day 45期中架构-Nginx-web应用深入
Nginx软件之所以强大,是因为它具有众多的功能模块,下面列出了企业常用的重要模块。
1)Nginx模块功能化:
模块化就是:耦合度更低,易于管理。工作中做事要学会低耦合。
SQA架构,RPC服务都属于低耦合的技术模式。
2)虚拟主机分类介绍:
1.基于域名的虚拟主机:
意思就是通过不同的域名区分不同的虚拟主机,基于域名的虚拟主机是企业应用最广的虚拟主机类型,几乎所有对外提供服务的网站使用的都是基于域名的虚拟主机
2.基于端口的虚拟主机:
意思就是通过不同的端口来区分不同的虚拟主机,此类虚拟主机对应的企业应用主要为公司的内部网站
3.基于IP的虚拟主机:
意思就是通过不同的IP来区分不同的虚拟主机,此类虚拟主机对应的企业应用非常少见。一般不同的业务需要使用多IP的场景都会在负载均衡器上进行VIP绑定,而不是在web上绑定IP来区分不同的虚拟主机。
3)虚拟主机的概念:
所谓虚拟主机,在web服务里就是一个独立的网站站点,这个站点对应独立的域名(也可能是IP或端口),具有独立的程序及资源目录,可以独立的对外提供服务供用户访问。
4)实践基于域名的虚拟主机
[root@web02 ~]# cd /application/nginx/conf/
[root@web02 /application/nginx/conf]# egrep -v "^$|#" nginx.conf.default >nginx.conf
[root@web02 /application/nginx/conf]# cat -n nginx.conf
1 worker_processes 1; #---worker 进程的数量
2 events { #---事件区块开始
3 worker_connections 1024; #----每个worker进程支持的最大的连接数
4 } #----事件区块结束
5 http { #----Http区块开始
6 include mime.types; #----Nginx支持的媒体类型库文件包含
7 default_type application/octet-stream; #----默认的媒体类型
8 sendfile on; #----开启高效传输模式
9 keepalive_timeout 65; #----连接超时
10 server { #----第一个Server区块开始
11 listen 80; #----提供服务的端口,默认80
12 server_name localhost; #----提供服务的域名主机名
13 location / { #----第一个Location区块开始
14 root html; #----站点的根目录,相对于nginx安装目录
15 index index.html index.htm;#----没人带首页文件,多个用空格分开
16 }
17 error_page 500 502 503 504 /50x.html; #----出现对应的http状态码时,使用50x.html回应客户
18 location = /50x.html { #----Location区块开始,访问50x.html
19 root html; #----指定对应的站点目录为html
20 } #----Location区块结束
21 } #----server区块结束
22 } #----http区块结束
1 worker_processes 1;
2 events {
3 worker_connections 1024;
4 }
5 http {
6 include mime.types;
7 default_type application/octet-stream;
8 sendfile on;
9 keepalive_timeout 65;
10 server {
11 listen 80;
12 server_name localhost;
13 location / {
14 root html;
15 index index.html index.htm;
16 }
17 error_page 500 502 503 504 /50x.html;
18 location = /50x.html {
19 root html;
20 }
21 }
22 }
[root@web02 /application/nginx/conf]# cat -n nginx.conf
1 worker_processes 1;
2 events {
3 worker_connections 1024;
4 }
5 http {
6 include mime.types;
7 default_type application/octet-stream;
8 sendfile on;
9 keepalive_timeout 65;
10 server {
11 listen 80;
12 server_name www.etiantian.org;
13 location / {
14 root html/www;
15 index index.html index.htm;
16 }
17 }
18 }
[root@web02 /application/nginx/conf]# mkdir ../html/www
[root@web02 /application/nginx/conf]# echo "www.etiantian.org" >../html/www/index.html
[root@web02 /application/nginx/conf]# cat ../html/www/index.html
www.etiantian.org
[root@web02 /application/nginx/conf]# cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
172.16.1.5 lb01
172.16.1.6 lb02
172.16.1.7 web01
172.16.1.8 web02
172.16.1.9 web03
172.16.1.31 nfs01
172.16.1.41 backup
172.16.1.51 db01 db01.etiantian.org
172.16.1.61 m01
[root@web02 /application/nginx/conf]# echo "10.0.0.8 www.etiantian.org" >>/etc/hosts
[root@web02 /application/nginx/conf]# tail -1 /etc/hosts
10.0.0.8 www.etiantian.org
[root@web02 /application/nginx/conf]# ping www.etiantian.org
PING www.etiantian.org (10.0.0.8) 56(84) bytes of data.
