Nginx Configuration-http and HTTPS

Source: Internet
Author: User
Tags epoll sendfile

#user nobody;
Worker_processes 1;
Error_log Logs/error.log;
#error_log Logs/error.log Notice;
#error_log Logs/error.log Info;

#pid Logs/nginx.pid;
Worker_rlimit_nofile 204800;

Events {
Worker_connections 204800;
Multi_accept on;
Use Epoll;
}


HTTP {
Include Mime.types;
Default_type Application/octet-stream;

Log_format test166 ' $remote _addr-$remote _user [$time _local] "$request" '
' $status $body _bytes_sent ' $http _referer '
' "$http _user_agent" "$http _x_forwarded_for" '
' [$request _time] "" [$upstream _response_time] "'
"[$connection]" "[$connection _requests]" '
"$http _imei" "$http _mobile" "$http _type" "$http _key" "$cookie _sfpay_jsessionid";
Access_log Logs/access.log test166;

Sendfile on;
#tcp_nopush on;
Underscores_in_headers on;

Keepalive_timeout 65;
Proxy_connect_timeout 10s;
Proxy_read_timeout 120;
Proxy_send_timeout 60;
Proxy_buffer_size 16k;
Proxy_buffers 4 64k;
Proxy_busy_buffers_size 128k;
Proxy_temp_file_write_size 128k;
Proxy_temp_path/home/temp_dir;
Proxy_cache_path/home/cache levels=1:2 keys_zone=cache_one:200m inactive=1d max_size=30g;

Client_header_buffer_size 12k;
Open_file_cache max=204800 inactive=65s;
Open_file_cache_valid 30s;
Open_file_cache_min_uses 1;

Fastcgi_intercept_errors on;


gzip on;
Gzip_types text/plain application/x-javascript text/css application/xml text/javascript application/x-httpd-php image /jpeg image/gif image/png image/jpg;

Upstream Ims-oms {
Server 10.118.240.31:8001;
}

Upstream Up_cms {
Server 10.118.242.206:8080;
#server 10.118.244.163:8080;
}
Upstream Up_adms {
Server 10.118.242.206:8082;
#server 10.118.200.19:8080;
}
Upstream UP_PSFM {
Server 10.118.242.206:8081;

}
# HTTP Server
#
server {
Listen 8080;
server_name 10.118.213.96;

Location/nginx_status {
stub_status on;
Access_log off;
}
Location/cms {
Proxy_pass http://10.118.244.163:8080/cms;
Proxy_set_header x-real-ip $remote _addr;
Proxy_set_header Host $host: 8080;
Index login.jsp;
#proxy_redirect default;
Proxy_cache off;
}

Location/adms {
Proxy_pass http://up_adms/Adms;
Proxy_set_header x-real-ip $remote _addr;
Proxy_set_header Host $host;
#proxy_redirect Https://10.118.213.96:8443/Adms/adms;
Proxy_cache off;
Add_header ' access-control-allow-origin ' * ';
Add_header ' access-control-allow-credentials ' true ';
Add_header ' access-control-allow-methods ' OPTION, POST, GET ';
}


# REDIRECT Server error pages to the static page/50x.html
#
Error_page 403 404 502 503 504/40x.html;
Location =/40x.html {
#proxy_pass https://127.0.0.1:8080/notice.png;
root HTML;
}
# REDIRECT Server error pages to the static page/40x.html
#

Location ~*\. (GIF|JPG|JPEG|ICO|GIF|PNG|BMP|JS|CSS) $ {
Root images;
}


Location =/favicon.ico {
Log_not_found off;
Access_log off;
}
}

#HTTPS SERVER
#
server {
Listen 8443;
server_name 10.118.213.96;

Sslon;
Ssl_certificate Server.key;
Ssl_certificate_key Server.pem;
Ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
Ssl_ciphers
Aes128-sha:aes256-sha:rc4-sha:des-cbc3-sha:rc4-md5;
Ssl_prefer_server_ciphers on;

