Eight, Nginx WEB module
1. Random homepage: random_index_module
(1) Function: micro-update
(2) Purpose: Set the homepage as a random page, which is a fine-tuning update mechanism
(3) Start random homepage:
①: Create multiple homepages: touch /app/{ blue.html,green.html,red.html,yellow.html}
②: Write different content on different pages, such as
<html>
<head>
<title>blue color</title>
</head>
<body style ="background-color:blue">
<h1>blue color!</h1>
</body>
</html>
③: Start the random homepage: vim /etc/nginx/conf.d/default.conf
server{
location / {
#root /usr/share/nginx/html;
#index index.html index.htm;
root /app;
random_index on;
}
} 
④: Refresh the homepage and observe the changes systemctl restart nginx
⑤: Use the browser to access ip to view Webpage changes: Click F5 in the browser to see the webpage changes!
⑥: After completing the test, please comment out this function. Avoid affecting other experiments.
2. Replacement module: sub_module
(1) Purpose: Replacement of web content: If we use a template to generate a website, the code is unsatisfactory due to omissions or other reasons, but at this time because of the large number of files, it is inconvenient to regenerate all of them, then this At that time, we can use this module to temporarily implement error correction. On the other hand, we can also use this to achieve the effect of server-side text filtering.
(2) Start replacement: vim /etc/nginx/conf.d/default.conf //Start nginx default page
server {//Insert
sub_filter nginx'NIHAOSHUAI' under server{ ;
sub_filter_once on;
location / {
root /usr/ share/nginx/html;
index index.html index.htm;
} 
(3) Restart the server: systemctl restart nginx
(4) Experiment: Browser access ip:
①: Before modification: 
②: After modification: 
(5): Modify the text All of nginx! 
①: Restart the server: systemctl restart nginx
②: Visit again:
3. File reading:
(1) Module: ngx_http_core_module
(2) Syntax:
①: Syntax: sendfile on | off;
Default: sendfile on;
Context: http, server, location, if in location
②: Syntax: tcp_nopush on | off ;
Default: tcp_nopush off;
Context: http, server, location
③: Syntax: tcp_nodelay on | off;
Default: tcp_nodelay on;
Context: http, server, location
(3) Principle introduction:
①: sendfile:
Sendfile() is not used Traditional network transmission process:
hard disk >> kernel buffer >> user buffer >> kernel socket buffer >> protocol stack
Illustration: The process of
using sendfile() for network transmission:
Hard disk >> kernel buffer (fast copy to kernelsocket buffer) >> protocol stack
sendfile() can not only reduce the number of switching but also the number of copies.
③: tcp_nopush is
not used tcp_nopush() Waste of network resources: the application will send a packet every time an operation is generated, and a packet will typically have one byte of data and a 40-byte header, so 4000% The overload can easily cause network congestion. At the same time, resources are wasted
using tcp_nopush() to improve network transmission efficiency: the packets are sent after they have accumulated to a certain size.
④: tcp_nodelay
opens or closes the function of nginx using TCP_NODELAY option. This option is only enabled when the connection is converted to a persistent connection.
TCP_NODELAY is to disable the Nagle algorithm, that is, the packet is sent out immediately.
Due to Nagle and DelayedACK, the confirmation information of the data packet needs to be accumulated to two before it is sent. In the case of a long connection, the odd-numbered packet will cause a delay of 40ms, so tcp_nodelay will send the ack immediately. If you are not in a long connection, you can close this module, because the ack will be sent out immediately.
(4): Enable the module
location /video/ {
sendfile on;
tcp_nopush on;
} //Started by default without verification
4. File compression:
(1): Principle introduction: start this module to compress files before transmission to improve transmission efficiency.
