linux的Nginx安装、默认虚拟主机、用户认证、域名重定向配置介绍
本文共 13726 字,大约阅读时间需要 45 分钟。
Nginx介绍
- Nginx官网(
- Nginx应用场景:web服务、反向代理、负载均衡
- Nginx著名分支,淘宝基于Nginx开发的Tengine,使用上和Nginx一致,服务名,配置文件名都一样,和Nginx的最大区别在于Tenging增加了一些定制化模块,在安全限速方面表现突出,另外它支持对js,css合并
- Nginx核心+lua相关的组件和模块组成了一个支持lua的高性能web容器openresty,参考
Nginx安装
1. 进入存放源码包目录
[root@gary-tao ~]# cd /usr/local/src/[root@gary-tao src]#
2. 下载源码包
[root@gary-tao src]# wget http://nginx.org/download/nginx-1.12.1.tar.gz
3. 解压压缩包
[root@gary-tao src]# tar zxf nginx-1.12.1.tar.gz
4. 安装nginx
[root@gary-tao src]# cd nginx-1.12.1[root@gary-tao nginx-1.12.1]# ./configure --prefix=/usr/local/nginx
5. 编译nginx
[root@gary-tao nginx-1.12.1]# make[root@gary-tao nginx-1.12.1]# make install[root@gary-tao nginx-1.12.1]# ls /usr/local/nginx/ //查看nginx核心配置文件conf html logs sbin[root@gary-tao nginx-1.12.1]# ls /usr/local/nginx/conf/fastcgi.conf fastcgi_params koi-utf mime.types nginx.conf scgi_params uwsgi_params win-utffastcgi.conf.default fastcgi_params.default koi-win mime.types.default nginx.conf.default scgi_params.default uwsgi_params.default[root@gary-tao nginx-1.12.1]# ls /usr/local/nginx/html/50x.html index.html[root@gary-tao nginx-1.12.1]# ls /usr/local/nginx/logs/[root@gary-tao nginx-1.12.1]# ls /usr/local/nginx/sbin/nginx[root@gary-tao nginx-1.12.1]# ls /usr/local/nginx/sbin/nginx/usr/local/nginx/sbin/nginx[root@gary-tao nginx-1.12.1]# /usr/local/nginx/sbin/nginx -tnginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is oknginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
6. 创建nginx配置文件及编辑启动脚本
[root@gary-tao nginx-1.12.1]# vim /etc/init.d/nginx配置如下内容:#!/bin/bash# chkconfig: - 30 21# description: http service.# Source Function Library. /etc/init.d/functions# Nginx SettingsNGINX_SBIN="/usr/local/nginx/sbin/nginx"NGINX_CONF="/usr/local/nginx/conf/nginx.conf"NGINX_PID="/usr/local/nginx/logs/nginx.pid"RETVAL=0prog="Nginx"start() { echo -n $"Starting $prog: " mkdir -p /dev/shm/nginx_temp daemon $NGINX_SBIN -c $NGINX_CONF RETVAL=$? echo return $RETVAL}stop() { echo -n $"Stopping $prog: " killproc -p $NGINX_PID $NGINX_SBIN -TERM rm -rf /dev/shm/nginx_temp RETVAL=$? echo return $RETVAL}reload(){ echo -n $"Reloading $prog: " killproc -p $NGINX_PID $NGINX_SBIN -HUP RETVAL=$? echo return $RETVAL}restart(){ stop start}configtest(){ $NGINX_SBIN -c $NGINX_CONF -t return 0}case "$1" in start) start ;; stop) stop ;; reload) reload ;; restart) restart ;; configtest) configtest ;; *) echo $"Usage: $0 {start|stop|reload|restart|configtest}" RETVAL=1esacexit $RETVAL 7.修改启动脚本权限
[root@gary-tao nginx-1.12.1]# chmod 755 /etc/init.d/nginx
8. 添加nginx服务
[root@gary-tao nginx-1.12.1]# chkconfig --add nginx
9. 设置开机启动
[root@gary-tao nginx-1.12.1]# chkconfig nginx on
10. 配置nginx的配置文件
[root@gary-tao nginx-1.12.1]# cd /usr/local/nginx/conf/[root@gary-tao conf]# lsfastcgi.conf fastcgi_params koi-utf mime.types nginx.conf scgi_params uwsgi_params win-utffastcgi.conf.default fastcgi_params.default koi-win mime.types.default nginx.conf.default scgi_params.default uwsgi_params.default[root@gary-tao conf]# mv nginx.conf nginx.conf.bak[root@gary-tao conf]# vim nginx.conf配置如下内容:user nobody nobody;worker_processes 2;error_log /usr/local/nginx/logs/nginx_error.log crit;pid /usr/local/nginx/logs/nginx.pid;worker_rlimit_nofile 51200;events{ use epoll; worker_connections 6000;}http{ include mime.types; default_type application/octet-stream; server_names_hash_bucket_size 3526; server_names_hash_max_size 