1. Nginx virtual host configuration
1. Based on domain name
(1) Provide domain name resolution for virtual hosts
-
Configure DNS
-
Modify the /etc/hosts file
(2) Prepare web documents for virtual hosts
#创建网页目录
mkdir -p /var/www/html/abc
mkdir -p /var/www/html/def
#编写简易首页html文件
echo "<h1>welcome to www.abc.com</h1>" > /var/www/html/abc/index.html
echo "<h1>welcome to www.def.com</h1>" > /var/www/html/def/index.html
(3) Modify the nginx configuration file
(4) Check grammar and restart, access test
2. Based on domain name
(1) Add a network interface
(2) Modify the nginx configuration file
(3) Check grammar and restart, access test
3. Port-based
(1) Modify the listening port in the configuration file
(2 check syntax and restart, visit test
Four, Nginx access status statistics
cat /opt/nginx-1.12.0/auto/options can view all modules of the installed software (YES means installed)
1. First check whether the installed Nginx contains the HTTP_STUB_STATUS module
2. Modify the nginx.conf configuration file, specify the access location and add the stub_status configuration
Restore the default configuration first, then modify nginx.conf
3. Check the configuration and restart the service to test access
| Active connections : | Indicates the current number of active connections |
|---|---|
| server accepts handled requests 1 1 2 | Indicates the processed connection information. The 3 numbers successively represent the number of processed connections , the number of successful TCP handshakes , and the number of processed requests . |
You can use curl -Ls http://192.168.80.10/status to simulate access to the page and output it, and combine awk and if statements for performance monitoring.
//模拟访问并输出
[root@localhost1 conf]#curl -Ls http://192.168.116.10/status
Active connections: 1
server accepts handled requests
3 3 5
Reading: 0 Writing: 1 Waiting: 0
//获取活动连接数
[root@localhost1 conf]#curl -Ls http://192.168.116.10/status | awk '/Active/ {print $3}'
1
Five, Nginx configuration access control
1. Authorization-based access control
(1) Download dependent software, generate user password authentication files, and modify password file permissions
(2) Modify the corresponding directory of the main configuration file and add authentication configuration items
(3) Check the configuration and restart the service to test access
2. Client-based access control
deny IP/IP segment: Deny client access of a certain IP or IP segment. allow IP/IP segment: allow the client of a certain IP or IP segment to access. The rules are executed from top to bottom, and stop if they match, and do not match down.
(1) Modify the configuration file, allow the following two addresses to access, and deny other
(2) Check the configuration and restart the service to test access
