Nginx构建虚拟主机、访问统计、用户授权访问控制

其他 2020-09-13 22:26:02 阅读次数: 0

搭建DNS解析服务

[root@localhost vm2]# yum -y install bind  //安装dns相关软件
[root@localhost named]# vi /etc/named.conf   //配置主配置文件
options {
    
    
        listen-on port 53 {
    
     any; };
        listen-on-v6 port 53 {
    
     ::1; };
        directory       "/var/named";
        dump-file       "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        memstatistics-file "/var/named/data/named_mem_stats.txt";
        recursing-file  "/var/named/data/named.recursing";
        secroots-file   "/var/named/data/named.secroots";
        allow-query     {
    
     any; };
[root@localhost etc]# vi /etc/named.rfc1912.zones    //配置解析域名及解析文件
zone "vm1.com" IN {
    
    
        type master;
        file "vm1.com.zone";
        allow-update {
    
     none; };
};

zone "vm2.com" IN {
    
    
        type master;
        file "vm2.com.zone";
        allow-update {
    
     none; };
};
[root@localhost etc]# cp /var/named/named.localhost /var/named/vm1.com.zone  //拷贝模板到解析文件中
[root@localhost etc]# cp /var/named/named.localhost /var/named/vm2.com.zone
[root@localhost etc]# chown named:named /var/named/vm1.com.zone  //修改属性
[root@localhost etc]# chown named:named /var/named/vm2.com.zone
[root@localhost ~]# vi /var/named/vm1.com.zone
$TTL 1D
@       IN SOA  @ rname.invalid. (
                                        0       ; serial
                                        1D      ; refresh
                                        1H      ; retry
                                        1W      ; expire
                                        3H )    ; minimum
                NS      @
                A       127.0.0.1
www     IN      A       20.0.0.12
[root@localhost ~]# vi /var/named/vm2.com.zone
$TTL 1D
@       IN SOA  @ rname.invalid. (
                                        0       ; serial
                                        1D      ; refresh
                                        1H      ; retry
                                        1W      ; expire
                                        3H )    ; minimum
                NS      @
                A       127.0.0.1
www     IN      A       20.0.0.12
[root@localhost etc]# named-checkzone www.vm1.com /var/named/vm1.com.zone
zone www.vm1.com/IN: loaded serial 0
OK
[root@localhost etc]# named-checkzone www.vm2.com /var/named/vm2.com.zone
zone www.vm2.com/IN: loaded serial 0
OK
[root@localhost etc]# named-checkzone www.vm1.com /var/named/vm1.com.zone
zone www.vm2.com/IN: loaded serial 0
OK
[root@localhost ~]# systemctl start named

编译安装nginx

[root@localhost ~]# yum -y install \   //安装环境
gcc \
gcc-c++ \
make \
pcre-devel \
expat-devel \
perl \
zlib-devel 
[root@localhost ~]# ls
Documents        nginx-1.15.9.tar.gz   Videos
[root@localhost ~]# tar xvf nginx-1.15.9.tar.gz -C /opt
[root@localhost ~]# cd /opt
[root@localhost opt]# ls
nginx-1.15.9  rh
[root@localhost nginx-1.15.9]# ./configure \   //编译配置
--prefix=/usr/local/nginx \  
--user=nginx \
--group=nginx \
--with-http_stub_status_module
--without-http_rewrite_module
[root@localhost nginx-1.15.9]# useradd -s /sbin/nologin -M nginx    //增加运行账户
[root@localhost nginx-1.15.9]# tail -1 /etc/passwd
nginx:x :1001:1001::/home/nginx:/sbin/nologin
[root@localhost nginx-1.15.9]# make -j3 && make install
[root@localhost nginx-1.15.9]# ln -s /usr/local/nginx/sbin/nginx /usr/local/sbin/
[root@localhost nginx-1.15.9]# nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
[root@localhost system]# systemctl start nginx
[root@localhost system]# systemctl status nginx.service
● nginx.service - nginx
   Loaded: loaded (/usr/lib/systemd/system/nginx.service; disabled; vendor preset: disabled)
   Active: active (running) since Sat 2020-09-12 18:29:36 CST; 2s ago
  Process: 17973 ExecStart=/usr/local/nginx/sbin/nginx (code=exited, status=0/SUCCESS)
 ……省略部分

一、配置web虚拟主机

1、配置基于域名的虚拟web主机

[root@localhost conf]# vim /usr/local/nginx/conf/nginx.conf
    server {
    
    
        listen       80;
        server_name  www.vm1.com;
        charset utf-8;
        access_log  logs/www.vm1.access.log;
        location / {
    
    
            root   /var/www/html/vm1/;
            index  index.html index.htm;
        }
        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
    
    
            root   html;
        }
    }
    server {
    
    
        listen       80;
        server_name  www.vm2.com;
        charset utf-8;
        access_log  logs/www.vm2.access.log;
        location / {
    
    
            root   /var/www/html/vm2/;
            index  index.html index.htm;
        }
        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
    
    
            root   html;
        }
    }
[root@localhost conf]# mkdir -p /var/www/html/vm1/
[root@localhost conf]# mkdir -p /var/www/html/vm2/
[root@localhost html]# cd vm1
[root@localhost vm1]# vim index.html
[root@localhost vm1]# systemctl restart nginx
[root@localhost vm1]# vim index.html
[root@localhost vm1]# cd ..
[root@localhost html]# cd vm2
[root@localhost vm2]# vi index.html 
[root@localhost vm2]# systemctl restart nginx

