lnmp环境下 nginx.conf的常见配置
做个lnmp环境下 nginx.conf的常见配置说明vim /usr/local/nginx/conf/nginx.conf 使用如下配置
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
usernobody nobody; //nginx子进程的用户
worker_processes 2; //nginx子进程个数
error_log /usr/local/nginx/logs/nginx_error.log debug; //错误日志路径及日志级别 debug调试用内容最详细 、一般用crit
pid /usr/local/nginx/logs/nginx.pid; //nginx的进程pid
worker_rlimit_nofile 51200;
events
{
use epoll;
worker_connections 6000;
}
http
{
include mime.types;
default_type application/octet-stream;
server_names_hash_bucket_size 3526;
server_names_hash_max_size 4096;
log_format main '$proxy_add_x_forwarded_for - $remote_user [$time_local] '
'"$request" $status $body_bytes_sent '
'"$http_referer" "$http_user_agent"'; //日志保存格式
sendfile on;
tcp_nopush on;
keepalive_timeout 30;
client_header_timeout 3m;
client_body_timeout 3m;
send_timeout 3m;
connection_pool_size 256;
client_header_buffer_size 1k;
large_client_header_buffers 8 4k;
request_pool_size 4k;
output_buffers 4 32k;
postpone_output 1460;
client_max_body_size 10m;
client_body_buffer_size 256k;
client_body_temp_path /usr/local/nginx/client_body_temp;
proxy_temp_path /usr/local/nginx/proxy_temp;
fastcgi_temp_path /usr/local/nginx/fastcgi_temp;
fastcgi_intercept_errors on;
tcp_nodelay on;
gzip on;
gzip_min_length 1k;
gzip_buffers 4 8k;
gzip_comp_level 5;
gzip_http_version 1.1;
gzip_types text/plain application/x-javascript text/css text/htm application/xml;
server
{
listen 80;
server_name --//域名
index index.html index.htm index.php;
root /usr/local/nginx/html;--//对应的目录
location ~ \.php$ {
include fastcgi_params;
fastcgi_pass unix:/tmp/php-fcgi.sock;--//路径可以是sock 也可以是IP:PORT格式
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /usr/local/nginx/html$fastcgi_script_name;
} --//这部分是PHP解析设置
}
include /usr/local/nginx/conf/vhosts/*.conf;
}
需要增加虚拟机的可以在/usr/local/nginx/conf/vhosts/目录下添加
我用的是discuz论坛 配置如下
vim /usr/local/nginx/conf/vhosts/discuz.conf
添加如下内容:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
server
{
listen 80;
server_name www.discuz.com --//双域名 discuz 和 bbc1
if ($host != 'www.discuz.com' ) {
rewrite^/(.*)$http://www.discuz.com/$1permanent;
} --//域名跳转指向www.discuz.com
index index.html index.htm index.php;
root /data/www;
location ~ .*rc/w/ {
auth_basic "Auth"; --//认证窗口名 可以随意取
auth_basic_user_file /usr/local/nginx/conf/htpasswd;--//认证用户名和密码保存路径
include fastcgi_params; --//如果无php解析这部分可以不要
fastcgi_pass unix:/tmp/php-fcgi.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /data/www$fastcgi_script_name;
} --//针对目录做的一个认证
location ~ admin\.php$ {
auth_basic "Auth";
auth_basic_user_file /usr/local/nginx/conf/htpasswd;
include fastcgi_params;
fastcgi_pass unix:/tmp/php-fcgi.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /data/www$fastcgi_script_name;
} --//针对admin.php单独做的一个认证 ,提高后台安全性
location ~ \.php$ {
include fastcgi_params;
fastcgi_pass unix:/tmp/php-fcgi.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /data/www$fastcgi_script_name;
} --//php解析模块
location ~ .*\.(jpg|gif|jpeg|png|js|css)$ { --//文件类型可以根据实际情况添加
expires 30d; --//设置缓存时间30天
access_log off; --//针对以上合适不设置日志记录
valid_referers none blocked server_names*.taobao.com *.baidu.com *.google.com *.google.cn *.soso.com *.apelearn.com; --//设置防盗链,只有这些网址可以使用本站链接
if ($invalid_referer) {
return 403;
# rewrite ^/ http://www.example.com/nophoto.gif;
} --//不属于以上网站的全部返回403
#allow 192.168.205.128; --//允许单个IP #allow127.0.0.1
#allow 10.0.1.0/24; --//允许IP段
#denyall; --//这部分是对ip的限制
include deny.ip; --//也可以在conf目录下创建一个deny.ip在里面对ip进行限制
}
以上是基本的配置,其他的配置以后再说吧
页:
[1]