1. Modify before compiling and installing nginx: In the installation package directory
vim src/core/nginx.h //# does not represent a comment
#define nginx_version 1009009 //Software version number
#define NGINX_VERSION "1.9.9" //version number
#define NGINX_VER "nginx/" NGINX_VERSION //software program name
vim src/http/ngx_http_header_filter_module.c //Hide version information, request header
//Search for NGINX_VER
staticchar ngx_http_server_string[] = "Server: nginx" CRLF;改成
staticchar ngx_http_server_string[] = "hello"
vim src/http/ngx_http_special_response.c //Hide version information, corresponding header
//Search for NGINX_VER
"<hr><center>"NGINX_VER"</center>" CRLF 改成
"<hr><center>hello</center>" CRLF
安装依赖:yum install -y gcc gcc-c++ autoconf pcre-devel automake zlib zlib-devel openssl-devel
编译:./configure --prefix=/usr/local/nginx --with-http_dav_module --with-http_stub_status_module --with-http_addition_module --with-http_sub_module --with-http_flv_module --with-http_mp4_module --with-pcre=/usr/local/src/pcre-8.37
安装:make -j 2 && make install
启动:/usr/local/nginx/sbin/nginx
Check if the startup is successful (listening on port 80): netstat -lntup
Disable firewall and selinx
2. Tuning:
Master process (root): The main purpose is to generate and destroy worker processes and generate logs, and they do not process requests themselves.
Running process (worker process: nobody): mainly responsible for accepting user requests.
vim /usr/local/nginx/conf/nginx.conf //Configuration file
#If you change the user group of nginx, open #user nobody; change nobody, it is recommended not to change
worker_processes 1; //Number of running threads, it is recommended to change the number to auto
worker_cpu_affinity 00000001 ~~~~~~01000000 //The cpu is bound to the 1-7 core cup, it is recommended not to add
worker_rlimit_nofile 1024 //The default number of files opened by a worker process, the default is 1024
events { //Define events,
use epoll //event model, it is best to use the epoll model in linux
worker_connections 1024; //A worker process can correspond to the maximum number of concurrent
accept_mutex_delay 60; //The time for a worker process to reject other requests when accepting a request, use it carefully
accept_mutex on //Whether to open the load balancing lock. When using nginx as a load balancer, if it is turned on, multiple worker processes can be connected to the client in turn to truly become a load balancer. Otherwise, one process has been processing load balance while the others are idle.
}
http{
include mime.types;
default_type application/octet-stream;
//These two lines load media formats, such as css, js, etc., must be
----------------------------------------------------------------------------------
#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
#access_log logs/access.log main;
//Define the log format, which can be turned on
----------------------------------------------------------------------------------
sendfile on;
//Enable high-efficiency file transfer mode The sendfile command specifies whether ngnix is called. With the following, it needs to be turned on
#tcp_nopush on;
----------------------------------------------------------------------------------
keepalive _timeout 65; //Persistent link
tcp_nodelay on;
client_header_timeout 15; //Timeout for client request header reading
client_body_timeout 15; //Timeout time for body request to read
send_timeout 15
//These options keep the persistent link
----------------------------------------------------------------------------------
#gzip on;
//Whether to enable compression, the range of compression needs to be configured
gzip_min_length 1k; //The size of the compressed file, the file larger than 1k will be compressed, and the smaller will be compressed more and more
gzip_buffers 4 32k; //buffer size, 4 segments, 32k per segment
gzip_http_version 1.1; //Compressed version, the default is 1.1, don't write this line
gzip_comp_level 5; //Compression level, ranging from 1 to 9, generally written to 4 or 5
gzip_types image/png text/html text/xml application/javacript; //Compressed file type
gzip_vary on; //Start the front-end cache service
----------------------------------------------------------------------------------
client_max_body_size 10m //Upload size limit, the maximum is 10m, generally not used, limit in php
----------------------------------------------------------------------------------
}
server {
----------------------------------------------------------------------------------
listen 80; //listen port
Writing: listen port; and listen ip:port (Note: port is the port)
----------------------------------------------------------------------------------
server_name; //server name
Writing: www.baidu.com *.baidu.com www.* ~^.*\.baidu\.com$ (regular) default_server
----------------------------------------------------------------------------------
location writing
= //exact match
^~ //The first half of the URI matches
~ //Regular expression matching, case sensitive
~* //Regular expression matching, case insensitive
location / { // root
root html; //website root directory
index index.html index.php index.htm;
}
----------------------------------------------------------------------------------
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
//配置错误页面和状态码
----------------------------------------------------------------------------------
proxy_pass //重定向,写在server里,如:
location / {
proxy_pass http://www.sina.com; //这样用比较少
}
//健康的
location / {
proxy_pass http://192.168.31.223;
porxy_set_header Host $host;
porxy_set_header X-Real-IP $remote_addr;
}
//在要访问的机器上配置(httpd服务)
vim /etc/httpd/conf/httpd.conf
//搜索LogFormat
%h改%{X-Real-IP}i
//搜索combined检查是否调用combined
重启httpd
----------------------------------------------------------------------------------
}
//缓存
proxy_cache_path /tmp/nginxcache levels=1:2 keys_zone=hello:10m;
/tmp/nginxcache //缓存路径
levels=1:2 //目录层级,第一级目录为一个字符,第二级目录为两个字符,一个冒号为两层,两个冒号为三层,如:1:2:3
keys_zone=hello:10m //从内存中取10m空间命名为hello
proxy_cache_methods GET HEAD; //缓存的格式
proxy_cache_min_uses 1; //设置为1的时候为这个资源启用一次开始缓存,设置为2时为启用两次时开始缓存
proxy_cache_revalidate on; //有效期验证
proxy_cache_use_stale error timrout; //如果缓存过期了,就去后端请求
proxy_cache_valid 200 1d; //缓存时间设置,200的状态码缓存一天
proxy_connect_timeout 30s; //缓存超时时间
proxy_hide_header; //隐藏http首部,可不配置
proxy_buffer_size 8k; //加速响应
proxy_cache_bypass $http_authorization //对哪些内容不要缓存,对http认证的内容不缓存
//设置好以后需在server内的location内引用
proxy_cache hello;
----------------------------------------------------------------------------------
upstream backend{
server ip:端口 max_fails(检测次数)=3 fail_timeout 30s;
}
//配置upstream后在server下的location下的proxy_pass改为
porxy_pass http://backend;
----------------------------------------------------------------------------------