去另一台机器测试

[root@localhost ~]# vi /etc/hosts
20.0.0.12       www.vm1.com
20.0.0.12       www.vm2.com

登录网页测试
在这里插入图片描述
在这里插入图片描述

2、配置基于ip的虚拟web主机(添加双网卡IP1:20.0.0.12;IP2:192.168.30.10)

[root@localhost conf]# vim /usr/local/nginx/conf/nginx.conf
    server {
    
    
        listen  20.0.0.12:80;
  #      server_name  www.vm1.com;
        charset utf-8;
        access_log  logs/www.vm1.access.log;
        location / {
    
    
            root   /var/www/html/vm1/;
            index  index.html index.htm;
        }
        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
    
    
            root   html;
        }
    }

    server {
    
    
        listen  192.168.30.10:80;
   #     server_name  www.vm2.com
        charset utf-8;
        access_log  logs/www.vm2.access.log;
        location / {
    
    
            root   /var/www/html/vm2/;
            index  index.html index.htm;
        }
        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
    
    
            root   html;
        }
    }

去另一台虚拟机测试

在这里插入图片描述
在这里插入图片描述

3、基于端口的虚拟web主机

[root@localhost conf]# vim /usr/local/nginx/conf/nginx.conf
    server {
    
    
        listen  20.0.0.12:800;
  #      server_name  www.vm1.com;
        charset utf-8;
        access_log  logs/www.vm1.access.log;
        location / {
    
    
            root   /var/www/html/vm1/;
            index  index.html index.htm;
        }
        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
    
    
            root   html;
        }
    }

    server {
    
    
        listen  20.0.0.12:8080;
   #     server_name  www.vm2.com
        charset utf-8;
        access_log  logs/www.vm2.access.log;
        location / {
    
    
            root   /var/www/html/vm2/;
            index  index.html index.htm;
        }
        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
    
    
            root   html;
        }
    }

测试

在这里插入图片描述
在这里插入图片描述

二、Nginx访问状态统计

启用HTTP_STUB_STATUS状态统计模块
配置编译参数时添加–with-http_stub_status_module
nginx -V查看已安装的Nginx是否包含HTTP_STUB_STATUS模块

[root@localhost conf]# nginx -V   //可以看到已经安装了统计模块
nginx version: nginx/1.15.9
built by gcc 4.8.5 20150623 (Red Hat 4.8.5-36) (GCC) 
configure arguments: --prefix=/usr/local/nginx --user=nginx --group=nginx --with-http_stub_status_module
[root@localhost conf]# vi nginx.conf
        location / {
    
    
            root   html;
            index  index.html index.htm;
        }

        location /status {
    
    
        stub_status on;
        access_log off;
        }
[root@localhost conf]# systemctl restart nginx

访问20.0.0.12/status测试

在这里插入图片描述

三、用户访问控制

1、基于授权的访问控制

[root@localhost conf]# yum -y install httpd-tools  //安装httpd工具软件包
[root@localhost conf]# htpasswd -c /usr/local/nginx/passwd.db user   /创建访问用户,第一次创建需要-c创建用户数据文件,生成用户密码认证文件
[root@localhost conf]# cat /usr/local/nginx/passwd.db   //查看用户数据文件
user:3p9ocItYYOa6U
[root@localhost conf]# vim /usr/local/nginx/conf/nginx.conf
        location / {
    
    
            root   html;
            index  index.html index.htm;
        auth_basic "secret";
        auth_basic_user_file    /usr/local/nginx/passwd.db;
        }
[root@localhost conf]# nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
[root@localhost conf]# systemctl restart nginx

登入网站测试

在这里插入图片描述

2、基于客户端的访问控制

通过客户端lP地址,决定是否允许对页面访问
配置规则:
deny P/IP段:拒绝某个IP或IP段的客户端访问
allow IP/IP段:允许某个IP或IP段的客户端访问
规则从上往下执行,如匹配则停止,不再往下匹配

猜你喜欢

转载自blog.csdn.net/CN_LiTianpeng/article/details/108550876
今日推荐
面壁智能发布 Eurux-8x22B 开源大模型 —— 堪称「理科状元」
开源日报 | 谷歌扶持鸿蒙上位;开源Rabbit R1;Docker加持的安卓手机;微软的焦虑和野心;海尔电器把开放平台关了
中国码农的“35岁魔咒”
蘭雅 CorelDRAW 插件 2024.5.1 国际劳动节版,免费下载
Arc Browser for Windows 1.0 正式 GA
90后程序员开发视频搬运软件、不到一年获利超 700 万,结局很刑!
周排行
OOP第二次作业
java web 乱码问题
android 禁止scrollview 因控件变化自动滚动到底的方法
mysql服务解压版的安装(5.7)
centos7 nginx+tomcat配置https 安装免费SSL Let’s Encrypt
使用Mosquitto遗嘱机制实现感知客户端上下线功能的方法
面向对象之------多态与多态性
开发Teams Tabs应用程序
C# 希尔排序
第2章 Jupyter Notebooks
每日归档
更多
2024-05-06(40)
2024-05-05(0)
2024-05-04(7)
2024-05-03(19)
2024-05-02(0)
2024-05-01(4)
2024-04-30(1)
2024-04-29(40)
2024-04-28(0)
2024-04-27(56)

代码天地 © 2018 codetd.com

境外服务器   最新电视剧2022