64 bytes from www.etiantian.org (10.0.0.8): icmp_seq=1 ttl=64 time=0.050 ms
[root@web02 /application/nginx/conf]# echo 'PATH="/application/nginx/sbin:$PATH"' >>/etc/profile
[root@web02 /application/nginx/conf]# . /etc/profile
[root@web02 /application/nginx/conf]# echo $PATH
/application/nginx/sbin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/root/bin
[root@web02 /application/nginx/conf]# /application/nginx/sbin/nginx ^C
[root@web02 /application/nginx/conf]# nginx -t
nginx: the configuration file /application/nginx-1.16.0//conf/nginx.conf syntax is ok
nginx: configuration file /application/nginx-1.16.0//conf/nginx.conf test is successful
[root@web02 /application/nginx/conf]# nginx -s reload
[root@web02 /application/nginx/conf]#
[root@web02 /application/nginx/conf]# curl www.etiantian.org
www.etiantian.org
WINDOWS下测试:
C:\Windows\System32\drivers\etc\hosts
10.0.0.8 www.etiantian.org
[root@web02 /application/nginx/conf]# cat -n nginx.conf
1 worker_processes 1;
2 events {
3 worker_connections 1024;
4 }
5 http {
6 include mime.types;
7 default_type application/octet-stream;
8 sendfile on;
9 keepalive_timeout 65;
10 server {
11 listen 80;
12 server_name www.etiantian.org;
13 location / {
14 root html/www;
15 index index.html index.htm;
16 }
17 }
18 server {
19 listen 80;
20 server_name bbs.etiantian.org;
21 location / {
22 root html/bbs;
23 index index.html index.htm;
24 }
25 }
26 server {
27 listen 80;
28 server_name blog.etiantian.org;
▽ 29 location / {
30 root html/blog;
31 index index.html index.htm;
32 }
33 }
34 }
[root@web02 /application/nginx/conf]# mkdir ../html/{bbs,blog}
[root@web02 /application/nginx/conf]# echo "bbs.etiantian.org" >../html/bbs/index.html
[root@web02 /application/nginx/conf]# echo "blog.etiantian.org" >../html/blog/index.html
[root@web02 /application/nginx/conf]#
[root@web02 /application/nginx/conf]#
[root@web02 /application/nginx/conf]# cat ../html/blog/index.html
blog.etiantian.org
[root@web02 /application/nginx/conf]# cat ../html/bbs/index.html
bbs.etiantian.org
[root@web02 /application/nginx/conf]#
[root@web02 /application/nginx/conf]# nginx -t
nginx: the configuration file /application/nginx-1.16.0//conf/nginx.conf syntax is ok
nginx: configuration file /application/nginx-1.16.0//conf/nginx.conf test is successful
[root@web02 /application/nginx/conf]# nginx -s reload
[root@web02 /application/nginx/conf]#
[root@web02 /application/nginx/conf]# vim /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
172.16.1.5 lb01
172.16.1.6 lb02
172.16.1.7 web01
172.16.1.8 web02
172.16.1.9 web03
172.16.1.31 nfs01
172.16.1.41 backup
172.16.1.51 db01 db01.etiantian.org
172.16.1.61 m01
10.0.0.8 www.etiantian.org bbs.etiantian.org blog.etiantian.org
~
"/etc/hosts" 12L, 396C 已写入
[root@web02 /application/nginx/conf]# ping bbs.etiantian.org
PING www.etiantian.org (10.0.0.8) 56(84) bytes of data.
64 bytes from www.etiantian.org (10.0.0.8): icmp_seq=1 ttl=64 time=0.022 ms
64 bytes from www.etiantian.org (10.0.0.8): icmp_seq=2 ttl=64 time=0.056 ms
^C
--- www.etiantian.org ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1000ms
rtt min/avg/max/mdev = 0.022/0.039/0.056/0.017 ms
[root@web02 /application/nginx/conf]# ping blog.etiantian.org
PING www.etiantian.org (10.0.0.8) 56(84) bytes of data.
