# You may add here your # server { # ... # } # statements for each of your virtual hosts to this file ## # You should look at the following URL's in order to grasp a solid understanding # of Nginx configuration files in order to fully unleash the power of Nginx. # http://wiki.nginx.org/Pitfalls # http://wiki.nginx.org/QuickStart # http://wiki.nginx.org/Configuration # # Generally, you will want to move this file somewhere, and start with a clean # file but keep this around for reference. Or just disable in sites-enabled. # # Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples. ## server { listen 80 default_server; listen [::]:80 default_server ipv6only=on; root /www/maple/leon; index index.php index.html index.htm; # Make site accessible from http://localhost/ server_name localhost; # location / { # First attempt to serve request as file, then # # as directory, then fall back to displaying a 404. # try_files $uri $uri/ =404; # Uncomment to enable naxsi on this location # include /etc/nginx/naxsi.rules # } # Only for nginx-naxsi used with nginx-naxsi-ui : process denied requests #location /RequestDenied { # proxy_pass http://127.0.0.1:8080; #} #error_page 404 /404.html; # redirect server error pages to the static page /50x.html # #error_page 500 502 503 504 /50x.html; #location = /50x.html { # root /usr/share/nginx/html; #} # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 # #location ~ \.php$ { # fastcgi_split_path_info ^(.+\.php)(/.+)$; # # NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini # With php5-cgi alone: # fastcgi_pass 127.0.0.1:9000; # With php5-fpm: # fastcgi_pass unix:/var/run/php5-fpm.sock; # fastcgi_index index.php; # include fastcgi_params; #} location ~ .php$ { try_files $uri =404; #增加 fastcgi_split_path_info ^(.+.php)(/.+)$; #反注释 ## NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini # ## With php5-cgi alone: # fastcgi_pass 127.0.0.1:9000; ## With php5-fpm: fastcgi_pass unix:/var/run/php5-fpm.sock; #反注释 fastcgi_index index.php; #反注释 include fastcgi_params; #反注释 } # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} } # another virtual host using mix of IP-, name-, and port-based configuration # #server { # listen 8000; # listen somename:8080; # server_name somename alias another.alias; # root html; # index index.html index.htm; # # location / { # try_files $uri $uri/ =404; # } #} # HTTPS server # #server { # listen 443; # server_name localhost; # # root html; # index index.html index.htm; # # ssl on; # ssl_certificate cert.pem; # ssl_certificate_key cert.key; # # ssl_session_timeout 5m; # # ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2; # ssl_ciphers "HIGH:!aNULL:!MD5 or HIGH:!aNULL:!MD5:!3DES"; # ssl_prefer_server_ciphers on; # # location / { # try_files $uri $uri/ =404; # } #} server { listen 80; server_name www.wechat.me; # set $root_path '/www/maple/leon/1/weixin/phalcon/wechat/public'; set $root_path '/www/maple/leon/1/weixin/phalcon/wechat/public'; root $root_path; access_log /var/log/nginx/$host-access.log; error_log /var/log/nginx/$host-error.log error; index index.php index.html index.htm; try_files $uri $uri/ @rewrite; location @rewrite { rewrite ^/(.*)$ /index.php?_url=/$1; } location ~ \.php { # try_files $uri =404; fastcgi_index /index.php; fastcgi_pass unix:/var/run/php5-fpm.sock; include fastcgi_params; fastcgi_split_path_info ^(.+\.php)(/.+)$; fastcgi_param PATH_INFO $fastcgi_path_info; fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; } location ~* ^/(css|img|js|flv|swf|download)/(.