Rewrite '/(login)/(. *) '/cms/$1/$2;
#rewrite '/adms/(. js|css) ' https://xbox.sf-pay.com/adms/$1;
Location/cms {
Proxy_pass http://up_cms/cms;
#proxy_pass http://10.118.244.163:8080/cms/;
#proxy_redirect default;
Proxy_set_header Host $host;
Proxy_set_header x-real-ip $remote _addr;
Proxy_set_header X-forwarded-proto HTTPS;
Server_name_in_redirect on;
}

location/psfm{
Proxy_pass http://up_psfm/psfm;
#proxy_pass http://10.118.244.163:8080/cms/;
#proxy_ redirect default;
Proxy_set_header Host $host;
Proxy_set_header x-real-ip $remote _addr;
Proxy_set_header X-forwarded-proto HTTPS;
Server_name_in_redirect on;
}

Location/{
Proxy_pass http://up_cms/cms/login.jsp;
Rewrite '/(. *)/(. *) '/cms/$1/$2;
Proxy_set_header Host $host;
Proxy_set_header x-real-ip $remote _addr;
Proxy_set_header X-forwarded-proto HTTPS;
}


Location/autodeploy {
Proxy_pass http://up_cms/AutoDeploy;
#proxy_pass http:// 10.118.244.163:8080/cms/;
#proxy_redirect default;
Proxy_set_header Host $host;
Proxy_set_header x-real-ip $remote _addr;
Proxy_set_header X-forwarded-proto HTTPS;
Server_name_in_redirect on;
}


#location/bugzilla {
#proxy_pass http://up_cms/Bugzilla;
# proxy_set_header Host $host;
# proxy_set_ Header X-real-ip $remote _addr;
# Proxy_set_header X-forwarded-proto https;
#}

Location/adms {
Proxy_pass http://up_adms/Adms;
#proxy_pass http://10.118.242.206:8082/Adms/;
Proxy_set_header X-real-ip $remote _addr;
Proxy_set_header Host $host;
#proxy_redirect Https://10.118.213.96:8443/Adms/adms;
Proxy_cache off;
Add_header ' access-control-allow-origin ' * ';
Add_header ' access-control-allow-credentials ' true ';
Add_header ' access-control-allow-methods ' OPTION, POST, GET ';
}

Error_page 403 404 502 503 504/40x.html;
location =/40x.html {
#proxy_pass https://127.0.0 .1:8443/notice.png;
Root html;
}

Location ~*\. ( Gif|jpg|jpeg|ico|gif|png|bmp) $ {
root images;
}


location =/favicon.ico {
Log_not_found off;
Access_log off;
}
}
}

----------------------------------------------

#user nobody;
Worker_processes 1;
Error_log Logs/error.log;
#error_log Logs/error.log Notice;
#error_log Logs/error.log Info;

#pid Logs/nginx.pid;
Worker_rlimit_nofile 204800;

Events {
Worker_connections 204800;
Multi_accept on;
Use Epoll;
}


HTTP {
Include Mime.types;
Default_type Application/octet-stream;

Log_format test166 ' $remote _addr-$remote _user [$time _local] "$request" '
' $status $body _bytes_sent ' $http _referer '
' "$http _user_agent" "$http _x_forwarded_for" '
' [$request _time] "" [$upstream _response_time] "'
"[$connection]" "[$connection _requests]" '
"$http _imei" "$http _mobile" "$http _type" "$http _key" "$cookie _sfpay_jsessionid";
Access_log Logs/access.log test166;

Sendfile on;
#tcp_nopush on;
Underscores_in_headers on;

Keepalive_timeout 65;
Proxy_connect_timeout 10s;
Proxy_read_timeout 120;
Proxy_send_timeout 60;
Proxy_buffer_size 16k;
Proxy_buffers 4 64k;
Proxy_busy_buffers_size 128k;
Proxy_temp_file_write_size 128k;
Proxy_temp_path/home/temp_dir;
Proxy_cache_path/home/cache levels=1:2 keys_zone=cache_one:200m inactive=1d max_size=30g;

Client_header_buffer_size 12k;
Open_file_cache max=204800 inactive=65s;
Open_file_cache_valid 30s;
Open_file_cache_min_uses 1;

