一、Nginx访问状态统计
1.1 安装Nginx
[root@promote ~]# useradd -s /sbin/nologin -M nginx
[root@promote ~]# yum -y install pcre-devel zlib-devel gcc gcc-c++ pcre make
[root@promote ~]# tar zxvf nginx-1.12.2.tar.gz
[root@promote ~]# cd nginx-1.12.2
[root@promote nginx-1.12.2]# ./configure --prefix=/usr/local/nginx --user=nginx --group=nginx --with-http_stub_status_module
[root@promote nginx-1.12.2]# make && make install
1.2 优化Nginx配置
[root@promote nginx-1.12.2]# ln -s /usr/local/nginx/sbin/nginx /usr/local/sbin/
[root@promote nginx-1.12.2]# vim /etc/init.d/nginx
#!/bin/bash
# chkconfig: - 99 20
# description:Nginx Service Control Script
PROG="/usr/local/nginx/sbin/nginx"
PIDF="/usr/local/nginx/logs/nginx.pid"
case "$1" in
start)
$PROG
;;
stop)
kill -s QUIT $(cat $PIDF)
;;
restart)
$0 stop
$0 start
;;
reload)
kill -s HUP $(cat $PIDF)
;;
*)
echo "Usage: $0 {start|stop|restart|reload}"
exit 1
esac
exit 0
[root@promote nginx-1.12.2]# chmod +x /etc/init.d/nginx
1.3 配置Nginx配置文件
[root@promote nginx-1.12.2]# vim /usr/local/nginx/conf/nginx.conf
location /status {
stub_status on;
access_log off;
}
1.4 启动Nginx服务
[root@promote nginx-1.12.2]# service nginx start
[root@promote nginx-1.12.2]# netstat -atnp | grep "nginx"
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 12671/nginx: master
1.5 访问状态信息
- http://192.168.233.127/status
二、基于授权的访问控制
2.1 密码文件生成
[root@localhost ~]# yum -y install httpd ## 获取htpasswd命令
[root@localhost ~]# htpasswd -c /usr/local/nginx/passwd.db wlw
New password:
Re-type new password:
Adding password for user wlw
[root@localhost ~]# chown nginx /usr/local/nginx/passwd.db
[root@localhost ~]# chmod 400 /usr/local/nginx/passwd.db
2.2 Nginx配置文件修改
[root@localhost ~]# vim /usr/local/nginx/conf/nginx.conf
location / {
auth_basic "secret";
auth_basic_user_file /usr/local/nginx/passwd.db;
root html;
index index.html index.htm;
}
2.3 重启Nginx服务
[root@localhost ~]# service nginx stop
[root@localhost ~]# service nginx start
2.4 测试
- 访问192.168.233.127
- 输入密码进行登录
- 登录成功
三、Nginx虚拟主机的使用
3.1 基于域名构建虚拟主机
3.1.1 修改Nginx服务配置文件
[root@localhost ~]# vim /usr/local/nginx/conf/nginx.conf
server {
server_name www.kgc.com;
location / {
root /var/www/html/kgc;
index index.html index.php;
}
}
server {
server_name www.test.com;
location / {
root /var/www/html/test;
index index.html index.php;
}
}
3.1.2 安装dns解析服务
[root@localhost ~]# yum -y install bind
3.1.3 修改dns服务配置
- 修改dns主配置文件
[root@localhost ~]# vim /etc/named.conf
listen-on port 53 {
any; };
allow-query {
any; };
- 修改区域配置文件
[root@localhost ~]# vim /etc/named.rfc1912.zones
zone "kgc.com" IN {
type master;
file "kgc.com.zone";
allow-update {
none; };
};
zone "test.com" IN {
type master;
file "test.com.zone";
allow-update {
none; };
};
- 区域数据配置文件修改
[root@localhost ~]# cd /var/named/
[root@localhost named]# cp -p named.localhost kgc.com.zone
[root@localhost named]# cp -p named.localhost test.com.zone
[root@localhost named]# vim kgc.com.zone
$TTL 1D
@ IN SOA @ rname.invalid. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS @
A 127.0.0.1
www IN A 192.168.233.127
[root@localhost named]# vim test.com.zone
$TTL 1D
@ IN SOA @ rname.invalid. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS @
A 127.0.0.1
www IN A 192.168.233.127
3.1.4 配置Nginx访问页面
[root@localhost named]# cd /var/www/html/
[root@localhost html]# mkdir test
[root@localhost html]# mkdir kgc
[root@localhost html]# cd kgc/
[root@localhost kgc]# vim index.html
<h1> this is kgc </h1>
[root@localhost kgc]# cd ../test
[root@localhost test]# vim index.html
<h1>this is test</h1>
3.1.5 重启服务
[root@localhost test]# systemctl start named
[root@localhost test]# service nginx stop
[root@localhost test]# service nginx start
3.1.6 测试
3.2 基于端口构建虚拟主机
3.2.1 修改Nginx配置文件
[root@promote ~]# vim /usr/local/nginx/conf/nginx.conf
server {
listen 192.168.233.127:80;
server_name 192.168.233.127:80;
}
server {
listen 192.168.233.127:8080;
server_name 192.168.233.127:8080;
}
3.2.2 测试
- 访问192.168.233.127:80
- 访问192.168.233.127:8080
3.3 基于IP地址构建主机
3.3.1 添加配置双网卡
[root@promote ~]# cd /etc/sysconfig/network-scripts/
[root@promote network-scripts]# cp -p ifcfg-ens33 ifcfg-ens36
[root@promote network-scripts]# vim ifcfg-ens36
TYPE=Ethernet
PROXY_METHOD=none
BROWSER_ONLY=no
BOOTPROTO=static
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
IPV6_ADDR_GEN_MODE=stable-privacy
NAME=ens36
DEVICE=ens36
ONBOOT=yes
IPADDR=192.168.233.131
GATEWAY=192.168.233.2
NATMASK=225.255.255.0
DNS1=192.168.233.2
~
[root@promote network-scripts]# ifconfig ens33
ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.233.127 netmask 255.255.255.0 broadcast 192.168.233.255
inet6 fe80::3dad:302:3104:ef90 prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:a8:53:ce txqueuelen 1000 (Ethernet)
RX packets 563179 bytes 837263934 (798.4 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 103260 bytes 6462659 (6.1 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
ens36: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.233.131 netmask 255.255.255.0 broadcast 192.168.233.255
inet6 fe80::2801:3a55:2e5d:f6dc prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:a8:53:d8 txqueuelen 1000 (Ethernet)
RX packets 69 bytes 6434 (6.2 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 84 bytes 12882 (12.5 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
3.3.2 修改Nginx配置文件
[root@promote ~]# vim /usr/local/nginx/conf/nginx.conf
server {
listen 192.168.233.127:80;
server_name 192.168.233.127:80;
}
server {
listen 192.168.233.131:80;
server_name 192.168.233.131:80;
}
[root@promote ~]# nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
[root@promote ~]# service nginx stop
[root@promote ~]# service nginx start
3.3.3 测试
- 访问192.168.233.127
- 访问192.168.233.131