64 bytes from www.etiantian.org (10.0.0.8): icmp_seq=1 ttl=64 time=0.228 ms
64 bytes from www.etiantian.org (10.0.0.8): icmp_seq=2 ttl=64 time=0.029 ms
^C
--- www.etiantian.org ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1001ms
rtt min/avg/max/mdev = 0.029/0.128/0.228/0.100 ms
[root@web02 /application/nginx/conf]#
[root@web02 /application/nginx/conf]#
[root@web02 /application/nginx/conf]#
[root@web02 /application/nginx/conf]# curl www.etiantian.org
www.etiantian.org
[root@web02 /application/nginx/conf]# curl bbs.etiantian.org
bbs.etiantian.org
[root@web02 /application/nginx/conf]# curl blog.etiantian.org
blog.etiantian.org
基于端口虚拟主机实践:
[root@web02 ~]# cd /application/nginx/conf/
[root@web02 /application/nginx/conf]# cp nginx.conf{,_BaseName}
[root@web02 /application/nginx/conf]# ls
fastcgi.conf index.html mime.types.default scgi_params win-utf
fastcgi.conf.default koi-utf nginx.conf scgi_params.default
fastcgi_params koi-win nginx.conf_BaseName uwsgi_params
fastcgi_params.default mime.types nginx.conf.default uwsgi_params.default
[root@web02 /application/nginx/conf]# vim nginx.conf
[root@web02 /application/nginx/conf]# vim nginx.conf
keepalive_timeout 65;
server {
listen 80;
server_name www.etiantian.org;
location / {
root html/www;
index index.html index.htm;
}
}
server {
listen 81;
server_name bbs.etiantian.org;
location / {
root html/bbs;
index index.html index.htm;
}
}
server {
listen 82;
server_name blog.etiantian.org;
"nginx.conf" 34L, 753C 已写入
[root@web02 /application/nginx/conf]# netstat -lntup|grep nginx
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 14322/nginx: master
[root@web02 /application/nginx/conf]# nginx -t
nginx: the configuration file /application/nginx-1.16.0//conf/nginx.conf syntax is ok
nginx: configuration file /application/nginx-1.16.0//conf/nginx.conf test is successful
[root@web02 /application/nginx/conf]# nginx -s reload
[root@web02 /application/nginx/conf]# netstat -lntup|grep nginx
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 14322/nginx: master
tcp 0 0 0.0.0.0:81 0.0.0.0:* LISTEN 14322/nginx: master
tcp 0 0 0.0.0.0:82 0.0.0.0:* LISTEN 14322/nginx: master
[root@web02 /application/nginx/conf]# curl www.etiantian.org
www.etiantian.org
[root@web02 /application/nginx/conf]# curl bbs.etiantian.org:81
bbs.etiantian.org
[root@web02 /application/nginx/conf]# curl bbs.etiantian.org
www.etiantian.org
[root@web02 /application/nginx/conf]# curl blog.etiantian.org:82
blog.etiantian.org
[root@web02 /application/nginx/conf]# curl blog.etiantian.org
www.etiantian.org
1)浏览器输入www.etiantian.org
2)找LDNS-授权DNS获取到IP。
3)请求服务器发起三次握手。
4)建立http请求。
(10.0.0.8 80)
5)发起HTTP请求报文。
(4)先匹配请求的端口。
(5)然后匹配Server标签域名
(6)把对应域名下面站点目录