4096; log_format combined_realip '$remote_addr $http_x_forwarded_for [$time_local]' ' $host "$request_uri" $status' ' "$http_referer" "$http_user_agent"'; sendfile on; tcp_nopush on; keepalive_timeout 30; client_header_timeout 3m; client_body_timeout 3m; send_timeout 3m; connection_pool_size 256; client_header_buffer_size 1k; large_client_header_buffers 8 4k; request_pool_size 4k; output_buffers 4 32k; postpone_output 1460; client_max_body_size 10m; client_body_buffer_size 256k; client_body_temp_path /usr/local/nginx/client_body_temp; proxy_temp_path /usr/local/nginx/proxy_temp; fastcgi_temp_path /usr/local/nginx/fastcgi_temp; fastcgi_intercept_errors on; tcp_nodelay on; gzip on; gzip_min_length 1k; gzip_buffers 4 8k; gzip_comp_level 5; gzip_http_version 1.1; gzip_types text/plain application/x-javascript text/css text/htm application/xml; server { listen 80; server_name localhost; index index.html index.htm index.php; root /usr/local/nginx/html; location ~ \.php$ { include fastcgi_params; fastcgi_pass unix:/tmp/php-fcgi.sock; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME /usr/local/nginx/html$fastcgi_script_name; } }} 11. 测试配置文件语法
[root@gary-tao conf]# /usr/local/nginx/sbin/nginx -tnginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is oknginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
12. 开启Nginx
[root@gary-tao conf]# /etc/init.d/nginx startStarting nginx (via systemctl): Warning: nginx.service changed on disk. Run 'systemctl daemon-reload' to reload units. [ 确定 ][root@gary-tao conf]# systemctl daemon-reload //解决上面启动时报错[root@gary-tao conf]# /etc/init.d/nginx startStarting nginx (via systemctl): [ 确定 ]
13. 查询nginx启动界面
[root@gary-tao conf]# ps aux |grep nginxroot 62748 0.0 0.0 20500 624 ? Ss 18:51 0:00 nginx: master process /usr/local/nginx/sbin/nginx -c /usr/local/nginx/conf/nginx.confnobody 62749 0.0 0.3 22944 3212 ? S 18:51 0:00 nginx: worker processnobody 62750 0.0 0.3 22944 3212 ? S 18:51 0:00 nginx: worker processroot 62835 0.0 0.0 112680 976 pts/1 S+ 19:02 0:00 grep --color=auto nginx
[root@gary-tao conf]# curl localhost //测试下页面Welcome to nginx! Welcome to nginx!
If you see this page, the nginx web server is successfully installed andworking. Further configuration is required.
For online documentation and support please refer tonginx.org.
Commercial support is available atnginx.com.Thank you for using nginx.
[root@gary-tao conf]# ls /usr/local/nginx/html/ //页面文件目录50x.html index.html
14.测试Nginx解析php
[root@gary-tao conf]# vim /usr/local/nginx/html/1.php 配置如下内容:
使用curl测试
root@gary-tao conf]# curl localhost/1.phpThis is nginx test page.[root@gary-tao conf]# [root@gary-tao conf]#
Nginx默认虚拟主机
在Nginx中也有默认虚拟主机,跟httpd类似,第一个被Nginx加载的虚拟主机就是默认主机,但和httpd不相同的地方是,它还有一个配置用来标记默认虚拟主机,也就是说,如果没有这个标记,第一个虚拟主机为默认虚拟主机。
1. 编辑配置文件:
vim /usr/local/nginx/conf/nginx.conf 增加以下内容:include vhost/*.conf;
如图:
2. 创建一个vhost目录
[root@gary-tao conf]# mkdir /usr/local/nginx/conf/vhost[root@gary-tao conf]# cd /usr/local/nginx/conf/vhost/[root@gary-tao vhost]# vim aaa.conf //进入vhost目录下并创建编辑一个.conf文件增加如下内容:server{ listen 80 default_server; // 有这个标记的就是默认虚拟主机 server_name aaa.com; index index.html index.htm index.php; root /data/wwwroot/default;} 3.创建default目录
[root@gary-tao vhost]# mkdir /data/wwwroot/default[root@gary-tao vhost]# cd /data/wwwroot/default/[root@gary-tao default]# ls[root@gary-tao default]# vim index.html在default目录下的index.html文件中定义如下内容:This is the default site.