+)$ { root $root_path; } location ~ /\.ht { deny all; } }
# You may add here your # server { # ... # } # statements for each of your virtual hosts to this file ## # You should look at the following URL's in order to grasp a solid understanding # of Nginx configuration files in order to fully unleash the power of Nginx. # http://wiki.nginx.org/Pitfalls # http://wiki.nginx.org/QuickStart # http://wiki.nginx.org/Configuration # # Generally, you will want to move this file somewhere, and start with a clean # file but keep this around for reference. Or just disable in sites-enabled. # # Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples. ## server { listen 8089 default_server; listen [::]:8089 default_server ipv6only=on; root /usr/share/nginx/html; index index.html index.htm; # Make site accessible from http://localhost/ server_name www.kaotatest.com; location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; # Uncomment to enable naxsi on this location # include /etc/nginx/naxsi.rules } # Only for nginx-naxsi used with nginx-naxsi-ui : process denied requests #location /RequestDenied { # proxy_pass http://127.0.0.1:8080; #} #error_page 404 /404.html; # redirect server error pages to the static page /50x.html # #error_page 500 502 503 504 /50x.html; #location = /50x.html { # root /usr/share/nginx/html; #} # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 # location ~ \.php$ { fastcgi_split_path_info ^(.+\.php)(/.+)$; # NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini # With php5-cgi alone: fastcgi_pass 127.0.0.1:9000; # With php5-fpm: #fastcgi_pass unix:/var/run/php5-fpm.sock; fastcgi_index index.php; include fastcgi_params; } # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} } server { listen 8080 default_server; listen [::]:8080 default_server ipv6only=on; # [改] 网站的域名 server_name www.kaotatest.com; # [改] 程序的安装路径 root /home/zh/project/98809/ecomm/src; # [改] 日志路径 access_log /var/log/nginx/ecomm.access.log; error_log /var/log/nginx/ecomm.error.log; location / { index index.php; } # 配置设置图片格式文件 location ~* \.(jpg|jpeg|gif|png|ico|swf)$ { # 过期时间为3年 expires 3y; # 关闭日志记录 access_log off; # 关闭gzip压缩,减少CPU消耗,因为图片的压缩率不高。 gzip off; } # 配置css/js文件 location ~* \.(css|js)$ { access_log off; expires 3y; } # 禁止用户上传目录下所有.php文件的访问,提高安全性 location ~ ^/files/.*\.(php|php5)$ { deny all; } # 以下配置允许运行.php的程序,方便于其他第三方系统的集成。 location ~ \.php$ { fastcgi_pass 127.0.0.1:9000; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; include fastcgi_params; } } server { listen 8080; # [改] 网站的域名 server_name lms.kaotatest.com; # [改] 程序的安装路径 root /home/zh/project/98809/lms/web; # [改] 日志路径 access_log /var/log/nginx/lms.access.log; error_log /var/log/nginx/lms.error.log; location / { index app.php; try_files $uri @rewriteapp; } location @rewriteapp { rewrite ^(.*)$ /app.php/$1 last; } location ~ ^/udisk { internal; # [改] 请根据程序的实际安装路径修改。该目录下存放的是私有的文件课时的视频、音频等。 root /home/zh/project/98809/lms/app/data/; } location ~ ^/(app|app_dev)\.php(/|$) { # [改] 请根据实际php-fpm运行的方式修改 fastcgi_pass 127.0.0.1:9000; fastcgi_split_path_info ^(.+\.php)(/.*)$; include fastcgi_params; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_param HTTPS off; fastcgi_param HTTP_X-Sendfile-Type X-Accel-Redirect; # [改] 请根据程序的实际安装路径修改。该目录下存放的是私有的文件。 fastcgi_param HTTP_X-Accel-Mapping /udisk=/home/zh/project/98809/lms/app/data/udisk; fastcgi_buffer_size 128k; fastcgi_buffers 8 128k; } # 配置设置图片格式文件 location ~* \.(jpg|jpeg|gif|png|ico|swf)$ { # 过期时间为3年 expires 3y; # 关闭日志记录 access_log off; # 关闭gzip压缩,减少CPU消耗,因为图片的压缩率不高。 gzip off; } # 配置css/js文件 location ~* \.(css|js)$ { access_log off; expires 3y; } # 禁止用户上传目录下所有.php文件的访问,提高安全性 location ~ ^/files/.*\.(php|php5)$ { deny all; } # 以下配置允许运行.php的程序,方便于其他第三方系统的集成。 location ~ \.php$ { # [改] 请根据实际php-fpm运行的方式修改 fastcgi_pass 127.0.0.1:9000; fastcgi_split_path_info ^(.+\.php)(/.*)$; include fastcgi_params; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_param HTTPS off; } } server { listen 8080; # [改] 网站的域名 server_name ask.kaotatest.com; # [改] 程序的安装路径 root /home/zh/project/98809/lms/web; # [改] 日志路径 access_log /var/log/nginx/lms.access.log; error_log /var/log/nginx/lms.error.log; location / { index app.php; try_files $uri @rewriteapp; } location @rewriteapp { rewrite ^(.