下的首页文件发给客户端。
(7)如果没有匹配的域名,
就把第一个虚拟机
主机发给客户端
基于IP的虚拟主机:
[root@web02 ~]# ip addr add 10.0.0.9 dev eth0 label eth0:9
[root@web02 ~]# ip addr add 10.0.0.10 dev eth0 label eth0:10
[root@web02 ~]# ifconfig
eth0: flags=4163
inet 10.0.0.8 netmask 255.255.255.0 broadcast 10.0.0.255
inet6 fe80::20c:29ff:fe12:170c prefixlen 64 scopeid 0x20
ether 00:0c:29:12:17:0c txqueuelen 1000 (Ethernet)
RX packets 21765 bytes 18029629 (17.1 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 12171 bytes 1426129 (1.3 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
eth0:9: flags=4163
inet 10.0.0.9 netmask 255.255.255.255 broadcast 0.0.0.0
ether 00:0c:29:12:17:0c txqueuelen 1000 (Ethernet)
eth0:10: flags=4163
inet 10.0.0.10 netmask 255.255.255.255 broadcast 0.0.0.0
[root@web02 /application/nginx/conf]# cat -n nginx.conf
1 worker_processes 1;
2 events {
3 worker_connections 1024;
4 }
5 http {
6 include mime.types;
7 default_type application/octet-stream;
8 sendfile on;
9 keepalive_timeout 65;
10 server {
11 listen 10.0.0.8:80;
12 server_name www.etiantian.org;
13 location / {
14 root html/www;
15 index index.html index.htm;
16 }
17 }
18 server {
19 listen 10.0.0.9:80;
20 server_name bbs.etiantian.org;
21 location / {
22 root html/bbs;
23 index index.html index.htm;
24 }
25 }
26 server {
27 listen 10.0.0.10:80;
28 server_name blog.etiantian.org;
29 location / {
30 root html/blog;
31 index index.html index.htm;
32 }
33 }
34 }
[root@web02 /application/nginx/conf]# nginx -t
nginx: the configuration file /application/nginx-1.16.0//conf/nginx.conf syntax is ok
nginx: configuration file /application/nginx-1.16.0//conf/nginx.conf test is successful
[root@web02 /application/nginx/conf]# nginx -s reload
[root@web02 /application/nginx/conf]# netstat -lntup|grep nginx
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 14322/nginx: master
tcp 0 0 0.0.0.0:81 0.0.0.0:* LISTEN 14322/nginx: master
tcp 0 0 0.0.0.0:82 0.0.0.0:* LISTEN 14322/nginx: master
[root@web02 /application/nginx/conf]# nginx -s stop
[root@web02 /application/nginx/conf]# nginx
[root@web02 /application/nginx/conf]# netstat -lntup|grep nginx
tcp 0 0 10.0.0.10:80 0.0.0.0:* LISTEN 14967/nginx: master
tcp 0 0 10.0.0.9:80 0.0.0.0:* LISTEN 14967/nginx: master
tcp 0 0 10.0.0.8:80 0.0.0.0:* LISTEN 14967/nginx: master
[root@web02 /application/nginx/conf]# curl 10.0.0.8
www.etiantian.org
[root@web02 /application/nginx/conf]# curl 10.0.0.9
bbs.etiantian.org
[root@web02 /application/nginx/conf]# curl 10.0.0.10
blog.etiantian.org
一:什么是恶意域名解析
一般情况下,要使域名能访问到网站需要两步,第一步,将域名解析到网站所在的主机,第二步,在web服务器中将域名与相应的网站绑定。但是,如果通过主机IP能直接访问某网站,那么把域名解析到这个IP也将能访问到该网站,而无需在主机上绑定,也就是说任何人将任何域名解析到这个IP就能访问到这个网站。
二:恶意域名解析的危害
可能您并不介意通过别人的域名访问到您的网站,但是如果这个域名是未备案域名呢?
