Nginx安装、默认虚拟主机、Nginx用户认证、Nginx域名重定向

阅读量：6305 次

发布时间：2019-06-22

本文共 11612 字，大约阅读时间需要 38 分钟。

12.6 Nginx安装

安装包下载到/usr/local/src目录

[root@taoyuan ~]# cd /usr/local/src[root@taoyuan src]# wget http://nginx.org/download/nginx-1.12.1.tar.gz

解压压缩包

[root@taoyuan src]# tar zxf nginx-1.12.1.tar.gz[root@taoyuan src]# lsnginx-1.12.1

编译Nginx

[root@taoyuan nginx-1.12.1]# ./configure --prefix=/usr/local/nginx#在此编译过程中没有加相关的参数#需要根据需求加相关的模块[root@taoyuan nginx-1.12.1]# make && make install#在安装之后尽量保留源码包

配置Nginx

#配置文件[root@taoyuan nginx-1.12.1]# ls /usr/local/nginx/conf/fastcgi.conf            koi-utf             nginx.conf           uwsgi_paramsfastcgi.conf.default    koi-win             nginx.conf.default   uwsgi_params.defaultfastcgi_params          mime.types          scgi_params          win-utffastcgi_params.default  mime.types.default  scgi_params.default#样例模板[root@taoyuan nginx-1.12.1]# ls /usr/local/nginx/html/50x.html  index.html #样例#存放日志[root@taoyuan nginx-1.12.1]# ls /usr/local/nginx/logs/#Nginx进程[root@taoyuan nginx-1.12.1]# ls /usr/local/nginx/sbin/nginx#支持参数 # -t 查看配置文件是否有错

配置启动脚本

[root@taoyuan nginx-1.12.1]# vim /etc/init.d/nginx#nginx内容如下#!/bin/bash# chkconfig: - 30 21# description: http service.# Source Function Library. /etc/init.d/functions# Nginx SettingsNGINX_SBIN="/usr/local/nginx/sbin/nginx"NGINX_CONF="/usr/local/nginx/conf/nginx.conf"NGINX_PID="/usr/local/nginx/logs/nginx.pid"RETVAL=0prog="Nginx"start() {    echo -n $"Starting $prog: "    mkdir -p /dev/shm/nginx_temp    daemon $NGINX_SBIN -c $NGINX_CONF    RETVAL=$?    echo    return $RETVAL}stop() {    echo -n $"Stopping $prog: "    killproc -p $NGINX_PID $NGINX_SBIN -TERM    rm -rf /dev/shm/nginx_temp    RETVAL=$?    echo    return $RETVAL}reload(){    echo -n $"Reloading $prog: "    killproc -p $NGINX_PID $NGINX_SBIN -HUP    RETVAL=$?    echo    return $RETVAL}restart(){    stop    start}configtest(){    $NGINX_SBIN -c $NGINX_CONF -t    return 0}case "$1" in  start)        start        ;;  stop)        stop        ;;  reload)        reload        ;;  restart)        restart        ;;  configtest)        configtest        ;;  *)        echo $"Usage: $0 {start|stop|reload|restart|configtest}"        RETVAL=1esacexit $RETVAL

设置权限添加服务

[root@taoyuan nginx-1.12.1]# chmod 755 /etc/init.d/nginx[root@taoyuan nginx-1.12.1]# chkconfig --add nginx[root@taoyuan nginx-1.12.1]# chkconfig nginx on

配置文件

[root@taoyuan nginx-1.12.1]# cd /usr/local/nginx/conf/[root@taoyuan conf]# lsfastcgi.conf            koi-utf             nginx.conf           uwsgi_paramsfastcgi.conf.default    koi-win             nginx.conf.default   uwsgi_params.defaultfastcgi_params          mime.types          scgi_params          win-utffastcgi_params.default  mime.types.default  scgi_params.default#配置文件模板#或创建新的配置文件 备份现有的文件#使用如下的内容user nobody nobody;worker_processes 2;error_log /usr/local/nginx/logs/nginx_error.log crit;pid /usr/local/nginx/logs/nginx.pid;worker_rlimit_nofile 51200;events{    use epoll;    worker_connections 6000;}http{    include mime.types;    default_type application/octet-stream;    server_names_hash_bucket_size 3526;    server_names_hash_max_size 4096;    log_format combined_realip '$remote_addr $http_x_forwarded_for [$time_local]'    ' $host "$request_uri" $status'    ' "$http_referer" "$http_user_agent"';    sendfile on;    tcp_nopush on;    keepalive_timeout 30;    client_header_timeout 3m;    client_body_timeout 3m;    send_timeout 3m;    connection_pool_size 256;    client_header_buffer_size 1k;    large_client_header_buffers 8 4k;    request_pool_size 4k;    output_buffers 4 32k;    postpone_output 1460;    client_max_body_size 10m;    client_body_buffer_size 256k;    client_body_temp_path /usr/local/nginx/client_body_temp;    proxy_temp_path /usr/local/nginx/proxy_temp;    fastcgi_temp_path /usr/local/nginx/fastcgi_temp;    fastcgi_intercept_errors on;    tcp_nodelay on;    gzip on;    gzip_min_length 1k;    gzip_buffers 4 8k;    gzip_comp_level 5;    gzip_http_version 1.1;    gzip_types text/plain application/x-javascript text/css text/htm     application/xml;    server    {        listen 80;        server_name localhost;        index index.html index.htm index.php;        root /usr/local/nginx/html;        location ~ \.php$         {            include fastcgi_params;            fastcgi_pass unix:/tmp/php-fcgi.sock;            fastcgi_index index.php;            fastcgi_param SCRIPT_FILENAME /usr/local/nginx/html$fastcgi_script_name;        }        }}

