1, source code installation Nginx
1), the required environment:
Development environment: Development tools
Server Platform Development
Additional Development
Pcre-devel
Nginx-1.6.0.tar.gz
2), source installation Nginx:
Disassemble the source code package into the/usr/local/src/directory
Create a System account and a group Nginx
[Email protected] ~]# groupadd-r nginx[[email protected] ~]# useradd-r-G nginx nginx
Compiling the source code:
[Email protected] nginx-1.6.0]#/configure--conf-path=/etc/nginx/nginx.conf--error-log-path=/var/log/nginx/ Error.log--http-log-path=/var/log/nginx/access.log--pid-path=/var/run/nginx/nginx.pid--lock-path=/var/lock/ Nginx.lock--user=nginx--group=nginx--with-http_ssl_module--with-http_flv_module--with-http_stub_status_module- -with-http_gzip_static_module--http-client-body-temp-path=/var/tmp/nginx/client--http-proxy-temp-path=/var/tmp /nginx/proxy--http-fastcgi-temp-path=/var/tmp/nginx/fcgi--with-pcre
Install Nginx:
[[email protected] nginx-1.6.0]# make &&make Install
Execute nginx Test command to detect Nginx installation
[Email protected] nginx]#/usr/local/nginx/sbin/nginx-tnginx:the configuration file/etc/nginx/nginx.conf syntax is OK Nginx: [Emerg] mkdir () "/var/tmp/nginx/client" failed (2:no such file or directory) Nginx:configuration file/etc/nginx/n Ginx.conf Test Failed
Prompt for missing directory, create:
[[email protected] nginx]# mkdir-p/var/tmp/nginx/client[[email protected] nginx]# ll/var/tmp/nginx/client/total 0
Start Nginx and view the process and port number:
650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M02/72/2B/wKioL1Xeghuga5HtAAKMwQMzTG4820.jpg "title=" 1.png " alt= "Wkiol1xeghuga5htaakmwqmztg4820.jpg"/>
Enter the IP address to test if Nginx is available:
650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M00/72/2B/wKioL1XegpWTT0qgAAIjysJFaj4984.jpg "title=" 2.png " alt= "Wkiol1xegpwtt0qgaaijysjfaj4984.jpg"/>2, implementing IP address-based access
Add two Test pages TEC and MKT
[[email protected] nginx]# echo "TEC page Test" >html/tec/index.html[[email protected] nginx]# echo "TEC page Test" >h Tml/mkt/index.html
Add two virtual addresses to the NIC:
650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M02/72/2F/wKiom1Xegt7icz7GAAPFdq6waYM741.jpg "title=" 5.png " alt= "Wkiom1xegt7icz7gaapfdq6waym741.jpg"/>
Modify the Nginx configuration file and add the relevant settings:
650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M01/72/35/wKioL1XevYPj73FgAACcl6hGmJ4218.jpg "style=" float: none; "title=" 6.png "alt=" Wkiol1xevypj73fgaaccl6hgmj4218.jpg "/>
650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M02/72/39/wKiom1Xeu2qyN1Y3AACkQOxqNMs164.jpg "style=" float: none; "title=" 7.png "alt=" Wkiom1xeu2qyn1y3aackqoxqnms164.jpg "/>
Reload the configuration file and add address resolution:
[Email protected] nginx]#/usr/local/nginx/sbin/nginx-s Reload
650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M02/72/39/wKiom1XevMniK8iFAADHolHtGjg137.jpg "title=" 8.png " alt= "Wkiom1xevmnik8ifaadholhtgjg137.jpg"/>
Test:
650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M00/72/3D/wKiom1Xe1U7hkBY1AAD6ogkoaew982.jpg "style=" float: none; "title=" 9.png "alt=" Wkiom1xe1u7hkby1aad6ogkoaew982.jpg "/>
650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M01/72/39/wKioL1Xe12jwpNLtAADJi5iYpcQ844.jpg "style=" float: none; "title=" 10.jpg "alt=" Wkiol1xe12jwpnltaadji5iypcq844.jpg "/>
3. Alias access based on virtual directory
In the root directory/under a site name of Qazwsxedc, I would like to visit without the use of such a hard-to-remember name, but more familiar with the vhost, that can use Nginx alias settings
Create a directory/qazwsxedc, and set the home page INDEX.HTNL, qazwsxedc page test:
