Use of common nginx modules

Source: Internet
Author: User

Install nginx in Linux source code

First install the development tools: "development tools", "server platform development", and "additional development"


1. Yum -- disablerepo = -- enablerepo = c6-media install PCRE-devel OpenSSL-devel-y

2. groupadd-r nginx

3. useradd-r-g nginx create account and group

4. libevent-2.0.16-stable.tar.gz-C/usr/local/src/tar-zxvf/

5. nginx-1.6.0.tar.gz-C/usr/local/src/tar-zxvf/

6. CD/usr/local/src

7. CD libevent-2.0.16-stable/

8 ../configure -- prefix =/usr/local/libevent

9. Make & make install

10. Vim/etc/lD. So. conf. d/libevent. conf indicates the path of the library file.

650) This. width = 650; "src =" http://s3.51cto.com/wyfs02/M01/4D/3F/wKioL1ROPhORGSf_AABTDOX93_E085.jpg "Title =" 1.png" alt = "wkiol1rophorgsf_aabtdox93_e085.jpg"/>

11. ldconfig refresh

12. ldconfig-PV | grep libevent

13. CD/usr/local/src/nginx-1.6.0/

14. Compile (install required modules)

. /Configure -- conf-Path =/etc/nginx. conf -- error-log-Path =/var/log/nginx/error. log -- http-log-Path =/var/log/nginx/access. log -- PID-Path =/var/run/nginx. PID -- lock-Path =/var/lock/nginx. lock -- user = nginx -- group = nginx -- with-http_ssl_module -- with-http_flv_module -- with-http_stub_status_module -- with-http_gzip_static_module -- http-client-body-temp-Path =/var/tmp/nginx/client/-- http- proxy-temp-Path =/var/tmp/nginx/Proxy/-- http-FastCGI-temp-Path =/var/tmp/nginx/fcgi/-- With-PCRE

-- Add-module =/usr/local/src/healthcheck_nginx_upstreams-master

15. Make & make install

16. mkdir-PV/var/tmp/nginx/client/

17. Write the path in VIM/etc/profile.

650) This. width = 650; "src =" http://s3.51cto.com/wyfs02/M01/4D/3E/wKiom1ROPdDx38fmAADbbjdffL0559.jpg "Title =" 2.png" alt = "wkiom1ropddx38fmaadbbjdffl0559.jpg"/>

18. Service iptables stop

19. setenforce 0

20. pkill-9 nginx

21. netstat-tupln | grep 80

22. nginx

23. Vim/etc/init. d/nginxd write a STARTUP script

 

Open a browser to access the Web page. The following default web page appears.

650) This. width = 650; "src =" http://s3.51cto.com/wyfs02/M00/4D/3F/wKioL1ROPjbAWzyEAAHmUc4hFeA992.jpg "Title =" 3.png" alt = "wkiol1ropjbawzyeaahmuc4hfea992.jpg"/>

Access Module: Source Control

1. Vim/etc/nginx. conf add content to the Sever site

650) This. width = 650; "src =" http://s3.51cto.com/wyfs02/M00/4D/3E/wKiom1ROPfWhgamNAABYax7I8qM100.jpg "Title =" 4.png" alt = "wkiom1ropfwhgamnaabyax7i8qm100.jpg"/>

Service nginx restart

Allow access from 192.168.88.10 to prevent access from other IP addresses in the CIDR block.

Open a PC and set the address to 192.168.88.10 for access.

650) This. width = 650; "src =" http://s3.51cto.com/wyfs02/M02/4D/3F/wKioL1ROPmyjC0_SAAHBXPIWrm8276.jpg "Title =" 5.png" alt = "wkiol1ropmyjc0_saahbxpiwrm8276.jpg"/>


Modify the address to another address in the 192.168.88.0 CIDR Block for access.

650) This. width = 650; "src =" http://s3.51cto.com/wyfs02/M00/4D/3F/wKioL1ROPofxW_kyAADKnj5ZVCk660.jpg "Title =" 6.png" alt = "wkiol1ropofxw_kyaadknj5zvck660.jpg"/>

Implemented source control!