(2): Module: ngx_http_gzip_module
(3): Syntax:
Syntax: gzip on | off;
Default: gzip off;
Context: http, server, location, if in location
Syntax: gzip_comp_level level;
Default: gzip_comp_level 1;(1~9)
Context: http, server, location
Syntax: gzip_http_version 1.0 | 1.1;
Default: gzip_http_version 1.1;
Context: http, server, location
(4) Observe uncompressed files:
①: Write something in a web page: dd if=/dev/zero of=/usr/share /nginx/html/2.html bs=1M count=200 //Increase the experimental effect,
②: Web access ip plus directory: F12 at the same time, open the developer mode: before compression: 
(5): Enable the compression module:
①: Write configuration: vim /etc/nginx/nginx.conf
Enable this tag in http:
http {
gzip on;
gzip_http_version 1.1;
gzip_comp_level 2;
gzip_types text/plain application/javascript application/x-javascript text/css application/xml text/ javascript application/x-httpd-php image/jpeg image/gif image/png;
gzip_static on; 
②: restart nginx: systemctl restart nginx
③: observe the compressed file volume:
5. Page caching:
(1): Module: ngx_http_headers_module
(2): Role: Expires plays a role in controlling page caching. Reasonable configuration of expires can reduce many server requests. Expires can be configured in the http section or the server section. Or join in the location section.
Nginx (expires cache to reduce the pressure on the server),
(3): Syntax:
Syntax: expires [modified] time;
expires epoch | max | off;
Default: expires off;
Context: http, server, location, if in location
“epoch: Specify the value of "Expires" as 1 January, 1970, 00:00:01 GMT"
max: Specify the value of "Expires" as 10 years.
-1: Specify the value of "Expires" as the current server time -1s, which means it will expire forever.
off: Do not modify the values of "Expires" and "Cache-Control".
(4): Principle introduction: no cache, every time you visit the server, it is full text transmission. Enabling cache can speed up browsing websites.
(5): Enable cache:
①: Observe browser cache:
Turn on browser cache and browse the page. (Default): The first return status code 200. Page object full text transmission, the second return status 304. Page object partial transmission.
②: Disable caching, browse the page, return code 200. Full text transmission,
③: Analyze caching principle:
④: Server cache module: vim /etc/nginx/conf.d/default.conf
location / {
root /usr/share/nginx/html
index index.html index.htm;
expires 24h;
restart the server: systemctl restart nginx
⑤: Browse the page again and observe the cache time of the server reply in the response header
: After the browser visits once, the server is not responding to the browser's request within a day
⑥: Disadvantage: The disadvantage is that the timeliness is reduced.
6.防盗链:
(1): 模块:ngx_http_referer_module
(2):语法:
Syntax: valid_referers none | blocked | server_names | string ...;
Default: —
Context: server, location
(3):日志原理介绍
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
The http_referer in the log format is the record, the URL referenced by the access point. That is, the upper-level address of the hyperlink.
Through this address, you can find a kind of network behavior-hotlink. Illegal hotlinking will affect the normal access of the site.
This can be controlled through the http_referer module. Prevent illegal hotlinking.
(4): Case:
create a a.com website:
②>mkdir a.com //create a website
③>vim /etc/nginx/conf.d/a.com.conf //modify the configuration
④>systemctl restart nginx / /Restart nginx
⑤: Write something on the homepage of a.com website:
⑥>Do local domain name resolution:
⑥>Visit:
①>mkdir b.com //Create b
website②> vim /etc/nginx/conf.d/b. com.conf //Modify the configuration
③>: compose homepage: misappropriate the content of a.com webpage:
④>: copy a.com webpage connection and write it into b.com webpage:
⑤>: click on the picture, right click to copy Picture link address,
<img src=" http://a.com/1.jpg " />
⑥>: Visit:
⑤>: Separate website log:
vim /etc/nginx/nginx.conf to
open the configuration of a.com File
(5): Enable anti-hotlinking on the a.com website:
①> vim /etc/nginx/conf/a.com.conf
②>Re-visit verification:
(6) If you want some websites to be able to use (hotlink) resources: just add a whitelist after blocked and add the websites you allow to access,
systemctl restart nginx
to verify access again
7. Connection status:
(1): Module: stub_status_module
(2): Purpose: Display information about the number of users and nginx links.
(3): Check whether the module is installed: nginx -V 2>&1 | grep stub_status 
(4): Startup status module
①: Configuration status module: vim /etc/nginx/conf.d/default.conf 
②: systemctl restart nginx
③ :Access the status module of the default site: 10.8.162.6/nginx_status 
④: Explanation: