Nginx enterprise-level optimization

Others 2019-09-13 14:13:30 views: null

A. Configure Nginx hide the version number

[root@localhost ~]# curl -I 192.168.200.111
HTTP/1.1 200 OK
Server: nginx/1.16.1    //Nginx版本号
Date: Fri, 13 Sep 2019 02:20:55  GMT
Content-Type: text/html; charset=utf-8
Content-Length: 612
Last-Modified: Fri, 13 Sep 2019 01:54:04 GMT
Connection: keep-alive
ETag: "5d7af6bc-264"
Accept-Ranges: bytes

Hiding

1. Modify the source package (prior to installation)

[root@localhost ~]# tar xf nginx-1.16.1.tar.gz -C /usr/src/

[root@localhost ~]# useradd -M -s /sbin/nologin nginx

[root@localhost ~]# vim /usr/src/nginx-1.16.1/src/core/nginx.h

#Define NGINX_VERSION 13 " 8.15.45 "
14 #define NGINX_VER " chenyu /" NGINX_VERSION  two positions changed the name and version number you want

[root@localhost ~]# yum -y install pcre-devel zlib-devel openssl-devel gcc gcc-c++ make

[root@localhost ~]# cd /usr/src/nginx-1.16.1/

[root@localhost nginx-1.16.1]./configure --prefix=/usr/local/nginx --user=nginx --group=nginx --with-http_stub_status_module --with-http_ssl_module --with-http_flv_module --with-http_gzip_static_module && make && make install

[root@localhost nginx-1.16.1]# ln -s /usr/local/nginx/sbin/nginx /usr/local/bin/

[root@localhost nginx-1.16.1]# nginx

[root@localhost nginx-1.16.1]# curl -I 192.168.200.111
HTTP/1.1 200 OK
Server: chenyu/8.15.45   //修改成功
Date: Fri, 13 Sep 2019 02:32:11 GMT
Content-Type: text/html
Content-Length: 612
Last-Modified: Fri, 13 Sep 2019 02:30:34 GMT
Connection: keep-alive
ETag: "5d7aff4a-264"
Accept-Ranges: bytes

2. modify the configuration file (after installation)

[root@localhost ~]# vim /usr/local/nginx/conf/nginx.conf

Add http {} in sever_tokens OFF;  
[the root @ localhost ~] # Nginx -t
Nginx: Configuration File The syntax /usr/local/nginx/conf/nginx.conf IS OK
Nginx: Configuration File / usr / local / Nginx / conf / nginx.conf the Test iS successful
[root @ localhost ~] # killall -HUP nginx
[root @ localhost ~] # curl the -I 192.168.200.111
HTTP / 1.1 the OK 200
Server: nginx modified after the installation is complete // version can not be modified No 
a Date: Fri, 13 Sep 2019 02:35:53 GMT
Content-Type: text / HTML
Content-the Length: 612
Last-Modified: Fri, 13 Sep 2019 02:30:34 GMT
Connection: the Keep-Alive
the ETag: "5d7aff4a -264 "
the Accept-Ranges: bytes

II. Nginx modify users and groups

1. Compile specified during installation

[root@localhost ~]# useradd -M -s /sbin/nologin nginx

[root@localhost nginx-1.16.1]./configure --prefix=/usr/local/nginx --user=nginx --group=nginx --with-http_stub_status_module --with-http_ssl_module --with-http_flv_module --with-http_gzip_static_module && make && make install

2. modify the configuration file

[root@localhost ~]# vim /usr/local/nginx/conf/nginx.conf

2 user nginx nginx;

[root@localhost ~]# ps aux |grep nginx
root 4715 0.0 0.1 46100 1952 ? Ss 10:32 0:00 nginx: master process nginx
nginx 4803 0.0 0.2 48624 2340 ? S 10:35 0:00 nginx: worker process
root 4975 0.0 0.0 112724 996 pts/0 R+ 10:54 0:00 grep --color=auto nginx

III. Configure Nginx web caching time

Nginx When the Web page data back to the client, caching time, to facilitate later returned directly when a request for the same content