Auth module: Authentication

Because httpd-tools has the htpasswd tool, install httpd-tools first.

1. Vim/etc/nginx. conf add content to the Sever site

650) This. width = 650; "src =" http://s3.51cto.com/wyfs02/M00/4D/3E/wKiom1ROPmuQHAuyAADUWuDd6sM088.jpg "Title =" 7.png" alt = "wkiom1ropmuqhauyaaduwudd6sm088.jpg"/>

2. Create an account in htpasswd-C/etc/nginx/. htpasswd zhangsan and enter the password.

3. Restart service nginxd restart

Open a browser to test

650) This. width = 650; "src =" http://s3.51cto.com/wyfs02/M01/4D/3F/wKioL1ROPtjRz8r0AAH7Rh5MYjs668.jpg "Title =" 8.png" alt = "wkiol1roptjrz8r0aah7rh5myjs668.jpg"/>

 

Authentication is implemented!

SSL module: secure encryption

1. CD/etc/pki/tls/

2. Vim OpenSSL. COF

Change files and issue certificates to other organizations

650) This. width = 650; "src =" http://s3.51cto.com/wyfs02/M02/4D/3F/wKioL1ROPvKiowlTAAENxYuPFgI396.jpg "Title =" 9.png" alt = "wkiol1ropvkiowltaaenxyupfgi396.jpg"/>

Change Default Value

650) This. width = 650; "src =" http://s3.51cto.com/wyfs02/M02/4D/3F/wKioL1ROPwXTHT7NAAEvgXDZNiM195.jpg "Title =" 10.png" alt = "wkiol1ropwxtht7naaevgxdznim195.jpg"/>

3. Echo "01"> serial number of the serial record

4. OpenSSL genrsa 1024> ../CA/private/cakey. pem generate a private key

5. CD/etc/pki/CA/

6. chmod 600 private/cakey. pem Change permissions

7. CD/etc/nginx/certs/

8. OpenSSL ca-In nginx. req-out nginx. Cert generates certificates for itself

9. mkdir/etc/nginx/certs create directory to store certificates

10. CD/etc/nginx/certs/

11. OpenSSL genrsa 1024> nginx. Key generates the Private Key

12. chmod 600 nginx. Key

13. OpenSSL req-New-key nginx. Key-out nginx. req

14. OpenSSL ca-In nginx. req-out nginx. Cert

15. Vim/etc/nginx. conf open port 443 and encrypt access

650) This. width = 650; "src =" http://s3.51cto.com/wyfs02/M00/4D/3F/wKioL1ROP0LgslrKAAFUfaQC-5g484.jpg "Title =" 11.png" alt = "wKioL1ROP0LgslrKAAFUfaQC-5g484.jpg"/>

Open a browser to access https: // 192.168.88.100

650) This. width = 650; "src =" http://s3.51cto.com/wyfs02/M00/4D/3E/wKiom1ROPwGA3iR7AAF6F7qOtE4996.jpg "Title =" 12.png" alt = "wkiom1ropwga3ir7aaf6f7qote4996.jpg"/>

Show certificate chain

16. CD/etc/nginx/certs

17. CP/etc/pki/CA/cacert. pem ./

18. CP nginx. cert./nginx. cert. Bak

19. Cat nginx. cert. Bak cacert. pem> nginx. Cert

View the following files

650) This. width = 650; "src =" http://s3.51cto.com/wyfs02/M01/4D/3F/wKioL1ROP26SIMfBAAEfuJErLTc355.jpg "Title =" 13.png" alt = "wkiol1rop26simfbaaefujerltc355.jpg"/>

Open the browser to access https: // 192.168.88.100, and then click View Certificate

650) This. width = 650; "src =" http://s3.51cto.com/wyfs02/M01/4D/3E/wKiom1ROP1OgNzLLAAEmdwU9kb0463.jpg "style =" float: none; "Title =" 14.png" alt = "wkiom1rop1ognzllaaemdwu9kb0463.jpg"/>

