nginx configuration and instructions
Nginx configuration and description: #Define
the user and user group that Nginx runs
user www www;
#nginx process number, it is recommended to set it equal to the total number of CPU cores.
worker_processes 4; #Definition
type of global error log, [ debug | info | notice | warn | error | crit ]
error_log ar/loginx/error.log notice; #Process
file
pid ar/runinx.pid; #One
nginx process opens the most The theoretical value of the number of file descriptors should be the maximum number of open files (the system value ulimit -n) divided by the number of nginx processes, but nginx allocates requests unevenly, so it is recommended to keep the value of ulimit -n consistent.
worker_rlimit_nofile 131072; #Working
mode and connection limit
events
{
#Reference event model, use [ kqueue | rtsig | epoll | /dev/poll | select | poll ]; The epoll model is a high-performance network I/ in the kernel of Linux version 2.6 and above The O model, if running on FreeBSD, use the kqueue model.
use epoll; #Maximum
number of connections for a single process (maximum number of connections = number of connections * number of processes)
worker_connections 65535;
} #Set
http server
http
{
include mime.types; #File extension and file type mapping table
default_type application/octet-stream; #Default file type#
charset utf-8; #Default encoding
server_names_hash_bucket_size 128; #Server The hash table size of the name
client_header_buffer_size 32k; #Upload file size limit
large_client_header_buffers 4 64k; #Set the request buffer
client_max_body_size 8m; #Set the request buffer
sendfile on; #Enable the efficient file transfer mode, the sendfile instruction specifies whether nginx calls the sendfile function to output File, set to on for common applications. If it is used for applications such as downloading and other applications with heavy disk IO load, it can be set to off to balance the processing speed of disk and network I/O and reduce the load of the system. Note: If the picture is not displayed properly, change this to off.
autoindex on; #Enable directory list access, suitable for download servers, closed by default.
tcp_nopush on; #Prevent network blocking
tcp_nodelay on; #Prevent network blocking
keepalive_timeout 120; #Long connection timeout, in seconds
#gzip module setting
gzip on; #Enable gzip compression output
gzip_min_length 1k; #Minimum compressed file size
gzip_buffers 4 16k; #Compression buffer
gzip_http_version 1.0; #Compression version (default 1.1, If the front end is squid2.5, please use 1.0)
gzip_comp_level 2; #Compression level
gzip_types text/plain text/html text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;
# The compression type already contains textml by default, so there is no need to write it below, and there will be no problem in writing it, but there will be a warn.
gzip_vary on;
#limit_zone crawler $binary_remote_addr 10m; #When you want to limit the number of IP connections, you need to use
##Use the cache#
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_connect_timeout 500;
proxy_send_timeout 500;
proxy_read_timeout 500;
proxy_buffers 32 4k;
proxy_buffering on;
proxy_temp_path /opt/nginx/nginx_cache/proxy_temp_dir;
proxy_cache_path /opt/nginx/nginx_cache/proxy_cache_dir levels=1:2 keys_zone=cache_one:200m inactive=30m max_size=8g;
#
log_format new_log ' $upstream_cache_status $host$uri$is_args$args $remote_addr - $args - $remote_user [$time_local] $request '
'"$status" $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
upstream boce.gjp.com {
#Upstream load balancing, weight is the weight, which can be defined according to the machine configuration. The weight parameter represents the weight, and the higher the weight, the greater the probability of being assigned. jvm_route synchronization, srun_id: name set in tomcat
; fail_timeout: timeout;
server 192.168.10.45:8080 weight=3 max_fails=2 fail_timeout=15s srun_id=jvm45;
server 192.168.10.46:8080 weight=10 max_fails=2 fail_timeout=15s srun_id =jvm46;
jvm_route $cookie_JSESSIONID|sessionid reverse;
check interval=3000 rise=2 fall=5 timeout=1000;
} #Virtual
host configuration
server
{
#Listening port
listen 80; #There
can be multiple domain names, separated by spaces
server_name boce.gjp.com, gjp.com;
index index.html index.htm ;
root /data/www/jsp;
location ~ .*.(jsp|do)?$
{
proxy_next_upstream http_502 http_504 error timeout invalid_header;
proxy_cache cache_one;
proxy_cache_valid 200 304 1d;
proxy_cache_valid any 1d;
proxy_cache_key $host$uri$is_args$args;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_pass http:// boce.gjp.com
# proxy_pass http://192.168.10.45:8080;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host:$server_port;
index index.html index.jsp login.jsp index.htm;
#proxy_redirect off;
expires 1d;
}
#图片缓存时间设置
location ~ .*.(gif|jpg|jpeg|png|bmp|swf)$
{
expires 10d;
}
#JS and CSS cache time settings
location ~ .*.(js|css)?$
{
expires 1h;
}
#Log Format setting
log_format access '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" $http_x_forwarded_for'; #Define
the access log of this virtual host
access_log ar/ loginx/ha97access.log access; #Enable
reverse proxy for "/"
location / {
proxy_pass http://boce.gjp.com
proxy_redirect off;
proxy_set_header X-Real-IP $remote_addr;
#The back-end web server can obtain the user's real IP through X-Forwarded-For
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; #The
following are some reverse proxy configurations, optional.
proxy_set_header Host $host;
client_max_body_size 10m; #Maximum number of bytes of a single file allowed by the client request
client_body_buffer_size 128k; #The maximum number of bytes that the buffer proxy buffers the client request,
proxy_connect_timeout 90; #nginx connects to the backend server and the timeout time ( Proxy connection timeout)
proxy_send_timeout 90; #Backend server data return time (Proxy send timeout)
proxy_read_timeout 90; #After the connection is successful, the backend server response time (proxy receive timeout)
proxy_buffer_size 4k; #Set the proxy server (nginx) to save the user Header buffer size
proxy_buffers 4 32k; #proxy_buffers buffer, the average web page is set below 32k
proxy_busy_buffers_size 64k; #Buffer size under high load (proxy_buffers*2)
proxy_temp_file_write_size 64k;
#Set the size of the cache folder, if it is larger than this value, it will be transmitted from the upstream server
} #Set
the address for viewing Nginx status
location /NginxStatus {
stub_status on;
access_log on;
auth_basic "NginxStatus";
auth_basic_user_file confpasswd;
#htpasswd file content can be Generated with the htpasswd tool provided by apache.
}
#All static files are read directly by nginx without tomcat or resin
location ~ .*.(htm|html|gif|jpg|jpeg|png|bmp|swf|ioc|rar|zip|txt|flv|mid|doc |ppt|pdf|xls|mp3|wma)$
{ expires 15d; }
location ~ .*.(js|css)?$
{ expires 1h; }
}
}
More detailed configuration instructions: https://www.nginx.com /resources/wiki/
Prevent domain names from being maliciously resolved:
server {
listen 80 default_server;
server_name wwww.test.com www.test2.com;
return 444;
}
Guess you like
Origin http://43.154.161.224:23101/article/api/json?id=326435373&siteId=291194637
Recommended
Ranking