检测参数 -t

[root@taoyuan conf]# /usr/local/nginx/sbin/nginx -tnginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is oknginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful

启动服务

[root@taoyuan conf]# /etc/init.d/nginx startStarting nginx (via systemctl):                            [  确定  ][root@taoyuan conf]# ps aux |grep nginxroot       6978  0.0  0.0  20496   624 ?        Ss   20:53   0:00 nginx: master process /usr/local/nginx/sbin/nginx -c /usr/local/nginx/conf/nginx.confnobody     6979  0.0  0.1  22940  3212 ?        S    20:53   0:00 nginx: worker processnobody     6980  0.0  0.1  22940  3212 ?        S    20:53   0:00 nginx: worker processroot       6982  0.0  0.0 112676   980 pts/0    S+   20:54   0:00 grep --color=auto nginx

测试

测试解析PHP

[root@taoyuan conf]# vim /usr/local/nginx/html/1.php[root@taoyuan conf]# curl localhost/1.phpHello Nginx ![root@taoyuan conf]#

12.7 默认虚拟主机

在Nginx中也有默认虚拟主机，跟httpd类似，第一个被Nginx加载的虚拟主机就是默认主机，但和httpd不相同的地方是，它还有一个配置用来标记默认虚拟主机，也就是说，如果没有这个标记，第一个虚拟主机为默认虚拟主机。

#注释掉nginx.conf 中的server 并增加一行 include vhost/*.conf#如下是配置文件    include vhost/*.conf; #增加一行    #server    #{     #   listen 80;     #   server_name localhost;     #   index index.html index.htm index.php;     #   root /usr/local/nginx/html;     #   location ~ \.php$     #   {     #       include fastcgi_params;     #       fastcgi_pass unix:/tmp/php-fcgi.sock;     #       fastcgi_index index.php;     #       fastcgi_param SCRIPT_FILENAME /usr/local/nginx/html$fastcgi_script_name;     #   }    #}

[root@taoyuan conf]# mkdir vhost[root@taoyuan conf]# vim vhost/aaa.com.conf#配置文件内容server{   listen 80 default_server;   #有这个标记的就是默认虚拟主机   server_name aaa.com;   index index.html index.htm index.php;   root /data/wwwroot/default;}

创建/data/wwwroot/default

[root@taoyuan vhost]# mkdir -p /data/wwwroot/default#如果有可以不用创建#在目录下创建一个1.html 文件进行测试

检测

#检测错误[root@taoyuan default]# /usr/local/nginx/sbin/nginx -tnginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is oknginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful#重启服务[root@taoyuan default]# /etc/init.d/nginx restart#重新加载[root@taoyuan default]# /usr/local/nginx/sbin/nginx -s reload#测试结果[root@taoyuan default]# curl localhostHello default . #默认虚拟主机#它的域名也是跳转到默认虚拟主机[root@taoyuan default]# curl -x127.0.0.1:80 bbb.comHello default .

12.8 Nginx用户认证

创建一个test.com.conf 文件

[root@taoyuan default]# vim /usr/local/nginx/conf/vhost/test.com.conf#内容server{   listen 80;                     server_name test.com;   index index.html index.htm index.php;   root /data/wwwroot/test.com;   location /     {       auth_basic         "Auth";       auth_basic_user_file /usr/local/nginx/conf/htpasswd;     }}

创建密码文件

#可以用Apache htpasswd工具生成[root@taoyuan vhost]# /usr/local/apache2.4/bin/htpasswd#没有安装可以yum安装一个[root@taoyuan vhost]# yum install -y httpd#生成文件 如果继续添加 不用带 -c选项[root@taoyuan vhost]# htpasswd -c /usr/local/nginx/conf/htpasswd taoyuanNew password: Re-type new password: Adding password for user taoyuan#htpasswd 文件内容[root@taoyuan vhost]# cat /usr/local/nginx/conf/htpasswd taoyuan:$apr1$O4dujhQC$5XXU.vdIxoQFBeHKGWjOZ1user:$apr1$RiNQMrIS$7RUcVzpXr3uJ5mvioNtHj/