4.测试语法,重新加载配置文件(不需要重启服务)
[root@gary-tao default]# /usr/local/nginx/sbin/nginx -t //测试语法nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is oknginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful[root@gary-tao default]# /usr/local/nginx/sbin/nginx -s reload //重新加载配置
5.使用curl测试
[root@gary-tao default]# curl localhostThis is the default site.[root@gary-tao default]# curl -x127.0.0.1:80 123.comThis is the default site.[root@gary-tao default]# curl -x127.0.0.1:80 aaaa.comThis is the default site.[root@gary-tao default]# curl -x127.0.0.1:80 ddd.comThis is the default site.
解释说明:
访问的域名无论是指定的aaa.com还是其它域名,只要解析过来,指向到我们服务器,都能访问到这个站点,这就是默认虚拟主机。
Nginx用户认证
1. 创建一个虚拟主机配置文件
[root@gary-tao conf]# vim /usr/local/nginx/conf/vhost/test.com.conf增加如下内容:server{ listen 80; server_name test.com; index index.html index.htm index.php; root /data/wwwroot/test.com;location / { auth_basic "Auth"; auth_basic_user_file /usr/local/nginx/conf/htpasswd;}} 2.创建密码文件
[root@gary-tao conf]# yum install -y httpd //如果之前没有安装过Apache的话就安装httpd,是为了可以使用Apache的htpasswd工具创建用户[root@gary-tao conf]# /usr/local/apache2.4/bin/htpasswd -c /usr/local/nginx/conf/htpasswd aming 备注:Apache自带命令htpasswd创建密码文件,-c是创建,-m是指定md5加密类型,指定用户为aming(备注:如果再次新增用户,就不需要再加 -c ,因为已经创建过密码文件了,加了会覆盖之前的创建好的用户)New password: Re-type new password: Adding password for user aming[root@gary-tao src]# cat /usr/local/nginx/conf/htpasswd aming:$apr1$o3zygnex$U.fWNEyk7.OeiwK.hcsBw/[root@gary-tao src]# /usr/local/apache2.4/bin/htpasswd /usr/local/nginx/conf/htpasswd xieNew password: Re-type new password: Adding password for user xie[root@gary-tao src]# cat /usr/local/nginx/conf/htpasswd aming:$apr1$o3zygnex$U.fWNEyk7.OeiwK.hcsBw/xie:$apr1$rBHXFLAp$fx9B2QPOtVQzLnz5hIWme1
3.测试语法及重新加载配置
[root@gary-tao src]# /usr/local/nginx/sbin/nginx -tnginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is oknginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful[root@gary-tao src]# /usr/local/nginx/sbin/nginx -s reload
4.使用curl命令测试用户认证
[root@gary-tao src]# curl -x127.0.0.1:80 test.com401 Authorization Required 401 Authorization Required
nginx/1.12.1 [root@gary-tao src]# curl -x127.0.0.1:80 test.com -IHTTP/1.1 401 UnauthorizedServer: nginx/1.12.1Date: Wed, 03 Jan 2018 13:01:05 GMTContent-Type: text/htmlContent-Length: 195Connection: keep-aliveWWW-Authenticate: Basic realm="Auth"[root@gary-tao src]# curl -x127.0.0.1:80 -uaming:aming test.com -I //增加用户访问HTTP/1.1 404 Not FoundServer: nginx/1.12.1Date: Wed, 03 Jan 2018 13:01:36 GMTContent-Type: text/htmlContent-Length: 169Connection: keep-alive[root@gary-tao src]# mkdir /data/wwwroot/test.com //创建用户目录[root@gary-tao src]# echo “test.com”>/data/wwwroot/test.com/index.html //在test.com目录下编辑index.html[root@gary-tao src]# curl -x127.0.0.1:80 -uaming:aming test.com“test.com”
针对目录的用户认证
[root@gary-tao src]# vim /usr/local/nginx/conf/vhost/test.com.conf //进入配置文件,在location后面加上目录名字就可以
如图:
使用curl测试:
[root@gary-tao src]# /usr/local/nginx/sbin/nginx -tnginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is oknginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful[root@gary-tao src]# /usr/local/nginx/sbin/nginx -s reload[root@gary-tao src]# curl -x127.0.0.1:80 test.com //访问网站正常“test.com”[root@gary-tao src]# curl -x127.0.0.1:80 test.com/admin/ //但是访问admin目录下时就会出现401,需要用户认证401 Authorization Required 401 Authorization Required