*)$ /app.php/$1 last; } location ~ ^/udisk { internal; # [改] 请根据程序的实际安装路径修改。该目录下存放的是私有的文件课时的视频、音频等。 root /home/zh/project/98809/lms/app/data/; } location ~ ^/(app|app_dev)\.php(/|$) { # [改] 请根据实际php-fpm运行的方式修改 fastcgi_pass 127.0.0.1:9000; fastcgi_split_path_info ^(.+\.php)(/.*)$; include fastcgi_params; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_param HTTPS off; fastcgi_param HTTP_X-Sendfile-Type X-Accel-Redirect; # [改] 请根据程序的实际安装路径修改。该目录下存放的是私有的文件。 fastcgi_param HTTP_X-Accel-Mapping /udisk=/home/zh/project/98809/lms/app/data/udisk; fastcgi_buffer_size 128k; fastcgi_buffers 8 128k; } # 配置设置图片格式文件 location ~* \.(jpg|jpeg|gif|png|ico|swf)$ { # 过期时间为3年 expires 3y; # 关闭日志记录 access_log off; # 关闭gzip压缩,减少CPU消耗,因为图片的压缩率不高。 gzip off; } # 配置css/js文件 location ~* \.(css|js)$ { access_log off; expires 3y; } # 禁止用户上传目录下所有.php文件的访问,提高安全性 location ~ ^/files/.*\.(php|php5)$ { deny all; } # 以下配置允许运行.php的程序,方便于其他第三方系统的集成。 location ~ \.php$ { # [改] 请根据实际php-fpm运行的方式修改 fastcgi_pass 127.0.0.1:9000; fastcgi_split_path_info ^(.+\.php)(/.*)$; include fastcgi_params; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_param HTTPS off; } } server { listen 8080; # [改] 网站的域名 server_name ucenter.kaotatest.com; # [改] 程序的安装路径 root /home/zh/project/UCenter_1.6.0_SC_UTF8/upload; # [改] 日志路径 access_log /var/log/nginx/ucenter.access.log; error_log /var/log/nginx/ucenter.error.log; location / { index index.php; } # 配置设置图片格式文件 location ~* \.(jpg|jpeg|gif|png|ico|swf)$ { # 过期时间为3年 expires 3y; # 关闭日志记录 access_log off; # 关闭gzip压缩,减少CPU消耗,因为图片的压缩率不高。 gzip off; } # 配置css/js文件 location ~* \.(css|js)$ { access_log off; expires 3y; } # 禁止用户上传目录下所有.php文件的访问,提高安全性 location ~ ^/files/.*\.(php|php5)$ { deny all; } # 以下配置允许运行.php的程序,方便于其他第三方系统的集成。 location ~ \.php$ { fastcgi_pass 127.0.0.1:9000; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; include fastcgi_params; } } server { listen 8080; server_name composer.internal.com; location / { proxy_pass http://localhost:9004; proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504; proxy_redirect off; proxy_buffering off; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } } server { listen 9005; # [改] 网站的域名 server_name localhost; # [改] 程序的安装路径 root /home/zh/project/98809/tiku_migration/web; # [改] 日志路径 access_log /var/log/nginx/tiku_migration.access.log; error_log /var/log/nginx/tiku_migration.error.log; location / { index app.php; try_files $uri @rewriteapp; } location @rewriteapp { rewrite ^(.*)$ /app.php/$1 last; } location ~ ^/udisk { internal; # [改] 请根据程序的实际安装路径修改。该目录下存放的是私有的文件课时的视频、音频等。 root /home/zh/project/tiku_migration/app/data/; } location ~ ^/(app|app_dev)\.php(/|$) { # [改] 请根据实际php-fpm运行的方式修改 fastcgi_pass 127.0.0.1:9000; fastcgi_split_path_info ^(.+\.php)(/.*)$; include fastcgi_params; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_param HTTPS off; fastcgi_param HTTP_X-Sendfile-Type X-Accel-Redirect; # [改] 请根据程序的实际安装路径修改。该目录下存放的是私有的文件。 fastcgi_param HTTP_X-Accel-Mapping /udisk=/home/zh/project/tiku_migration/app/data/udisk; fastcgi_buffer_size 128k; fastcgi_buffers 8 128k; } # 配置设置图片格式文件 location ~* \.(jpg|jpeg|gif|png|ico|swf)$ { # 过期时间为3年 expires 3y; # 关闭日志记录 access_log off; # 关闭gzip压缩,减少CPU消耗,因为图片的压缩率不高。 gzip off; } # 配置css/js文件 location ~* \.(css|js)$ { access_log off; expires 3y; } # 禁止用户上传目录下所有.php文件的访问,提高安全性 location ~ ^/files/.*\.(php|php5)$ { deny all; } # 以下配置允许运行.php的程序,方便于其他第三方系统的集成。 location ~ \.php$ { # [改] 请根据实际php-fpm运行的方式修改 fastcgi_pass 127.0.0.1:9000; fastcgi_split_path_info ^(.+\.php)(/.