测试配置并重新加载

[root@taoyuan vhost]# /usr/local/nginx/sbin/nginx -tnginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is oknginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful[root@taoyuan vhost]# /usr/local/nginx/sbin/nginx -s reload#重新加载，不会加载配置文件中的错误。#如果重启服务，配置文件中出现错误，将导致服务无法启动。#测试[root@taoyuan vhost]# curl -x127.0.0.1:80 test.com -IHTTP/1.1 401 UnauthorizedServer: nginx/1.12.1Date: Wed, 03 Jan 2018 13:57:48 GMTContent-Type: text/htmlContent-Length: 195Connection: keep-aliveWWW-Authenticate: Basic realm="Auth"[root@taoyuan vhost]# mkdir /data/wwwroot/test.com[root@taoyuan vhost]# echo "test.com" > /data/wwwroot/test.com/index.html[root@taoyuan vhost]# curl -u taoyuan:taoyuan -x127.0.0.1:80 test.comtest.com

指定目录来访问控制
当需站点需要访问某个目录才进行访问控制，只需要在 location /admin/ 增加一个目录

Nginx安装、默认虚拟主机、Nginx用户认证、Nginx域名重定向

测试

[root@taoyuan vhost]# /usr/local/nginx/sbin/nginx -tnginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is oknginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful[root@taoyuan vhost]# /usr/local/nginx/sbin/nginx -s reload[root@taoyuan vhost]# curl -x127.0.0.1:80 test.comtest.com[root@taoyuan vhost]# mkdir /data/wwwroot/test.com/admin[root@taoyuan vhost]# echo "test.com admin dir" > /data/wwwroot/test.com/admin/index.html#curl测试[root@taoyuan vhost]# curl -x127.0.0.1:80 test.com/admin/401 Authorization Required
    
     401 Authorization Required
    
    
    
     nginx/1.12.1
    [root@taoyuan vhost]# curl -utaoyuan:taoyuan -x127.0.0.1:80 test.com/admin/test.com admin dir

指定一个文件访问控制

Nginx安装、默认虚拟主机、Nginx用户认证、Nginx域名重定向

通过匹配 admin.php文件来访问控制

测试

[root@taoyuan vhost]# /usr/local/nginx/sbin/nginx -tnginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is oknginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful[root@taoyuan vhost]# /usr/local/nginx/sbin/nginx -s reload[root@taoyuan vhost]# echo ' 
     ' > /data/wwwroot/test.com/admin.php[root@taoyuan vhost]# curl -x127.0.0.1:80 test.com/admin/test.com admin dir[root@taoyuan vhost]# curl -x127.0.0.1:80 test.com/admin.php401 Authorization Required
    
     401 Authorization Required
    
    
    
     nginx/1.12.1
    [root@taoyuan vhost]# curl -utaoyuan:taoyuan -x127.0.0.1:80 test.com/admin.php 
     #由于没有配置PHP解析所以无法解析php，访问控制是配置成功的。

12.9 Nginx域名重定向

[root@taoyuan vhost]# vim /usr/local/nginx/conf/vhost/test.com.conf #配置文件编辑内容server{   listen 80;   server_name test.com test2.com test3.com; #可以跟多个域名   index index.html index.htm index.php;   root /data/wwwroot/test.com;   #需要增加if语句进行判断     if ($host != 'test.com'){       rewrite ^/(.*)$ http://test.com/$1 permanent; #简写             #写全为 rewrite http://$host/(.*)$ http://test.com/$1 permanent;   }}

检测 && 重载

[root@taoyuan vhost]# /usr/local/nginx/sbin/nginx -tnginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is oknginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful[root@taoyuan vhost]# /usr/local/nginx/sbin/nginx -s reload

测试结果

[root@taoyuan vhost]# curl -x127.0.0.1:80 test2.com/index.html -IHTTP/1.1 301 Moved PermanentlyServer: nginx/1.12.1Date: Wed, 03 Jan 2018 14:36:45 GMTContent-Type: text/htmlContent-Length: 185Connection: keep-aliveLocation: http://test.com/index.html[root@taoyuan vhost]# curl -x127.0.0.1:80 test2.com/admin/index.html -IHTTP/1.1 301 Moved PermanentlyServer: nginx/1.12.1Date: Wed, 03 Jan 2018 14:37:06 GMTContent-Type: text/htmlContent-Length: 185Connection: keep-aliveLocation: http://test.com/admin/index.html[root@taoyuan vhost]# curl -x127.0.0.1:80 test3.com/admin/index.html -IHTTP/1.1 301 Moved PermanentlyServer: nginx/1.12.1Date: Wed, 03 Jan 2018 14:37:30 GMTContent-Type: text/htmlContent-Length: 185Connection: keep-aliveLocation: http://test.com/admin/index.html[root@taoyuan vhost]# curl -x127.0.0.1:80 test4.com/admin/index.html -IHTTP/1.1 404 Not FoundServer: nginx/1.12.1Date: Wed, 03 Jan 2018 14:37:44 GMTContent-Type: text/htmlContent-Length: 169Connection: keep-alive

扩展

nginx.conf 配置详解

nginx rewrite四种flag

转载于:https://blog.51cto.com/3622288/2057189

你可能感兴趣的文章