[[email protected] nginx]# Mkdir/qazwsxedc[[email protected] nginx]# echo "Qazwsxedc page test" >/qazwsxedc/ Index.html
Modify the configuration file to add an alias record:
650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M01/72/3A/wKioL1Xe22ywrbyJAABS_zjSufc072.jpg "title=" 11.png "alt=" Wkiol1xe22ywrbyjaabs_zjsufc072.jpg "/>
Reload the configuration and access the test:
[Email protected] nginx]#/usr/local/nginx/sbin/nginx-s Reload
650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M01/72/3D/wKiom1Xe2baz7ExfAADtuRtaY_4813.jpg "title=" 12.jpg "alt=" Wkiom1xe2baz7exfaadturtay_4813.jpg "/>
4. Nginx Source Control
Set allow 192.168.47.200 IP address access, deny 192.168.47.150 access
650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M00/72/3D/wKiom1Xe21rS_sknAAClwWlfna0059.jpg "title=" 13.png "alt=" Wkiom1xe21rs_sknaaclwwlfna0059.jpg "/>
Write under Server to control the source of access to the primary site, or to write under location, indicating that a site
Overloading and accessing tests:
650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M02/72/3A/wKioL1Xe3ovxIX8tAAETRIgrKZo310.jpg "title=" 14.png "alt=" Wkiol1xe3ovxix8taaetrigrkzo310.jpg "/>
650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M01/72/3A/wKioL1Xe3uCwDN-fAAIlWraJUig746.jpg "title=" 15.png "alt=" Wkiol1xe3ucwdn-faailwrajuig746.jpg "/>
5. Nginx Authentication
To modify the configuration file, add the authentication settings:
650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M01/72/3A/wKioL1Xe4APjJyWQAAC__4SFv9Q262.jpg "title=" 16.png "alt=" Wkiol1xe4apjjywqaac__4sfv9q262.jpg "/>
Use the instruction htpasswd to generate the authentication file. htpasswd (this directive is included in the Httpd-tools)
650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M01/72/3A/wKioL1Xe4S7zYu1_AAD6Cmcv3hI292.jpg "title=" 17.png "alt=" Wkiol1xe4s7zyu1_aad6cmcv3hi292.jpg "/>
Overloading and accessing tests:
650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M01/72/3E/wKiom1Xe362zq5W4AAHjsIFVW-o235.jpg "style=" float: none; "title=" 19.png "alt=" Wkiom1xe362zq5w4aahjsifvw-o235.jpg "/>
650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M02/72/3A/wKioL1Xe4cyx6gvBAAIxsRG4ul4798.jpg "style=" float: none; "title=" 20.png "alt=" Wkiol1xe4cyx6gvbaaixsrg4ul4798.jpg "/>
6. Nginx Encrypted access
Encrypted access to data with SSL
# cd/etc/nginx/cert# OpenSSL genrsa-des3-out nginx.key 1024# OpenSSL req-new-key nginx.key-out nginx.csr# CP NGINX.K EY nginx.key.bak# OpenSSL rsa-in nginx.key.bak-out nginx.key# OpenSSL x509-req-days 365-in nginx.csr-signkey nginx.k Ey-out NGINX.CRT
To modify the Nginx configuration file, add the SSL option:
650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M00/72/40/wKiom1XfCWLgDZyPAAG-09_lBtI053.jpg "title=" A.png " alt= "Wkiom1xfcwlgdzypaag-09_lbti053.jpg"/>
Overload Nginx and view ports
650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M02/72/3C/wKioL1XfC7iD46B7AAEqAiOIeH0603.jpg "title=" B.png " alt= "Wkiol1xfc7id46b7aaeqaioieh0603.jpg"/>
Access test:
650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M00/72/3D/wKioL1XfD0CC7wLdAAF2Z--lkzw425.jpg "title=" 111. PNG "alt=" wkiol1xfd0cc7wldaaf2z--lkzw425.jpg "/>
Install the certificate:
650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M00/72/3D/wKioL1XfEDzxttlPAAErpEq0tGU665.jpg "title=" 112. PNG "alt=" wkiol1xfedzxttlpaaerpeq0tgu665.jpg "/>
Access success:
650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M01/72/40/wKiom1XfD2mx630IAAF7aDzzHpo454.jpg "title=" 122. PNG "alt=" wkiom1xfd2mx630iaaf7adzzhpo454.jpg "/>
This article is from the "but evil Water Heart Pan" blog, please be sure to keep this source http://shmilyfl.blog.51cto.com/8897986/1689076
Nginx's site security