Develop
When Nginx is a reverse proxy, it can cache the response from upstream to local and construct the response message directly from the local client when the same content is requested by subsequent clients.
Nginx Cache Data Structure:
Shared memory : Store key and cache object metadata
disk space : storing data
Syntax: |
Proxy_cache_path Path [levels=levels] [Use_temp_path=on|off] keys_zone=name:size [inactive=time] [max_size=size] [ manager_files= number] [manager_sleep=time] [manager_threshold=time] [loader_files= number] [loader_sleep=Time] [loader_threshold=Time] [Purger=on|off] [purger_files=number] [purger_sleep=Time] [purger_threshold=time]; |
Default: |
— |
Context: |
http |
Proxy_cache Zone|off: Defines a shared memory area for caching, which can be called by multiple places, and the cache will comply with the cache settings in the upstream server's response message header, such as "Expires", "Cache-control: No-cache "," cache-control:max-age=xxx "," Private "and" No-store ", etc., but Nginx does not consider the" Vary "header of the response message when caching. In order to ensure that private information is not cached, all private information about the user can be upstream on the "No-cache" or "max-age=0" to be implemented, but also in Nginx settings Proxy_cache_key must contain user-specific data such as $cookie_ The way XXX is implemented, but the last way this is used on public caches can be risky. Therefore, messages containing the following header or specified flags in the response message will not be cached.
Set-cookie
Cache-control containing "No-cache", "No-store", "private", or a "max-age" with a non-numeric or 0 value
Expires with a time in the past
x-accel-expires:0
Proxy_cache_key: Sets the string used for "key" when storing and retrieving the cache, and can use variables for its value, but it is possible to cache the same content more than once when used improperly, and to use private information for the key to avoid returning the user's private information to other users;
Proxy_cache_lock: Enable this key to prevent multiple identical requests from being sent to upstream at the worker level in the cache command;
Proxy_cache_lock_timeout:proxy_cache_lock the length of the lock function;
Proxy_cache_min_uses: The minimum number of times a response message should be requested before it is cached;
Proxy_cache_path: Defines a directory for storing cached response messages, and a shared memory area (Keys_zone=name:size) that holds the key and response metadata for the cache object, with optional parameters such as:
Levels: The length of each sub-directory name, valid value is 1 or 2, each level is separated by a colon, up to 3 levels;
Inactive: The maximum cache duration before inactive cache entries are removed from the cache;
Max_size: The upper limit of cache space size, the cache manager will clean it based on the LRU algorithm when the object that needs to cache exceeds this space limit;
Loader_files: The maximum number of files to load metadata for each work process of the cache loader (cache_loader);
Loader_sleep: The length of sleep after each iteration of the cache loader;
Loader_threashold: Maximum sleep duration for the cache loader;
For example: Proxy_cache_path/data/nginx/cache/one Levels=1 keys_zone=one:10m;
Proxy_cache_path/data/nginx/cache/two Levels=2:2 keys_zone=two:100m;
Proxy_cache_path/data/nginx/cache/three Levels=1:1:2 keys_zone=three:1000m;
Proxy_cache_use_stale: In the case where the upstream server cannot be contacted (such as error, timeout, or http_500, etc.) let Nginx respond directly to the client request using the locally cached expired cache object in the following format:
Proxy_cache_use_stale Error | Timeout | Invalid_header | Updating | http_500 | http_502 | http_503 | http_504 | http_404 | Off
Proxy_cache_valid [code ...] time: Used to set the length of a valid cache for different responses, for example: Proxy_cache_valid 302 10m;
proxy_cache_methods [GET HEAD POST]: Enable caching for which request methods;
Proxy_cache_bypass string: In which case, Nginx will not fetch data from the cache, for example:
Proxy_cache_bypass $cookie _nocache $arg _nocache $arg _comment;
Proxy_cache_bypass $http _pragma $http _authorization;
HTTP { Proxy_cache_path /data/nginx/cache levels=1:2 keys_zone=static:10m inactive=24h max_size=1g; server {location /{ proxy_pass http://www.magedu.com; Proxy_set_header Host $host; Proxy_cache STATIC; Proxy_cache_valid 1d; Proxy_cache_valid 301 302 10m; Proxy_cache_vaild any 1m; Proxy_cache_use_stale Error timeout invalid_header updating http_500 http_502 http_503 http_504; } }
Nginx can enable the compression function before sending the response message to the client, which can effectively save bandwidth and increase the speed of response to the client. Normally compiled Nginx comes with gzip compression by default, so you can enable it directly.
HTTP { gzip on; Gzip_http_version 1.0; Gzip_comp_level 2; Gzip_types text/plain text/css application/x-javascript text/xml application/xml application/xml+rss text/javascript Application/javascript Application/json; Gzip_disable Msie6;}The gzip_proxied directive can define which types of objects the client requests to enable compression, such as "expired" to enable compression for objects that cannot be cached due to the use of the expire header definition, and other acceptable values are "No-cache", "No-store", " Private "," no_last_modified "," No_etag "and" auth ", and" off "means that the compression function is turned off.