Fastcgi_intercept_errors on;


gzip on;
Gzip_types text/plain application/x-javascript text/css application/xml text/javascript application/x-httpd-php image /jpeg image/gif image/png image/jpg;

Upstream Ims-oms {
Server 10.118.240.31:8001;
}

Upstream Up_cms {
Server 10.118.242.206:8080;
#server 10.118.244.163:8080;
}
Upstream Up_adms {
Server 10.118.242.206:8082;
#server 10.118.200.19:8080;
}
Upstream UP_PSFM {
Server 10.118.242.206:8081;

}
Upstream Up_syassistant {
Server 10.118.242.206:8088;

}
# HTTP Server
#
server {
Listen 8080;
server_name 10.118.213.96;

Location/nginx_status {
Stub_status on;
Access_log off;
}
Location/cms {
Proxy_pass Http://up_cms/cms;
Proxy_set_header X-real-ip $remote _addr;
Proxy_set_header Host $host;
Index login.jsp;
#proxy_redirect default;
Proxy_cache off;
}
LOCATION/PSFM {
Proxy_pass HTTP://UP_PSFM/PSFM;
#proxy_pass http://10.118.244.163:8080/cms/;
#proxy_redirect default;
Proxy_set_header Host $host;
Proxy_set_header X-real-ip $remote _addr;
#proxy_set_header X-forwarded-proto HTTPS;
Server_name_in_redirect on;
Proxy_cache off;
}
location/syassistant {
Proxy_pass http://up_syAssistant/syAssistant;
#proxy_pass http://10.118.244.163:8080/cms/;
#proxy_redirect default;
Proxy_set_header Host $host;
Proxy_set_header X-real-ip $remote _addr;
#proxy_set_header X-forwarded-proto HTTPS;
Server_name_in_redirect on;
Proxy_cache off;
}
# REDIRECT Server error pages to the static page/50x.html
#
Error_page 403 404 502 503 504/40x.html;
Location =/40x.html {
#proxy_pass https://127.0.0.1:8080/notice.png;
root HTML;
}
# REDIRECT Server error pages to the static page/40x.html
#

Location ~*\. (GIF|JPG|JPEG|ICO|GIF|PNG|BMP|JS|CSS) $ {
Root images;
}


Location =/favicon.ico {
Log_not_found off;
Access_log off;
}
}

#HTTPS SERVER
#
server {
Listen 8443;
server_name 10.118.213.96;

Sslon;
Ssl_certificate Server.key;
Ssl_certificate_key Server.pem;
Ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
Ssl_ciphers
AES128-SHA:AES256-SHA:RC4-SHA:DES-CBC3-SHA:RC4-MD5;
Ssl_prefer_server_ciphers on;

#rewrite '/(login)/(. *) '/cms/$1/$2;
#rewrite '/adms/(. js|css) ' https://xbox.sf-pay.com/adms/$1;
Location/cms {
Proxy_pass Http://up_cms/cms;
#proxy_pass http://10.118.244.163:8080/cms/;
#proxy_redirect default;
Proxy_set_header Host $host;
Proxy_set_header X-real-ip $remote _addr;
Proxy_set_header X-forwarded-proto HTTPS;
Server_name_in_redirect on;
}

LOCATION/PSFM {
Proxy_pass http://up_psfm/psfm;
#proxy_pass http://10.118.244.163:8080/cms/;
#proxy_ redirect default;
Proxy_set_header Host $host;
Proxy_set_header x-real-ip $remote _addr;
Proxy_set_header X-forwarded-proto HTTPS;
Server_name_in_redirect on;
}

#location/{
# Proxy_pass http://up_cms/cms/login.jsp;
#rewrite '/(. *)/(. *) '/cms/$1/$2;
# Proxy_set_header Host $host;
# Proxy_set_header X-real-ip $remote _addr;
# Proxy_set_header X-forwarded-proto https;
#}


# location/autodeploy {
# proxy_pass Http://up_cms/AutoDeploy;
#proxy_pass http:// 10.118.244.163:8080/cms/;
#proxy_redirect default;
# Proxy_set_header Host $host;
# Proxy_set_header X-real-ip $remote _addr;
# Proxy_set_header X-forwarded-proto https;
# server_name_in_redirect on;
#}


#location/bugzilla {
#proxy_pass http://up_cms/Bugzilla;
# proxy_set_header Host $host;
# proxy_set_ Header X-real-ip $remote _addr;
# Proxy_set_header X-forwarded-proto https;
#}

#location/adms {
# proxy_pass Http://up_adms/Adms;
# #proxy_pass http://10.118.242.206:8082/Adms/;
# Proxy_set_header X-real-ip $remote _addr;
# Proxy_set_header Host $host;
# #proxy_redirect Https://10.118.213.96:8443/Adms/adms;
# Proxy_cache off;
#add_header ' access-control-allow-origin ' *;
#add_header ' access-control-allow-credentials ' true ';
# add_header ' access-control-allow-methods ' OPTION, POST, GET ';
#}

Error_page 403 404 502 503 504/40x.html;
location =/40x.html {
#proxy_pass https://127.0.0.1:844 3/notice.png;
Root html;
}

Location ~*\. ( Gif|jpg|jpeg|ico|gif|png|bmp) $ {
root images;
}


location =/favicon.ico {
Log_not_found off;
Access_log off;
}
}
}

----------------------------configuration with Nginx Directory Access

[Email protected] conf]$ more nginx.conf

#user nobody;
Worker_processes 1;

#error_log Logs/error.log;
#error_log Logs/error.log Notice;
#error_log Logs/error.log Info;

#pid Logs/nginx.pid;


Events {
Worker_connections 1024;
}


HTTP {
Include Mime.types;
Default_type Application/octet-stream;

Log_format Main ' $remote _addr-$remote _user [$time _local] "$request" '
' $status $body _bytes_sent ' $http _referer '
' "$http _user_agent" "$http _x_forwarded_for";

Access_log Logs/access.log Main;

Sendfile on;
#tcp_nopush on;

#keepalive_timeout 0;
Keepalive_timeout 65;

#gzip on;

server {
Listen 8443;
server_name localhost;
#root/home/nginx/nginx-home/android/sit;
root/home/nginx/nginx-home/download/;
AutoIndex on;
Autoindex_exact_size on;
Autoindex_localtime on;

Location ~ ^/nginxstatus/{
Stub_status on;
Access_log off;
}

}

server {
Listen 8088;
server_name localhost;

#charset Koi8-r;
CharSet Utf-8;
Access_log Logs/host.access.log Main;
autoindex on;
Autoindex_exact_size on;
Autoindex_localtime on;

Location ~ ^/nginxstatus/{
Stub_status on;
Access_log off;
}

Location/{
#root html;
Root/home/nginx/nginx-home/download;
Index index.html index.htm;
}

#error_page 404/404.html;

# REDIRECT Server error pages to the static page/50x.html
#
Error_page 502 503 504/50x.html;
Location =/50x.html {
root HTML;
}

# Proxy The PHP scripts to Apache listening on 127.0.0.1:80
#
#location ~ \.php$ {
# Proxy_pass http://127.0.0.1;
#}

# Pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
#location ~ \.php$ {
# root HTML;
# Fastcgi_pass 127.0.0.1:9000;
# Fastcgi_index index.php;
# Fastcgi_param Script_filename/scripts$fastcgi_script_name;
# include Fastcgi_params;
#}

# Deny access to. htaccess files, if Apache ' s document Root
# concurs with Nginx ' s one
#
#location ~/\.ht {
# Deny All;
#}
}


# Another virtual host using mix of ip-, name-, and port-based configuration
#
#server {
# Listen 8000;
# Listen somename:8080;
# server_name somename alias Another.alias;

# location/{
# root HTML;
# index index.html index.htm;
# }
#}


# HTTPS Server
#
#server {
# Listen 443 SSL;
# server_name localhost;

# ssl_certificate Cert.pem;
# Ssl_certificate_key Cert.key;

# Ssl_session_cache shared:ssl:1m;
# ssl_session_timeout 5m;

# ssl_ciphers high:!anull:! MD5;
# ssl_prefer_server_ciphers on;

# location/{
# root HTML;
# index index.html index.htm;
# }
#}

}

Nginx Configuration-http and HTTPS

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.