1.三个参数
a)$http_referer:记录此次请求是从哪个链接访问过来的:
是直接访问,还是从其他网站跳转过来的.
例如:访问:http://www.etiantian.com/,其页面首页是index.html
<h1>www-10.0.0.8:80</h1>
<a href="www.qingfeng.com" target="_blank"><img src="123.jpg""></a>
点击a标签,在www.qingfeng.com(10.0.0.7)上观察日志,可得:此次请求是从www.etiantian.com而来.
- 10.0.0.1 - - [25/Dec/2018:03:44:43 +0800] GET / HTTP/1.1200 16 http://www.etiantian.com/
"Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:64.0) Gecko/20100101 Firefox/64.0"
b)$http_x_forwarded_for和$remote_addr
nginx作为web服务器,想要记录客户端真实IP,需要在自身配置文件中设置此参数:
$http_x_forwarded_for,同时也必须在前端代理服务器的配置文件中添加:
proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header REMOTE-HOST $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
日志格式中添加$http_x_forwarded_for $remote_addr,如: log_format main '$http_x_forwarded_for $remote_addr $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_cookie" $host $request_time';
此时web服务器的日志中$http_x_forwarded_for就是客户端真实IP,$remote_addr是代理服务器IP,
而代理服务器上的$http_x_forwarded_for为空,$remote_addr为客户端IP,所以可得:
$remote_addr是直接访问服务器的IP.
2.nginx日志切割
mkdir /server/scripts cat /server/scripts/cut_nginx_log.sh #!/bin/bash cd /application/nginx/logs/ /bin/mv www_access.log www_access_$(date +%F).log # 让进程释放日志文件 /application/nginx/sbin/nginx -s reload crontab -e 59 23 * * * /bin/sh /server/scripts/cut_nginx_log.sh
3.location匹配规则
语法规则:location [=|~|~*|^~] /uri/ { … },优先级:
第一名:"location =/{...}" 精确匹配/
第二名:"location ^~ /images/{...}" 匹配常规字符串,不做正则匹配检查
第三名:"location ~*\.(gif|jpg|jpeg)${...}" 正则匹配
第四名:"location /document/{...}" 匹配常规字符串,如果有正则就优先匹配正则
第五名:"location /{...}" 所有location都不能匹配后的默认匹配
cat www.conf
server {
listen 80;
server_name www.etiantian.com etiantian.com;
access_log logs/www_access.log main;
location / {
return 401;
}
location = / {
return 402;
}
location /document/ {
return 403;
}
location ^~ /images/ {
return 404;
}
location ~* \.(gif|jpg|jpeg)$ {
return 500;
}
}
# = 等号--优先级最高
curl -s -o /dev/null -I -w "%{http_code}\n" http://www.etiantian.com
402
# / 通用匹配--任何请求都会匹配到
curl -s -o /dev/null -I -w "%{http_code}\n" http://www.etiantian.com/index.html
401
# 下面的例子说明了--优先匹配正则这一规则
curl -s -o /dev/null -I -w "%{http_code}\n" http://www.etiantian.com/document/1.jpg
500
curl -s -o /dev/null -I -w "%{http_code}\n" http://www.etiantian.com/document/index.html
403