2.5 配置静态文件不记录日志并添加过期时间
2.5.1配置
#vi /usr/local/nginx/conf/vhost/test.com.conf
server
{
listen 80;
server_name test.com test1.com test2.com;
index index.html index.htm index.php;
root /data/nginx/test.com;
if ($host != 'test.com' ) {
rewrite ^/(.*)$ http://test.com/$1 permanent;
}
location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
{
expires 7d;
access_log off;
}
location ~ .*\.(js|css)$
{
expires 12h;
}
access_log /tmp/1.log combined_realip;
}
#/usr/local/nginx/sbin/nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
#echo "11111" > /data/nginx/test.com/1.js
//创建js文件
#echo "22222" > /data/nginx/test.com/2.jpg
//创建jpg文件
#touch /data/nginx/test.com/1.jss
//创建一个对比的文件
2.5.2检验测试
#curl -I -x127.0.0.1:80 test.com/1.js
状态码200
#curl -I -x127.0.0.1:80 test.com/2.jpg
状态码200
#curl -I -x127.0.0.1:80 test.com/1.jss
状态码200
#cat /tmp/1.log
查看日志
2.5.3测试成功
2.6 Nginx防盗链
2.6.1配置
#vi /usr/local/nginx/conf/vhost/test.com.conf
server
{
listen 80;
server_name test.com test1.com test2.com;
index index.html index.htm index.php;
root /data/nginx/test.com;
if ($host != 'test.com' ) {
rewrite ^/(.*)$ http://test.com/$1 permanent;
}
location ~* ^.+\.(gifljpglpng|swf|flv|rar|zipldoclpdf|gz|bz2ljpeglbmplxls)$
{
expires 7d;
valid_referers none blocked server_names *. test.com ;
if ($invalid_referer) {
return 403;
}
access_log off;
}
#/usr/local/nginx/sbin/nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
#/usr/local/nginx/sbin/nginx -s reload
2.6.2检验测试
#curl -x127.0.0.1:80 -e "http://test.com/1.txt" test.com/2.jpg -I
状态码200
#curl -x127.0.0.1:80 -e "http://aaa.com/1.txt" test.com/2.jpg -I
状态码403
2.6.3测试成功
2.7 访问控制
2.7.1配置
#vi /usr/local/nginx/conf/vhost/test.com.conf
server
{
listen 80;
server_name test.com test1.com test2.com;
index index.html index.htm index.php;
root /data/nginx/test.com;
location /admin/
{
allow 192.168.188.1;
allow 127.0.0.1;
deny all;
}
}
//使访问admin目录下只允许192.168.188.1和127.0.0.1访问
#mkdir /data/nginx/test.com/admin
#echo "123" > /data/nginx/test.com/admin/1.html
2.7.2检验测试
#curl -x127.0.0.1:80 test.com/admin/1.html
123
#curl -x192.168.188.128:80 test.com/admin/1.html
状态码403
2.7.3测试成功
2.8 Nginx解析PHP
2.8.1配置
#vi /usr/local/nginx/conf/vhost/test.com.conf
server
{
listen 80;
server_name test.com test1.com test2.com;
index index.html index.htm index.php;
root /data/nginx/test.com;
if ($host != 'test.com' ) {
rewrite ^/(.*)$ http://test.com/$1 permanent;
}
location ~ \. php$
{
include fastcgi_params;
fastcgi_pass unix:/tmp/php-fcgi.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /data/nginx/test.com$fastcgi_script_name;
}
access_log /tmp/1.log combined_realip;
}
//fastcgi_pass用来指定php-fpm的地址