*)$; include fastcgi_params; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_param HTTPS off; } } # another virtual host using mix of IP-, name-, and port-based configuration # #server { # listen 8000; # listen somename:8080; # server_name somename alias another.alias; # root html; # index index.html index.htm; # # location / { # try_files $uri $uri/ =404; # } #} # HTTPS server # #server { # listen 443; # server_name localhost; # # root html; # index index.html index.htm; # # ssl on; # ssl_certificate cert.pem; # ssl_certificate_key cert.key; # # ssl_session_timeout 5m; # # ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2; # ssl_ciphers "HIGH:!aNULL:!MD5 or HIGH:!aNULL:!MD5:!3DES"; # ssl_prefer_server_ciphers on; # # location / { # try_files $uri $uri/ =404; # } #}
2015-4-29
测试nginx配置
#设定虚拟主机配置 server { #侦听80端口 listen 80; #定义使用 www.nginx.cn访问 server_name www.leon.react.com; #定义服务器的默认网站根目录位置 root /Users/kaota002/helinfeng/React; #设定本虚拟主机的访问日志 access_log /usr/local/var/log/nginx/react_access.log main; error_log /usr/local/var/log/nginx/react_error.log; #默认请求 location / { #定义首页索引文件的名称 index index.php index.html index.htm; } # 定义错误提示页面 error_page 500 502 503 504 /50x.html; location = /50x.html { } #静态文件,nginx自己处理 location ~ ^/(images|javascript|js|css|flash|media|static)/ { #过期30天,静态文件不怎么更新,过期可以设大一点, #如果频繁更新,则可以设置得小一点。 expires 30d; } #PHP 脚本请求全部转发到 FastCGI处理. 使用FastCGI默认配置. location ~ .php$ { fastcgi_pass 127.0.0.1:9001; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; include fastcgi_params; } #禁止访问 .htxxx 文件 location ~ /.ht { deny all; } }
#运行用户 user nobody; #启动进程,通常设置成和cpu的数量相等 worker_processes 1; #全局错误日志及PID文件 #error_log logs/error.log; #error_log logs/error.log notice; #error_log logs/error.log info; #pid logs/nginx.pid; #工作模式及连接数上限 events { #epoll是多路复用IO(I/O Multiplexing)中的一种方式, #仅用于linux2.6以上内核,可以大大提高nginx的性能 use epoll; #单个后台worker process进程的最大并发链接数 worker_connections 1024; # 并发总数是 worker_processes 和 worker_connections 的乘积 # 即 max_clients = worker_processes * worker_connections # 在设置了反向代理的情况下,max_clients = worker_processes * worker_connections / 4 为什么 # 为什么上面反向代理要除以4,应该说是一个经验值 # 根据以上条件,正常情况下的Nginx Server可以应付的最大连接数为:4 * 8000 = 32000 # worker_connections 值的设置跟物理内存大小有关 # 因为并发受IO约束,max_clients的值须小于系统可以打开的最大文件数 # 而系统可以打开的最大文件数和内存大小成正比,一般1GB内存的机器上可以打开的文件数大约是10万左右 # 我们来看看360M内存的VPS可以打开的文件句柄数是多少: # $ cat /proc/sys/fs/file-max # 输出 34336 # 32000 < 34336,即并发连接总数小于系统可以打开的文件句柄总数,这样就在操作系统可以承受的范围之内 # 所以,worker_connections 的值需根据 worker_processes 进程数目和系统可以打开的最大文件总数进行适当地进行设置 # 使得并发总数小于操作系统可以打开的最大文件数目 # 其实质也就是根据主机的物理CPU和内存进行配置 # 当然,理论上的并发总数可能会和实际有所偏差,因为主机还有其他的工作进程需要消耗系统资源。 # ulimit -SHn 65535 } http { #设定mime类型,类型由mime.type文件定义 include mime.types; default_type application/octet-stream; #设定日志格式 log_format main '$remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; access_log logs/access.log main; #sendfile 指令指定 nginx 是否调用 sendfile 函数(zero copy 方式)来输出文件, #对于普通应用,必须设为 on, #如果用来进行下载等应用磁盘IO重负载应用,可设置为 off, #以平衡磁盘与网络I/O处理速度,降低系统的uptime. sendfile on; #tcp_nopush on; #连接超时时间 #keepalive_timeout 0; keepalive_timeout 65; tcp_nodelay on; #开启gzip压缩 gzip on; gzip_disable "MSIE [1-6]."; #设定请求缓冲 client_header_buffer_size 128k; large_client_header_buffers 4 128k; #设定虚拟主机配置 server { #侦听80端口 listen 80; #定义使用 www.nginx.cn访问 server_name www.nginx.cn; #定义服务器的默认网站根目录位置 root html; #设定本虚拟主机的访问日志 access_log logs/nginx.access.log main; #默认请求 location / { #定义首页索引文件的名称 index index.php index.html index.htm; } # 定义错误提示页面 error_page 500 502 503 504 /50x.html; location = /50x.html { } #静态文件,nginx自己处理 location ~ ^/(images|javascript|js|css|flash|media|static)/ { #过期30天,静态文件不怎么更新,过期可以设大一点, #如果频繁更新,则可以设置得小一点。 expires 30d; } #PHP 脚本请求全部转发到 FastCGI处理. 使用FastCGI默认配置. location ~ .php$ { fastcgi_pass 127.0.0.1:9000; fastcgi_index index.php; # fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; include fastcgi_params; } #禁止访问 .htxxx 文件 location ~ /.ht { deny all; } } }