假如那域名是不友善的域名,比如曾经指向非法网站,容易引发搜索引擎惩罚,连带IP受到牵连。即使域名没什么问题,但流量也会被劫持到别的域名,从而遭到广告联盟的封杀。
三;如何防止,配置里第一个标签如下配置
server{
listen 80;
server_name _default;
return 500;
}
优化nginx配置文件:
[root@web02 /application/nginx/conf]# mkdir extra
[root@web02 /application/nginx/conf]# sed -n '10,17p' nginx.conf
server {
listen 80;
server_name www.etiantian.org;
location / {
root html/www;
index index.html index.htm;
}
}
[root@web02 /application/nginx/conf]# sed -n '10,17p' nginx.conf >extra/01_www.conf
[root@web02 /application/nginx/conf]# sed -n '18,25p' nginx.conf
server {
listen 80;
server_name bbs.etiantian.org;
location / {
root html/bbs;
index index.html index.htm;
}
}
[root@web02 /application/nginx/conf]# sed -n '18,25p' nginx.conf >extra/02_bbs.conf
[root@web02 /application/nginx/conf]# sed -n '26,33p' nginx.conf
server {
listen 80;
server_name blog.etiantian.org;
location / {
root html/blog;
index index.html index.htm;
}
}
[root@web02 /application/nginx/conf]# sed -n '26,33p' nginx.conf >extra/03_blog.conf
[root@web02 /application/nginx/conf]#
[root@web02 /application/nginx/conf]#
[root@web02 /application/nginx/conf]# cd extra/
[root@web02 /application/nginx/conf/extra]# cat 01_www.conf
server {
listen 80;
server_name www.etiantian.org;
location / {
root html/www;
index index.html index.htm;
}
}
[root@web02 /application/nginx/conf/extra]# cat 02_bbs.conf
server {
listen 80;
server_name bbs.etiantian.org;
location / {
root html/bbs;
index index.html index.htm;
}
}
[root@web02 /application/nginx/conf/extra]# cat 03_blog.conf
server {
listen 80;
server_name blog.etiantian.org;
location / {
root html/blog;
index index.html index.htm;
}
}
[root@web02 /application/nginx/conf/extra]#
[root@web02 /application/nginx/conf/extra]# cd ../
[root@web02 /application/nginx/conf]# sed -n '10,33p' nginx.conf
server {
listen 80;
server_name www.etiantian.org;
location / {
root html/www;
index index.html index.htm;
}
}
server {
listen 80;
server_name bbs.etiantian.org;
location / {
root html/bbs;
index index.html index.htm;
}
}
server {
listen 80;
server_name blog.etiantian.org;
location / {
root html/blog;
index index.html index.htm;
}
}
[root@web02 /application/nginx/conf]# sed -i '10,33d' nginx.conf
[root@web02 /application/nginx/conf]# sed -i '10 i include extra/01_www.conf;\ninclude extra/02_bbs.conf;\ninclude extra/03_blog.conf;' nginx.conf
[root@web02 /application/nginx/conf]#
[root@web02 /application/nginx/conf]#
[root@web02 /application/nginx/conf]#
[root@web02 /application/nginx/conf]#
[root@web02 /application/nginx/conf]# cat nginx.conf
worker_processes 1;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
include extra/01_www.conf;
include extra/02_bbs.conf;
include extra/03_blog.conf;
}
[root@web02 /application/nginx/conf]# nginx -t
nginx: the configuration file /application/nginx-1.16.0//conf/nginx.conf syntax is ok
nginx: configuration file /application/nginx-1.16.0//conf/nginx.conf test is successful
[root@web02 /application/nginx/conf]# nginx -s reload
[root@web02 /application/nginx/conf]# curl www.etiantian.org
www.etiantian.org
[root@web02 /application/nginx/conf]# curl bbs.etiantian.org
bbs.etiantian.org
[root@web02 /application/nginx/conf]# curl blog.etiantian.org
blog.etiantian.org
别名:一个名字以外的另一名字
www.etiantian.org
etiantian.org
[root@web02 /application/nginx/conf]# cat extra/01_www.conf
server {
listen 80;
server_name www.etiantian.org etiantian.org;
location / {
root html/www;
index index.html index.htm;
}
}
[root@web02 /application/nginx/conf]# nginx -v
nginx version: nginx/1.16.0
[root@web02 /application/nginx/conf]#
[root@web02 /application/nginx/conf]#
[root@web02 /application/nginx/conf]# nginx -V
nginx version: nginx/1.16.0
built by gcc 4.8.5 20150623 (Red Hat 4.8.5-36) (GCC)
built with OpenSSL 1.0.2k-fips 26 Jan 2017
TLS SNI support enabled
configure arguments: --user=www --group=www --prefix=/application/nginx-1.16.0/ --with-http_stub_status_module --with-http_ssl_module --with-pcre
[root@web02 /application/nginx/conf]# cat extra/04_status.conf
#status
server{
listen 80;
server_name status.etiantian.org;
location / {
stub_status on;
access_log off;
}
}
10.0.0.8 www.etiantian.org bbs.etiantian.org blog.etiantian.org status.etiantian.org
错误日志:
[root@web02 /application/nginx/conf/extra]# cat 01_www.conf
server {
listen 80;
server_name www.etiantian.org etiantian.org;
location / {
root html/www;
index index.html index.htm;
}
access_log logs/access_www.log main;
}
[root@web02 /application/nginx/conf]# vim nginx.conf
worker_processes 1;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
include extra/01_www.conf;
include extra/02_bbs.conf;
include extra/03_blog.conf;
}
[root@web02 /application/nginx/conf]# nginx -s reload
[root@web02 /application/nginx/conf]# cd ..