650) This. width = 650; "src =" http://s3.51cto.com/wyfs02/M02/4D/3F/wKioL1ROP6jjm30yAACnLnKT2WE448.jpg "style =" float: none; "Title =" 15.png" alt = "wkiol1rop6jjm30yaacnlt2we448.jpg"/>

Certificate path to view the certificate chain


Rewrite module: Redirection

1. Vim/etc/nginx. conf add content to the Sever site

All redirected to http://www.sina.com.cn when accessing the main site

650) This. width = 650; "src =" http://s3.51cto.com/wyfs02/M02/4D/3E/wKiom1ROP3Dj6iZiAAB4OWTlmzI679.jpg "Title =" 16.png" alt = "wkiom1rop3dj6iziaab4owtlmzi679.jpg"/>

Open a browser to access http: // 192.168.88.100/automatically jump to Sina

650) This. width = 650; "src =" http://s3.51cto.com/wyfs02/M00/4D/3F/wKioL1ROP9LDMp5eAAHxcwWKP8E997.jpg "Title =" 17.png" alt = "wkiol1rop9ldmp5eaahxcwwkp8e997.jpg"/>

Redirection completed


Proxy module: reverse proxy

Open a server with the address 192.168.88.10 and access it. The content is as follows:

650) This. width = 650; "src =" http://s3.51cto.com/wyfs02/M00/4D/3E/wKiom1ROP56zLYhPAAFQopcF2Jg666.jpg "Title =" 18.png" alt = "wkiom1rop56zlyhpaafqopcf2jg666.jpg"/>


In addition, open the nginx server at 192.168.88.100:

1. Vim/etc/nginx. conf add content to the Sever site

When you access the main site, reverse proxy to 192.168.88.10 server.

650) This. width = 650; "src =" http://s3.51cto.com/wyfs02/M01/4D/3F/wKioL1ROQAiAkKWKAAC6I9ffv8M975.jpg "Title =" 19.png" alt = "wkiol1roqaiakkwkaac6i9ffv8m975.jpg"/>

Service nginxd restart

Open the browser to access http: // 192.168.88.100/PIC, proxy to 192.168.88.10

650) This. width = 650; "src =" http://s3.51cto.com/wyfs02/M01/4D/3E/wKiom1ROP8ygDpwEAAEFVavDQp8420.jpg "Title =" Maid alt = "wkiom1rop8ygdpweaaefvavdqp8420.jpg"/>

Add cache for reverse proxy

1. Edit Vim/etc/nginx. conf as follows:

650) This. width = 650; "src =" http://s3.51cto.com/wyfs02/M02/4D/3E/wKiom1ROP-DzuOC9AAJf8Mo75Lc662.jpg "Title =" 21.png" alt = "wKiom1ROP-DzuOC9AAJf8Mo75Lc662.jpg"/>

Restart nginxd and the cache directory does not contain any files.

650) This. width = 650; "src =" http://s3.51cto.com/wyfs02/M00/4D/3F/wKioL1ROQEmA2DVoAADGty_VVII483.jpg "Title =" 22.png" alt = "wkiol1roqema2dvoaadgty_vvii483.jpg"/>


Open a browser to access http: // 192.168.88.100/PIC

650) This. width = 650; "src =" http://s3.51cto.com/wyfs02/M00/4D/3E/wKiom1ROQAyjGYjoAAEGqSRQ_c8964.jpg "Title =" 23.png" alt = "wkiom1roqayjgyjoaaegqsrq_c8964.jpg"/>

View the cache directory to generate the cache.

650) This. width = 650; "src =" http://s3.51cto.com/wyfs02/M01/4D/3E/wKiom1ROQGCyQDVJAAESq7n6V4E600.jpg "Title =" 24.png" alt = "wkiom1roqgcyqdvjaaesq7n6v4e600.jpg"/>



This article is from the "Wang chaofeng 51cto blog" blog, please be sure to keep this source http://wangcf1009.blog.51cto.com/8589325/1568757

Use of common nginx modules

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.