nginx/1.12.1 [root@gary-tao src]# mkdir /data/wwwroot/test.com/admin //创建目录地址[root@gary-tao src]# echo "test.com adming dir" > /data/wwwroot/test.com/admin/index.html [root@gary-tao src]# curl -x127.0.0.1:80 test.com/admin/401 Authorization Required 401 Authorization Required
nginx/1.12.1 [root@gary-tao src]# curl -x127.0.0.1:80 -uaming:aming test.com/admin/ //使用用户密码访问正常test.com adming dir
针对文件的用户认证
[root@gary-tao src]# vim /usr/local/nginx/conf/vhost/test.com.conf //进入配置文件,在location后面加上匹配文件名字
如图:
使用curl测试,访问admin目录时是正常的,访问admin.php就需要用户认证了
[root@gary-tao src]# /usr/local/nginx/sbin/nginx -tnginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is oknginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful[root@gary-tao src]# /usr/local/nginx/sbin/nginx -s reload[root@gary-tao src]# curl -x127.0.0.1:80 test.com/admin/test.com adming dir[root@gary-tao src]# curl -x127.0.0.1:80 test.com/admin.php401 Authorization Required 401 Authorization Required
nginx/1.12.1
Nginx域名重定向
1. 更改test.com.conf
[root@gary-tao src]# vim /usr/local/nginx/conf/vhost/test.com.conf定义如下内容:server{ listen 80; server_name test.com test1.com test2.com;//server_name后面支持写多个域名,这里要和httpd的做一个对比 index index.html index.htm index.php; root /data/wwwroot/test.com; if ($host != 'test.com' ) { rewrite ^/(.*)$ http://test.com/$1 permanent;//permanent为永久重定向,状态码为301,如果写redirect则为302 }} 如图:
2. 测试语法及重新加载配置,使用curl测试
[root@gary-tao src]# /usr/local/nginx/sbin/nginx -tnginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is oknginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful[root@gary-tao src]# /usr/local/nginx/sbin/nginx -s reload[root@gary-tao src]# curl -x127.0.0.1:80 test2.com/index.html -I //访问test2.com后会跳转到test.comHTTP/1.1 301 Moved PermanentlyServer: nginx/1.12.1Date: Wed, 03 Jan 2018 13:30:03 GMTContent-Type: text/htmlContent-Length: 185Connection: keep-aliveLocation: http://test.com/index.html[root@gary-tao src]# curl -x127.0.0.1:80 test2.com/index.html/adgagadga -I //访问test2.com后会跳转到test.comHTTP/1.1 301 Moved PermanentlyServer: nginx/1.12.1Date: Wed, 03 Jan 2018 13:30:21 GMTContent-Type: text/htmlContent-Length: 185Connection: keep-aliveLocation: http://test.com/index.html/adgagadga[root@gary-tao src]# curl -x127.0.0.1:80 test3.com/index.html/adgagadga -I //访问test3.com就跳转到默认虚拟主机,报错404HTTP/1.1 404 Not FoundServer: nginx/1.12.1Date: Wed, 03 Jan 2018 13:30:38 GMTContent-Type: text/htmlContent-Length: 169Connection: keep-alive
转载于:https://blog.51cto.com/taoxie/2057175
你可能感兴趣的文章
MHA 安装配置
查看>>
Oracle数据库编程
查看>>
Spring mvc ,spring ,ibatis 学习记录(1)
查看>>
记一次内网渗透检测
查看>>
开发过程中得错误
查看>>
【坑】 MySQL中,字符串和数值的比较
查看>>
我的友情链接
查看>>
secure crt vim颜色显示
查看>>
VMware ESXi 5.0安装图文教程
查看>>
头文件的2种方式与枚举的优势
查看>>
了解锁及上锁时长
查看>>
python request
查看>>
【基础】ARP协议-交换机工作原理-及广播风暴问题分析
查看>>
远程桌面管理服务器报“没有终端服务器客户端访问许可证”的解决方法
查看>>
我的友情链接
查看>>
ASA防火墙静态PAT端口范围测试
查看>>
我的友情链接
查看>>
掌握11项技能,你就是优秀的前端开发工程师
查看>>
Sublime Text2 搭建Java开发环境
查看>>
zookeeper之监听事件总结
查看>>