[root@web02 /application/nginx]# cd logs/
[root@web02 /application/nginx/logs]# ll
总用量 24
-rw-r--r-- 1 root root 1533 5月 5 17:45 access.log
-rw-r--r-- 1 root root 0 5月 5 17:52 access_www.log
-rw-r--r-- 1 root root 12888 5月 5 17:52 error.log
-rw-r--r-- 1 root root 5 5月 5 12:27 nginx.pid
[root@web02 /application/nginx/logs]# curl bbs.etiantian.org
bbs.etiantian.org
[root@web02 /application/nginx/logs]# ll
总用量 24
-rw-r--r-- 1 root root 1617 5月 5 17:53 access.log
-rw-r--r-- 1 root root 0 5月 5 17:52 access_www.log
-rw-r--r-- 1 root root 12888 5月 5 17:52 error.log
-rw-r--r-- 1 root root 5 5月 5 12:27 nginx.pid
[root@web02 /application/nginx/logs]# nginx -s reload
[root@web02 /application/nginx/logs]# ll
总用量 24
-rw-r--r-- 1 root root 1617 5月 5 17:53 access.log
-rw-r--r-- 1 root root 0 5月 5 17:52 access_www.log
-rw-r--r-- 1 root root 12948 5月 5 17:54 error.log
-rw-r--r-- 1 root root 5 5月 5 12:27 nginx.pid
[root@web02 /application/nginx/logs]# cd .
[root@web02 /application/nginx/logs]# cd ..
[root@web02 /application/nginx]# cd conf/
[root@web02 /application/nginx/conf]# cd extra/
[root@web02 /application/nginx/conf/extra]# ll
总用量 12
-rw-r--r-- 1 root root 244 5月 5 17:49 01_www.conf
-rw-r--r-- 1 root root 168 5月 5 12:29 02_bbs.conf
-rw-r--r-- 1 root root 159 5月 5 12:29 03_blog.conf
[root@web02 /application/nginx/conf/extra]# vim 01_www.conf
server {
listen 80;
server_name www.etiantian.org etiantian.org;
▽ location / {
root html/www;
index index.html index.htm;
}
access_log logs/access_www.log main;
}
root@web02 /application/nginx/conf/extra]# vim 02_bbs.conf
server {
listen 80;
server_name bbs.etiantian.org;
▽ location / {
root html/bbs;
index index.html index.htm;
}
access_log logs/access_bbs.log main;
}
[root@web02 /application/nginx/conf/extra]# vim 03_blog.conf
server {
listen 80;
server_name blog.etiantian.org;
location / {
root html/blog;
index index.html index.htm;
}
access_log logs/access_blog.log main;
}
[root@web02 /application/nginx/conf]# vim nginx.conf
worker_processes 1;
error_log logs/error_www.log;
error_log logs/error_blog.log;
error_log logs/error_bbs.log;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
include extra/01_www.conf;
include extra/02_bbs.conf;
include extra/03_blog.conf;
}
[root@web02 /application/nginx/conf]# nginx -t
nginx: the configuration file /application/nginx-1.16.0//conf/nginx.conf syntax is ok
nginx: configuration file /application/nginx-1.16.0//conf/nginx.conf test is successful
[root@web02 /application/nginx/conf]# nginx -s reload
[root@web02 /application/nginx/conf]# curl www.etiantian.org
www.etiantian.org
[root@web02 /application/nginx/conf]# curl bbs.etiantian.org
bbs.etiantian.org
[root@web02 /application/nginx/conf]# curl blog.etiantian.org
blog.etiantian.org
[root@web02 /application/nginx/conf]# nginx -s reload
[root@web02 /application/nginx/conf]# cd ..
