|NO.Z.00066|——————————|LinuxNetwork|——|Linux&Nginx&反向代理.V02|-----------------------------------------|目錄保護|建立虛擬機器|
阿新 • • 發佈:2022-03-25
[LinuxNetworkEnd:Linux&Nginx&反向代理.V02] [Applications.LinuxNetworkEnd] [|nginx服務詳解|nginx狀態統計|目錄保護|基於IP並再次訪問統計頁面|] [建立虛擬機器|nginx反向代理|nginx負載均衡|實現https|]
一、nginx相關實驗
### --- nginx狀態統計 ~~~ #<注意事項> ~~~ 注意配置檔案中的結尾有;作為結束~! (切記!) ~~~ 每次實驗修改完配置檔案後需要重啟nginx才有生效 [root@server11 ~]# pkill -HUP nginx // 熱重啟,熱部署,在不重啟nginx服務的情況下,讓配置檔案生效。
### --- 實驗1:nginx的狀態統計
~~~ 安裝nginx時將-with-http_stub_status_module模組開啟
~~~ 修改nginx配置檔案(寫入要訪問的server標籤中)
[root@server11 ~]# vim /usr/local/nginx/conf/nginx.conf
location /nginx_status {
stub_status on;
access_log off;
}
[root@server11 ~]# ln /usr/local/nginx/sbin/* /usr/local/sbin/ [root@server11 ~]# nginx -t nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful [root@server11 ~]# pkill -HUP nginx
二、目錄保護~~~ Active connections:4 // 表示當前的活動連線數; ~~~ server accepts handled requests // 表示已經處理的連線資訊 ~~~ 三個數字一次表示已處理的連線數,成功的TCP握手次數,已處理的請求數 ~~~ 客戶端訪問網址:http://10.10.10.11/nginx_status Active connections: 2 server accepts handled requests 2 2 2 Reading: 0 Writing: 1 Waiting: 1
### --- 實驗2:目錄保護
~~~ 原理和apache的目錄保護原理一樣(利用上一個實驗接著完成)
~~~ 在狀態統計的location中新增:
[root@server11 ~]# vim /usr/local/nginx/conf/nginx.conf
location /nginx_status {
stub_status on;
access_log off;
auth_basic "Welcome to nginx_status!";
auth_basic_user_file /usr/local/nginx/html/htpasswd.nginx;
}
~~~ 使用http的命令htpasswd進行使用者密碼檔案的建立(生成在上面指定的位置)
[root@server11 ~]# yum install -y httpd
[root@server11 ~]# htpasswd -c /usr/local/nginx/html/htpasswd.nginx user
New password: 123456
Re-type new password: 123456
~~~ 重啟nginx並再次訪問統計頁面
~~~ #客戶端訪問網址:http://10.10.10.11/nginx_status,需要客戶身份認證賬戶及密碼才可以登入
[root@server11 ~]# nginx -t
[root@server11 ~]# pkill -HUP nginx
三、基於IP並再次訪問統計頁面
### --- 實驗3、基於IP並再次訪問統計頁面
~~~ 接著上一個實驗完成操作
~~~ 在轉態統計的location中新增
location /nginx_status {
stub_status on;
access_log off;
auth_basic "Welcome to nginx_status!";
auth_basic_user_file /usr/local/nginx/html/htpasswd.nginx;
allow 10.10.10.240;
deny 10.10.10.0/24;
}
~~~ #僅允許10.10.10.240客戶端訪問伺服器
http://10.10.10.11/nginx_status // 可以正常訪問
[root@server11 ~]# elinks 10.10.10.11/nginx_status // 自己本身去訪問都會拒絕
### --- 放行再驗證
[root@server11 ~]# vim /usr/local/nginx/conf/nginx.conf
location /nginx_status {
stub_status on;
access_log off;
auth_basic "Welcome to nginx_status!";
auth_basic_user_file /usr/local/nginx/html/htpasswd.nginx;
#allow 10.10.10.240;
#deny 10.10.10.0/24;
}
[root@server11 ~]# pkill -HUP nginx
[root@server11 ~]# elinks 10.10.10.11/nginx_status // 可以跳轉到登入頁面
四、建立虛擬機器### --- 實驗4:建立虛擬主機
~~~ 提前準備好兩個網站的域名,並且規劃好兩個網站網頁存放目錄
~~~ 在nginx主配置檔案中並列編寫兩個server標籤,並分別寫好各自資訊
