安装配置Nginx
挂载远程源码包到本地
mount.cifs //192.168.100.10/LNMP-C7 /mnt //挂载到/mnt目录下
解压源码包到/opt目录下
[root@localhost ~]# cd /abc //切换到挂载点目录
[root@localhost abc]# ls
Discuz_X3.4_SC_UTF8.zip nginx-1.12.2.tar.gz
mysql-boost-5.7.20.tar.gz php-7.1.10.tar.gz
[root@localhost abc]# tar zxvf nginx-1.12.2.tar.gz -C /opt //解压Nginx源码包到/opt下
[root@localhost abc]# cd /opt/ //切换到解压的目录下
[root@localhost opt]# ls
nginx-1.12.2 rh
安装编译需要的环境组件包
[root@localhost opt]# yum -y install \
gcc \ //c语言
gcc-c++ \ //c++语言
pcre-devel \ //pcre语言工具
zlib-devel //数据压缩用的函式库
创建程序名为nginx的用户并编译Nginx
[root@localhost opt]# useradd -M -s /sbin/nologin nginx //创建程序用户,限定其
[root@localhost opt]# cd nginx-1.12.2/ //切换到nginx目录下
[root@localhost nginx-1.12.2]# ./configure \ //配置nginx
> --prefix=/usr/local/nginx \ //安装路径
> --user=nginx \ //用户名
> --group=nginx \ //用户组
> --with-http_stub_status_module //访问状态统计模块
编译和安装
[root@localhost nginx-1.12.0]# make && make install //编译及安装
制作Nginx管理脚本,便于管理使用
[root@localhost nginx]# ln -s /usr/local/nginx/sbin/nginx /usr/local/sbin/
//创建软连接 [root@nginx nginx-1.12.2]# vim /etc/init.d/nginx //编辑启动脚本
#!/bin/bash
# chkconfig: - 99 20
# description: Nginx Service Control Script
PROG="/usr/local/nginx/sbin/nginx"
PIDF="/usr/local/nginx/logs/nginx.pid"
case "$1" in
start)
$PROG
;;
stop)
kill -s QUIT $(cat $PIDF)
;;
restart)
$0 stop
$0 start
;;
reload)
kill -s HUP $(cat $PIDF)
;;
*)
echo "Usage: $0 {start|stop|restart|reload}"
exit 1
esac
exit 0
[root@nginx nginx-1.12.2]# chmod +x /etc/init.d/nginx //给脚本执行权限
[root@nginx nginx-1.12.2]# chkconfig --add nginx //添加到service管理器中
[root@nginx nginx-1.12.2]# yum install elinks -y //
[root@nginx nginx-1.12.2]# service nginx start //启动Nginx服务
[root@nginx nginx-1.12.2]# netstat -ntap | grep 80
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 42028/nginx: master
[root@nginx nginx-1.12.2]# systemctl stop firewalld.service //关闭防火墙
[root@nginx nginx-1.12.2]# setenforce 0 //关闭增强型安全功能
[root@nginx nginx-1.12.2]# elinks http://192.168.131.133/
配置Nginx网页缓存
复制图片到站点目录
[root@localhost nginx-1.12.0]# ls /abc
Discuz_X3.4_SC_UTF8.zip nginx-1.12.2.tar.gz
tupian.png php-7.1.10.tar.bz2
mysql-boost-5.7.20.tar.gz php-7.1.20.tar.gz
nginx-1.12.0.tar.gz
[root@localhost nginx-1.12.0]# cp /abc/game.jpg /usr/local/nginx/html/
[root@localhost nginx-1.12.0]# cd /usr/local/nginx/html/
[root@localhost html]# ls
50x.html game.jpg index.html
修改网页信息,将图片加到index.html文件中
[root@localhost html]# vim index.html
Welcome to nginx!
