Comprehensive architecture website service-nginx module function introduction
Code overview:
nginx -t -- 检查语法
curl -Lv www.moox.com -- 跟踪显示详细信息
00. Description:
- nginx serves some common applications (module functions)
- Website page directory index-autoindex
- Website page character modification-charset
- Website page alias function-server_name
- Website status information page-status
- Website service log file-error log-error.log
- Website service log file-access log-access.log
- Website service matching function-location
- The website realizes the jump function-rewrite
- Summary review
01. Review above:
nginx website build configuration and visit https://www.cnblogs.com/moox/p/12726926.html
- Use nginx to build a single website
- Use nginx to build multiple websites.
Try to have a separate virtual host configuration file for
each website. Each website has a separate site directory. - Use nginx to configure security control
According to the domain name address accessed by the user www.moox.com/Av access module (deny, allow) --403
Authentication and authentication module based on user access (hppasswd) - Website service access method
Based on domain name access
Based on address access
02. Nginx enterprise practice application
1) Use nginx service to build a website file sharing server
Web page directory index
Nginx module function: ngx_http_autoindex_module-autoindex instruction
write configuration file (www.conf)
/etc/nginx/mime.types
## 用法:
Syntax: autoindex on | off;
Default:
autoindex off;
Context: http, server, location
## 配置/etc/nginx/conf.d/www.conf
server {
listen 80;
server_name www.oldboy.com;
location / {
root /html/www;
# index默认使用index.html,只删除此处的index.html是没用的
#index index.html index.htm;
auth_basic "oldboy-sz-01";
auth_basic_user_file password/htpasswd;
autoindex on; --- 开启nginx站点目录索引功能
}
}
systemctl reload nginx
mv index.html index.html.bak
mkdir CentOS{6.7,6.8,6.9,7.0}
for id in {6.7,6.8,6.9,7.0};do echo this is a CentOS $id version. can not be download.> CentOS$id/version.txt;done;
for id in {6.7,6.8,6.9,7.0};do echo this is a CentOS $id version. can be download.> CentOS$id/version.php;done;
## PS:1.需要将首页文件进行删除
配置文件/etc/nginx/conf.d/www.conf
和站点目录/html/www中的index.html都要删除
Access test:
enter www.moox.html in the browser to see the effect
../
CentOS6.7/
CentOS6.8/
CentOS6.9/
CentOS7.0/
----------------------------
../
version.php -- 点击时自动下载文件
version.txt -- 点击时显示文件内容
## PS 2. /etc/nginx/mime.types媒体资源类型文件作用
文件中有的(如txt)扩展名信息资源, 进行访问时会直接看到数据信息
文件中没有的(如php)扩展名信息资源, 进行访问时会直接下载资源
[root@web01 nginx]# grep -E "php|txt" mime.types
text/plain txt;
## 可修改/etc/nginx/mime.types使php成为可查看,但不建议,有坑
text/plain txt php;
Website page character modification
Website page directory data, garbled characters appear in Chinese, how to solve:
location / {
root /html/www;
#index index.html;
auth_basic "oldboy-sz-01";
auth_basic_user_file password/htpasswd;
autoindex on;
charset utf-8; --- 修改目录结构中出现的中文乱码问题
}
2) Use the nginx service to take the configuration file alias function
Website page alias function
The first journey: writing configuration files
/etc/nginx/conf.d/www.conf
server_name www.moox.com moox2020.com;
systemctl reloadn nginx
The second course: Configure the analysis information
Added moox.com analysis to the hosts file in Windows
10.0.0.7 www.moox.com blog.moox.com bbs.moox.com moox2020.com
effect:
- Write a website access test-use a short domain name to facilitate testing
- Locate the web server you want to visit-with multiple servers, different domain names make it easy to locate
3) Use the nginx status module function to monitor the website
Status module: ngx_http_stub_status_module
location = / basic_status {
stub_status;
}
The first journey: write the configuration file
[root @ web01 conf.d] # vim status.conf
server {
listen 80;
server_name status.moox.com;
stub_status;
}
The second process: restart the nginx service, and write the analysis file
systemctl reload nginx
10.0.0.7 status.moox.com
Site status page information
The third course: website monitoring and testing , browser status.moox.com, display
Active connections: 1
server accepts handled requests
70 70 97
Reading: 0 Writing: 1 Waiting: 0
The displayed content can also be extracted in Linux
## 增加域名解析
[root@web01 conf.d]# cat /etc/hosts
...
172.16.1.7 status.moox.com
...
## curl 访问
[root@web01 conf.d]# curl status.moox.com
Active connections: 1
server accepts handled requests
74 74 137
Reading: 0 Writing: 1 Waiting: 0
Explanation:
Active connections: the number of active connections can be set to 4000 users, the threshold is 3500
accepts: the total number of connections received (integrated) TCP connections
handled: the number of connections processed (integrated) TCP connections
requests: the total number of requests HTTP protocol requests
Reading: nginx service reads the number of request messages 100 people ordering.Writing
: nginx service responds to the number of message information 100 people responds.
Waiting: nginx queue mechanism to be processed (read or respond to save to save) Main monitoring items
4) nginx log function configuration
Error log: /var/log/nginx/error.log --- Core functionality
access log: /var/log/nginx/access.log ngx_http_log_module
nginx log directory / var / log / nginx exists in Zhizhi automatic packaging and cutting because of log rotation training files
[root@web01 nginx]# ll /var/log/nginx
total 52
-rw-r----- 1 www adm 24583 Apr 18 22:15 access.log
-rw-r----- 1 nginx adm 687 Apr 17 10:09 access.log-20200417.gz
-rw-r----- 1 www adm 5429 Apr 18 15:23 access.log-20200418
-rw-r----- 1 www adm 1233 Apr 18 21:38 error.log
-rw-r----- 1 nginx adm 726 Apr 17 10:08 error.log-20200417.gz
-rw-r----- 1 www adm 2721 Apr 18 15:23 error.log-20200418
[root@web01 nginx]# ll /etc/logrotate.d/nginx
-rw-r--r-- 1 root root 351 Aug 13 2019 /etc/logrotate.d/nginx
Web service log files-error logs
-
Error log: /var/log/nginx/error.log --- Core functionality
Syntax: error_log file [level]; Specify the error log path and the level of error logging level
Default: error_log logs / error.log error;
Context: main , http, mail, stream, server, locationIn
/etc/nginx/nginx.confthe specified error level[root@web01 nginx]# cat /etc/nginx/nginx.conf user www; worker_processes 1; error_log /var/log/nginx/error.log warn; --- 指定错误级别及默认路径 pid /var/run/nginx.pid;Error level:
debug :调试级别, 服务运行的状态信息和错误信息详细显示 信息越多 info :信息级别, 只显示重要的运行信息和错误信息 notice :通知级别: 更加重要的信息进行通知说明 warn :警告级别: 可能出现了一些错误信息,但不影响服务运行 error :错误级别: 服务运行已经出现了错误,需要进行纠正 推荐选择 crit :严重级别: 必须进行修改调整 alert :严重警告级别: 即警告,而且必须进行错误修改 emerg :灾难级别: 服务已经不能正常运行 信息越少
Web service log file-access log
- Default access log: /var/log/nginx/access.log ngx_http_log_module
[root@web01 nginx]# cat /etc/nginx/nginx.conf
## 默认访问日志部分
log_format main '$remote_addr - $remote_user [$time_local] "$request" ' ##定义日志内容格式
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main; ##调用日志格式
$remote_addr 显示用户访问源IP地址信息
$remote_user 显示认证的用户名信息
[$time_local] 显示访问网站时间
"$request" 请求报文的请求行信息
$status 用户访问网站状态码信息
$body_bytes_sent 显示响应的数据尺寸信息
$http_referer 记录调用网站资源的连接地址信息(防止用户盗链)
老男孩nginx---access.log---莫文杰(荒原饮露---老男孩图片链接)---http_referer(链接)
$http_user_agent 记录用户使用什么客户端软件进行访问页面的 (谷歌 火狐 IE 安卓 iphone)
$http_x_forwarded_for ??? 负载均衡
- Custom website access log
## 根据自己的网站自定义访问日志,如只统计www的访问日志
[root@web01 nginx]# cat conf.d/www.conf
server{
listen 80;
server_name www.moox.com moox2020.com;
access_log /var/log/nginx/www_access.log main; ## 定义访问日志
location /{
root /html/www;
#index index.html index.htm;
auth_basic "please input passwd";
auth_basic_user_file password/htpasswd;
autoindex on;
charset utf-8;
}
location /AV {
deny 10.0.0.0/24;
allow 172.16.1.0/24;
#root /html/www;
#index index.html index.htm;
}
}
### 重启nginx服务
[root@web01 nginx]# systemctl reload nginx
# 浏览器访问 www.moox.com, 查看www.access.log的变化
[root@web01 nginx]# tail -f /var/log/nginx/www.accesslog
10.0.0.1 - oldboy [19/Apr/2020:15:23:27 +0800] "GET /CentOS6.7/ HTTP/1.1"
200 399 "http://moox2020.com/"
"Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36" "-"
## 对应关系---------------------------------------------------------------------------
'$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
- PS: The log file information needs to be processed by several G
5) Description of the role of nginx service location
Website service elegant display function-location
Module description: ngx_http_core_module
location for matching (uri)
error page is displayed gracefully
- Error pages display gracefully
location /oldboy {
root /html/www;
error_page 404 /moox.jpg; -- 当访问页面出现404时,显示站点目录下的moox.jpg
}
location /oldgirl {
root /html/www;
error_page 404 /oldgirl.jpg;
}
## 效果测试
[root@web01 www]# cd /html/www
[root@web01 www]# ll
drwxr-xr-x 2 root root 22 Apr 19 16:29 moox
-rw-r--r-- 1 root root 12062 Apr 19 16:26 moox.jpg
[root@web01 moox]# mkdir /html/www/moox
[root@web01 moox]# cd /html/www/moox
[root@web01 moox]# ll
-rw-r--r-- 1 root root 777835 Apr 19 16:23 test.jpg
## 浏览器访问 www.moox.com/moox/test.jpg -- 正常
## 浏览器访问 www.moox.com/moox/test22222.jpg -- 由于没有test22222.jpg,发生404错误,优雅显示指定内容:/html/www/moox.jpg
Website service matching function-location
Location detailed configuration:
## 语法
Syntax: location [ = | ~ | ~* | ^~ ] uri { ... }
location @name { ... }
Default: —
Context: server, location
## 配置方法:
location = / { --- 精确匹配 优先级01 最高
[ configuration A ]
}
location / { --- 默认匹配 优先级04 最低
[ configuration B ]
}
location /documents/ { --- 按照目录进行匹配 优先级03
[ configuration C ]
}
location ^~ /images/ { --- 优先匹配/不识别uri信息中符号信息 优先级02
[ configuration D ]
}
location ~* \.(gif|jpg|jpeg)$ { --- 不区分大小写进行匹配 优先级03
[ configuration E ]
}
## 实例配置
vim /etc/nginx/conf.d/test_location.conf
[root@web01 conf.d]# cat /etc/nginx/conf.d/test_location.conf
server{
listen 80;
server_name test.moox.com;
location = / { ## 浏览器访问 test.moox.com
return 404;
}
location / { ## 浏览器访问 test.moox.com/mm
return 403;
}
location /documents/ { ## 浏览器访问 test.moox.com/documents/
return 501;
}
location ^~ /images/ { ## 浏览器访问 test.moox.com/images/
return 502;
}
location ~* \.(gif|jpg|jpeg)$ { ## 浏览器访问 test.moox.com/xx.gif
return 500;
}
}
## 测试效果:
1.Windows hosts解析:10.0.0.7 www.moox.com test.moox.com
2.浏览器访问 test.moox.com
6) Use nginx to achieve page jump function
The website realizes the jump function-rewrite
Using the rewrite module is a jump function: http_rewrite_module
realizes the function of curl moox.com to jump to www.moox.com
- Grammatical explanation
Syntax: rewrite regex replacement [flag]; rewite 匹配的正则信息 替换成什么信息
Default: —
Context: server, location, if
rewrite www.oldboy.com/(.*) http://www.oldboy.com/$1 permanent; 重写规则配置
^/(.*) $1 指代前半部分的(.*)
baidu.com/oldboy.html跳转到ww.baidu.com/oldboy.html 跳转方式
-
Jump mode:
Permanent Jump: permanent 301 clients will jump information is cached , again directly accessing client Jump
temporary Jump: redirect 302 client does not cache jump information, or again when accessing services End jump -
How to solve the infinite jump:
Due to the permanent jump, the client will cache the server's jump address.
When the server's address changes, the address accessed by the client will not change.
Solution: 1. The client needs to clear the cache 2. Server processing
## 第一种方法: 利用不同server区块配置打破循环,单独的server
server {
server_name oldboy.com;
rewrite ^/(.*) http://www.moox.com/$1 permanent;
}
## 第二种方法: 利用if判断实现打破循环,放在server或location中,不使用单独的server
if ($host ~* "^moox.com$") {
rewrite ^/(.*) http://www.moox.com/$1 permanent;
}
www.oldboy.com/oldboy01/oldboy02/oldboy.jpg --- www.oldboy.com/oldboy.jpg
Extended exercises:
- Use the command to retrieve the value in the status page information
- Build LNMP environment database service / php service