The reverse proxy enables upstream and caching:
HTTP {include mime.types; Default_type Application/octet-stream; Sendfile on; Keepalive_timeout 65; Proxy_cache_path/nginx/cache/first levels=1:2 keys_zone=first:10m max_size=512m; Upstream Websrv {server 172.16.100.11 weight=1; Server 172.16.100.12 weight=1; Server 127.0.0.1:8080 backup; } server {Listen 80; server_name www.magedu.com; Add_header X-via $server _addr; Add_header x-cache-status $upstream _cache_status; Location/{Proxy_pass http://websrv; Proxy_cache first; Proxy_cache_valid 1d; Proxy_cache_valid 301 302 10m; Proxy_cache_valid any 1m; Index index.html index.htm; if ($request _method ~* "PUT") {Proxy_pass http://172.16.100.12; Break }} error_page 502 503 504/50x.html; Location =/50x.html {root HTml }} server {listen 8080; server_name localhost; Root/nginx/htdocs; Index index.html; }}
Add header information: add_header x-via $server _addr; Add_header x-cache-status $upstream _cache_status;
To configure the cache:
Proxy_cache_path/nginx/cache/first levels=1:2 keys_zone=first:10m max_size=512m;
Enable:
Proxy_cache first; Proxy_cache_valid 1d; Proxy_cache_valid 301 302 10m; Proxy_cache_valid any 1m;
Set error log format and level:
HTTP {log_format combined ' $remote _addr-$remote _user [$time _local] " " $request "$status $body _bytes_sent" " $http _referer "" $http _user_agent "'; Access_log/var/log/nginx/access.log combined;error_log/var/log/nginx/ Error.log crit, ...}Log logs similar to Apache format:
Log_format Main ' $remote _addr-$remote _user [$time _local] " $request" $status $body _bytes_sent "$http _referer" ' c6/> ' "$http _user_agent" "$http _x_forwarded_for"; Access_log/var/log/nginx/access.log main;
Enable log caching:
HTTP { ... Open_log_file_cache max=1000 inactive=20s min_uses=2 valid=1m; ...}Implementing a domain name jump
Server{listen 80;server_name jump.magedu.com;index index.html index.php;root/www/htdocs;rewrite ^//http www.magedu.com/;}Implementing Domain name Mirroring
Server{listen 80;server_name mirror.magedu.com;index index.html index.php;root/www/htdocs;rewrite ^/(. *) $/HTTP Www.magedu.com/$1 last;}Simple anti-theft chain configuration:
Location ~* \. (gif|jpg|png|swf|flv) $ { Valid_referers none blocked www.magedu.com; if ($invalid _referer) { rewrite ^/http://www.magedu.com/403.html; # return 404 }}First line: gif|jpg|png|swf|flv
Represents an anti-theft chain for GIF, JPG, PNG, SWF, FLV suffix files
Second line: www.magedu.com
It means to judge the origin of the Www.magedu.com if{} inside the content meaning, if the route is not the specified route to jump to the error page, of course, directly return 404 is also possible.
Regular expression matching:
~: Returns "true" when matching the specified regular expression pattern, and distinguishes the character case when the match is determined;
~*: Returns "true" when matched with the specified regular expression pattern, and does not distinguish between character case when the match is determined;
!~: Returns "true" when mismatched with the specified regular expression pattern, and distinguishes the case when the match is determined;
!~*: Returns "true" when mismatched with the specified regular expression pattern, and does not distinguish between case-insensitive characters when the match is determined;
File and directory matching judgment:
-F,!-f: Determines whether the specified path is present and is a file;
-D,!-d: Determines whether the specified path is present and is a directory;
-E,!-e: Determines whether the specified path exists, the file or directory is available;
-X,!-x: Determines whether the file specified by the path exists and is executable;
Speed limit for a specific path:
server { server_name www.magedu.com; location/downloads/{ limit_rate 20k; root/web/downloads/; } ..}Limit the bot speed of search engines:
if ($http _user_agent ~ google| yahoo| Msn|baidu) { limit_rate 20k;}The following are some of the common global variables that are commonly used in nginx, which are often applied to the IF statement for conditional judgments.
$arg _parameter This variable contains the value of the GET request variable PARAMETER if present in the query Strin G.
$args This variable contains the query string in the URL, for example Foo=123&bar=blahblah if the URL Is Http://example1. com/? Foo=123&bar=blahblah
$binary _REMOTE_ADDR The address of the client in binary form.
$body _bytes_sent The bytes of the body sent.
$content _length This variable was equal to line content-length in the header of the request.
$content _type This variable was equal to line Content-type in the header of the request.
$document _root This variable was equal to the value of Directive root for the current request.
$document _uri the same as $uri.
$host This variable contains the value of the "host" value in the request header, or the name of the serve R processing if the ' Host ' value is not available.
$http _header The value of the HTTP header header when converted to lowercase and with "dashes" converted to "Unde Rscores ", for example, $http _user_agent, $http _referer.
$is _args evaluates to "?" If $args is set, returns "" otherwise.
$request _uri This variable are equal to the *original* request URI as received from the client including the args. It cannot be modified. Look in $uri for the post-rewrite/altered URI. Does not include host name. Example: "/foo/bar.php?arg=baz".
$scheme the HTTP scheme (that's HTTP, https). Evaluated demand, for Example:rewrite ^ (. +) $ $scheme://example.com$1 redirect;
$server _addr This variable contains the server address. It is advisable to indicate addresses correctly in the Listen directive and use the bind parameter so that a system call I s not made every time this variable is accessed.
$server _name The name of the server.
$server _port This variable was equal to the port of the server and to which the request arrived.
$server _protocol This variable are equal to the protocol of request, usually this is http/1.0 or http/1.1.
$uri This variable was equal to current URI in the request (without arguments, those am in $args.) It can differ from $request _uri which are what's sent by the browser. Examples of how it can modified is internal redirects, or with the use of index. Does not include host name. Example: "/foo/bar.html"
Nginx cache function, anti-theft chain, URL rewriting
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