[root@web02 /application/nginx]# cd logs/
[root@web02 /application/nginx/logs]# ll
总用量 36
-rw-r--r-- 1 root root 88 5月 5 18:12 access_bbs.log
-rw-r--r-- 1 root root 88 5月 5 18:12 access_blog.log
-rw-r--r-- 1 root root 1617 5月 5 17:53 access.log
-rw-r--r-- 1 root root 88 5月 5 18:12 access_www.log
-rw-r--r-- 1 root root 0 5月 5 18:11 error_bbs.log
-rw-r--r-- 1 root root 0 5月 5 18:11 error_blog.log
-rw-r--r-- 1 root root 13128 5月 5 18:12 error.log
-rw-r--r-- 1 root root 0 5月 5 18:11 error_www.log
-rw-r--r-- 1 root root 5 5月 5 12:27 nginx.pid
下面是官方给出的的location示例,我们通过实例来验证不同的location标签生效的顺序,Nginx的配置文件为:
[root@web02 /application/nginx/conf]# vim extra/01_www.conf
server {
listen 80;
server_name www.etiantian.org etiantian.org;
root html/www;
location / {
return 401;
}
location = / {
return 402;
}
location /documents/ {
return 403;
}
location ^~ /images/ {
return 404;
#匹配任何以/images/开头的任何查询并且停止搜索。任何正则表达式匹配将不会被检查。
#"^~" 这个前缀的作用:在常规的字符串匹配检查之后,不做正则表达式的检查,即如果最明确的那个字
符串匹配的location配置中有此前缀,那么不会做正则表达式的检查。
}
}
location ~* \.(gif|jpg|jpeg)$ {
#匹配任何以 gif、jpg 或 jpeg 结尾的请求。
return 500;
}
access_log logs/access_www.log main gzip buffer=32k flush=5s;
}
检查语法并使得修改的配置生效:
[root@web01 conf]# nginx -t
[root@web01 conf]# nginx -s reload
然后以Linux客户端为例对上述location匹配进行真实测试,配置hosts文件如下。
root@web01 conf]# tail -1 /etc/hosts
10.0.0.7 www.etiantian.org bbs.etiantian.org blog.etiantian.org etiantian.org
实验结果如下:
[root@web01 conf]# curl -s -o /dev/null -I -w "%{http_code}\n" http://www.etiantian.org
402
[root@web01 conf]# curl -s -o /dev/null -I -w "%{http_code}\n" http://www.etiantian.org/
402
[root@web01 conf]# curl -s -o /dev/null -I -w "%{http_code}\n" http://www.etiantian.org/index.html
401
[root@web01 conf]# curl -s -o /dev/null -I -w "%{http_code}\n" http://www.etiantian.org/documents/document.html
403
[root@web01 conf]# curl -s -o /dev/null -I -w "%{http_code}\n" http://www.etiantian.org/images/1.gif
404
[root@web01 conf]# curl -s -o /dev/null -I -w "%{http_code}\n" http://www.etiantian.org/documents/1.jpg
500
[root@web01 conf]# curl -s -o /dev/null -I -w "%{http_code}\n" http://www.etiantian.org/oldboy/
401
[root@web01 conf]# curl -s -o /dev/null -I -w "%{http_code}\n" http://www.etiantian.org/abc/
401
301跳转:
[root@web02 /application/nginx/conf/extra]# cat 01_www.conf
server {
listen 80;
server_name etiantian.org;
rewrite ^/(.*) http://www.etiantian.org/$1 permanent;
}
server {
listen 80;
server_name www.etiantian.org;
location / {
root html/www;
index index.html index.htm;
}
access_log logs/access_www.log main;
}
例2:某公司早先只有一个域名www.etiantian.org,因此,将bbs论坛部署到了www.etiantian.org域名下的bbs目录下了,现在想启用bbs.etiantian.org做bbs的域名,需要实现访问http://www.etiantian.org/bbs跳转到http://bbs.etiantian.org。
(1)在etiantian.org下设置Nginx rewrite规则。
[root@web01 extra]# cat 01_www.conf
server {
listen 80;
server_name www.etiantian.org etiantian.org;
location / {
root html/www;
index index.html index.htm;
}
rewrite ^(.*)/bbs/ http://bbs.etiantian.org break;
access_log logs/access_www.log main gzip buffer=32k flush=5s;
}
[root@web01 extra]# cat 02_bbs.conf
server {
listen 80;
server_name bbs.etiantian.org;
location / {
root html/bbs;
index index.html index.htm;
}
}