[root@server11 ~]# mkdir /usr/local/nginx/html/blog
[root@server11 ~]# mkdir /usr/local/nginx/html/bbs
[root@server11 ~]# vim /usr/local/nginx/html/blog/index.html
blog.atyanqi.com
[root@server11 ~]# vim /usr/local/nginx/html/bbs/index.html
bbs.atyanqi.com
[root@server11 ~]# vim /etc/hosts
10.10.10.11 blog.atyanqi.com
10.10.10.11 bbs.atyanqi.com
[root@server11 ~]# vim /usr/local/nginx/conf/nginx.conf
log_format main '$remote_addr - $remote_user [$time_local] "$request" ' #開啟日誌格式
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
server {
listen 80;
server_name blog.atyanqi.com;
index index.html index.htm index.php;
root html/blog;
# include enable-php.conf; // include標籤,PHP頁面解析的時候要匹配檔案的標籤名,
access_log logs/blog-access.log main; // access_log logs/access.log main;日誌格式為main格式
}
server {
listen 80;
server_name bbs.atyanqi.com;
index index.html index.htm index.php;
root html/bbs;
# include enable-php.conf;
access_log logs/bbs-access.log main;
}
[root@server11 ~]# nginx -t
[root@server11 ~]# pkill -HUP nginx
~~~ 分別訪問兩個不同的域名驗證結果
[root@server11 ~]# elinks http://blog.atyanqi.com/
[root@server11 ~]# elinks http://bbs.atyanqi.com/
### --- 日誌格式main的問題
[root@server11 ~]# vim /usr/local/nginx/conf/nginx.conf
access_log logs/bbs-access.log main; // main其實是一個標籤;可以隨便起,abc都可以。。
log_format main '$remote_addr - $remote_user [$time_local] "$request" ' #與這個遵循一致即可。
# include標籤
# include enable-php.conf; // 進行PHP解析的時候要匹配PHP的字尾名,只不過在該檔案中,把PHP解析的location的配置檔案解除安裝location外面,要使用它的時候呼叫即可,不需要寫在裡面,下面實驗把PHP解析寫在裡面測試ok
server {
listen 80;
server_name blog.atyanqi.com;
index index.html index.htm index.php;
root html/blog;
access_log logs/blog-access.log main;
location ~ \.php$ {
root html/blog;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
include fastcgi.conf;
}
}
server {
listen 80;
server_name bbs.atyanqi.com;
index index.html index.htm index.php;
root html/bbs;
access_log logs/bbs-access.log main;
location ~ \.php$ {
root html/bbs;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
include fastcgi.conf;
}
}
[root@server11 ~]# nginx -t
[root@server11 ~]# pkill -HUP nginx
### --- 新增PHP的解析頁面
[root@server11 ~]# vim /usr/local/nginx/html/blog/index.php
<?php
echo "blog";
[root@server11 ~]# vim /usr/local/nginx/html/bbs/index.php
<?php
echo "bbs";
[root@server11 ~]# elinks http://blog.atyanqi.com/index.php
blog
[root@server11 ~]# elinks http://bbs.atyanqi.com/index.php
bbs
===============================END===============================
Walter Savage Landor:strove with none,for none was worth my strife.Nature I loved and, next to Nature, Art:I warm'd both hands before the fire of life.It sinks, and I am ready to depart ——W.S.Landor
來自為知筆記(Wiz)