//添加图片路径
[root@localhost html]# vim /usr/local/nginx/conf/nginx.conf //修改配置文件
events {
worker_connections 1024;
}
user nginx nginx; //修改Nginx用户和组
#deny access to .htaccess files, if Apache's document root
#concurs with nginx's one
location ~\.(gif|jepg|jpg|ico|bmp|png)$ { //添加支持图片格式
root html; //站点
expires 1d; //缓存一天
}
[root@localhost html]# service nginx stop //重启服务
[root@localhost html]# service nginx start
使用虚拟机访问网页,并使用fiddler查看缓存
Nginx网页压缩
修改Nginx.conf文件
[root@localhost ~]# cd /usr/local/nginx/conf/
[root@localhost conf]# vim nginx.conf
gzip on; //使用x键删除此行前的井号注释
gzip_min_length 1k; //压缩阈值
gzip_buffers 4 16k; //buffers大小为4个16k缓冲区大小
gzip_http_version 1.1; //压缩版本号
gzip_comp_level 6;
//压缩比率,最小为1,处理快但传输慢;最大为9,处理慢,但传输快;此处设6,相对适中
gzip_types text/plain application/x-javascript text/css image/jpg image/jpegimage/png image/gif application/xml text/javascript application/x-httpd-php
application/javascript application/json; //支持的类型格式类型
gzip_disable "MSIE [1-6]\.";
//配置禁用gzip条件,支持正则表达式,表示ie6以下不启用gzip
gzip_vary on; //让前端的缓存服务器缓存经过gzip压缩的页面
复制图片到站点目录
[root@localhost conf]# cd ../html/
[root@localhost html]# cp /abc/tupian.png/
[root@localhost html]# ls
50x.html tupian.png index.html
修改站点首页内容
[root@localhost html]# vim index.html
Welcome to nginx!
//在h1标签下添加图片路径
[root@localhost html]# systemctl stop nginx.service //重启服务
[root@localhost html]# systemctl start nginx.service
[root@localhost html]# systemctl stop firewalld.service //关闭防火墙
[root@localhost html]# setenforce 0 //关闭增强型安全功能
Nginx版本隐藏
隐藏版本号
[root@localhost init.d]# curl -I http://192.168.131.133/ //查看Nginx信息
HTTP/1.1 200 OK
Server: nginx/1.12.2 //显示版本号
Date: Tue, 12 Nov 2019 14:23:24 GMT
Content-Type: text/html
Content-Length: 612
Last-Modified: Tue, 12 Nov 2019 13:46:35 GMT
Connection: keep-alive
ETag: "5dcab7bb-264"
Accept-Ranges: bytes
[root@localhost init.d]# vim /usr/local/nginx/conf/nginx.conf ##修改配置文件
http { //在http下添加
include mime.types;
default_type application/octet-stream;
server_tokens off; //关闭版本号
[root@localhost init.d]# service nginx stop //关闭服务
[root@localhost init.d]# service nginx start //开启服务
[root@localhost init.d]# curl -I http://192.168.131.133/ //查看Nginx信息
HTTP/1.1 200 OK
Server: nginx //版本号被隐藏
Date: Tue, 12 Nov 2019 14:22:00 GMT
Content-Type: text/html
Content-Length: 612
Last-Modified: Tue, 12 Nov 2019 13:46:35 GMT
Connection: keep-alive
ETag: "5dcab7bb-264"
Accept-Ranges: bytes
伪造版本号
[root@localhost init.d]# vim /usr/local/nginx/conf/nginx.conf
http {
include mime.types;
default_type application/octet-stream;
server_tokens on; //开启版本号
[root@localhost init.d]# cd /opt/nginx-1.12.2/src/core/ //切换到src源码包目录
[root@localhost core]# vim nginx.h //进入配置文件
#define NGINX_VERSION "1.1.1" //此处版本号伪造成1.1.1
[root@localhost core]# cd /opt/nginx-1.12.2/ //切换目录到Nginx下
[root@localhost nginx-1.12.2]# ./configure \ //重新配置
> --prefix=/usr/local/nginx \
> --user=nginx \
> --group=nginx \
> --with-http_stub_status_module
[root@localhost nginx-1.12.0]# make && make install //重新编译及安装
[root@localhost nginx-1.12.2]# service nginx stop //重启服务
[root@localhost nginx-1.12.2]# service nginx start
[root@localhost nginx-1.12.2]# curl -I http://192.168.131.133/ //查看Nginx信息
HTTP/1.1 200 OK
Server: nginx/1.1.1 //此时的版本号就是伪造的版本号
Date: Tue, 12 Nov 2019 14:34:02 GMT
Content-Type: text/html
Content-Length: 612
Last-Modified: Tue, 12 Nov 2019 13:46:35 GMT
Connection: keep-alive
ETag: "5dcab7bb-264"
Accept-Ranges: bytes