#user www www;worker_processes 2;error_log logs/error.log info;pid/usr/local/nginx/nginx.pid;worker_rlimit_nofi Le 65535;events {use epoll; Worker_connections 65535;} HTTP {include mime.types; Default_type Application/octet-stream; Log_format Main ' $remote _addr-$remote _user [$time _local] "$request" ' $status $body _bytes_sent "$http _referer" "$http _user_agent" "$http _x_forwarded_for"; Access_log Logs/access.log Main; Server_names_hash_bucket_size 128; Client_header_buffer_size 512k; Large_client_header_buffers 4 512k; Client_body_buffer_size 30m; Client_max_body_size 100m; Server_tokens off; Ignore_invalid_headers on; Recursive_error_pages on; Sendfile on; Tcp_nopush on; Tcp_nodelay on; Keepalive_timeout 65; gzip on; Gzip_min_length 1k; Gzip_http_version 1.0; Gzip_comp_level 2; Gzip_typEs text/plain application/x-javascript text/css application/xml; Upstream Truck {ip_hash; Server 10.74.**.**:8080; } upstream model{server 10.74.**.**:8080; } upstream mvsp{server 10.74.**.**:6006; } upstream fastdfs{server 10.74.**.**:8080; } server {Listen 80; server_name isafety.mintaian.com; #永久重定向到 HTTPS site return 301 https://$server _name$request_uri; } #server {#listen 80; #server_name isafety.mintaian.com; # # # #location ~*/{# proxy_pass Http://truck; # Proxy_set_header Host $host: 80; # Proxy_set_header X-real-ip $remote _addr; # Proxy_set_header x-forwarded-for $proxy _add_x_forwarded_for; # client_max_body_size 400m; # Proxy_connect_timeout 600; # Proxy_send_timeout 600; # Proxy_read_timeout 600; # # # # # # # # # Access_log/usr/local/nginx/logs/isafety.mintaian.com.log; # #} server {listen 443; server_name isafety.mintaian.com; SSL on; Ssl_certificate. /SSLKEY/1_ISAFETY.MINTAIAN.COM_BUNDLE.CRT; Ssl_certificate_key. /sslkey/2_isafety.mintaian.com.key; Ssl_session_timeout 5m; Ssl_protocols TLSv1 TLSv1.1 TLSv1.2 SSLv2 SSLv3; Ssl_ciphers aesgcm:all:! Dh:! export:! rc4:+high:! medium:! Low:!anull:!enull; Ssl_prefer_server_ciphers on; #======== model Interface ===========# location ~*/mintaian/datatransmission {Proxy_pass http://model; } #=======** Technology page Agent =====>start location ~*/ferry {Proxy_pass HTTP://MV Sp } location ~*/thirdresource {Proxy_pass http://mvsp; } location ~*/vehiclealarmdata {p Roxy_pass http://mvsp; } #=======** Technology page Agent =====>end #代理测试文件服务器 location ~*/group1 {PROXY_PA SS Http://fastdfs; } location ~*/group2 {Proxy_pass Http://fastdfs; } #file location ~*/file/{add_header ' access-control-allow-origin ' *; Add_header ' Access-control-allow-methods ' GET, POST, OPTIONS '; Add_header ' Access-control-allow-headers ' Origin, X-requested-with, Content-type, Accept '; Root/usr/local/nginx; } location ~*/{Proxy_pass http://truck; Proxy_set_header Host $host: 80; Proxy_set_header X-real-ip $remote _addr; Proxy_set_header x-forwarded-for $proxy _add_x_forwarded_for; Client_max_body_size 400m; Proxy_connect_timeout 600; Proxy_send_timeout 600; Proxy_read_timeout 600; Proxy_set_header Upgrade $http _upgrade; Proxy_set_header Connection "Upgrade"; Proxy_set_header X-forwarded-proto $scheme; } Access_log/usr/local/nginx/logs/isafety.mintaian.com.log; }}
Production environment Nginx configuration file (with HTTPS security authentication)