Can modify the configuration file, in http segment, or segments server, location or section added to specific content Expiration

A Case Study in picture

[root @ localhost HTML] # LN -s /usr/local/nginx/conf/nginx.conf /etc/nginx.conf  main configuration file is too long, so I created a connection strip

[root@localhost html]# vim /etc/nginx.conf

  location ~ \.(jpg|jpeg|gif)$ {
  expires 1d;
  }

[root@localhost html]# nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
[root@localhost html]# killall -HUP nginx

[root @ localhost HTML] # vim /usr/local/nginx/html/index.html    // at / body> before the addition of the following sentence reference picture

  <img src="linux.jpg"/>

 

 

 Set up, buffer time is 1 day

IV. Realized Nginx log cutting

[root@localhost ~]# vim fenge.sh

#!/bin/bash

= $ Data (-d DATE "Day -1" "the Y +% m% D%")                 // day before time
logs_path = "/ usr / local / Nginx / logs"                 // log storage position
pid_path = "/ usr /local/nginx/logs/nginx.pid "               // pid file
[-d $ logs_path / BAK] || mkdir -p $ logs_path / BAK          // determine whether there is a backup directory
iF [-f $ pid_path]; the then                      // Analyzing
Music Videos logs_path $ / $ logs_path the access.log / bak / Data access.log- $      // log file is packaged in previously bak time of day in the name of
the kill -USR1 $ ($ pid_path CAT)                // new log
+30 -mtime $ logs_path the Find | xargs RM -f          // delete command 30 days before
the else
echo "Error, Nginx iS not Working!" | TEE -a / var / log / messages    // If you do not run or fails output and added to the system log

be

[the root @ localhost ~] # tail -f /usr/local/nginx/logs/access.log
192.168.200.111 - - [13 is / On Sep / 2019: 10: 32:. 11 +0800] "the HEAD / the HTTP / 1.1" 200 is 0 "-" "curl / 7.29.0"
192.168.200.111 - - [13 is / On Sep / 2019: 10: 35: 53 is +0800] "the HEAD / the HTTP / 1.1" 200 is 0 "-" "curl / 7.29.0" // test log generated before     

[root @ localhost ~] # bash fenge.sh
[root @ localhost ~] # CAT /usr/local/nginx/logs/access.log    // After running the script log is empty
[root @ localhost ~] # cd / usr / local / nginx / logs /
[root @ localhost logs] # LS                                                   
access.log BAK error.log nginx.pid                                      // generate a backup directory
[root @ localhost logs] # cd BAK        
[root @ localhost BAK] # LS
access.log -20190912   // backup file is generated                                                       
[the root @ localhost BAK] # CAT-20,190,912 the access.log
192.168.200.111 - - [13 is / On Sep / 2019: 10: 32:. 11 +0800] "the HEAD / the HTTP / 1.1" 200 is 0 "-" "curl / 7.29.0"
192.168.200.111 - - [13 is / On Sep / 2019: 10: 35: 53 is +0800] "the HEAD / the HTTP / 1.1" 200 is 0 "-" "curl / 7.29.0" // backup log to the log previously generated

[root @ localhost BAK] # cd
[root @ localhost ~] # chmod + the X-fenge.sh  to add execute permissions on script 0:00 every day to perform
[root @ localhost ~] # crontab -e

0 0 * * * /root/fenge.sh

V. Nginx configuration to achieve link timeout

 

VI. Change the number of processes running Nginx

 

VII. Configuring Nginx web page compression to achieve

 

VIII. Configuring Nginx achieve security chain function

 

IX. FPM modules for parameter optimization

 

Ten .Nginx add access control to directory

 

XI. Custom Error Pages

 

XII. Automatic indexing

 

XIII. Separation end mobile phones and computer terminals by UA

 

Fourteen .Nginx smooth upgrade version

 

Guess you like

Origin www.cnblogs.com/zhiyuan-yu/p/11516538.html
Recommended
The United States plans to restrict the export of large AI models to China and Russia
Apple to reach agreement with OpenAI to bring ChatGPT to iPhone
Ranking
whisper-webui installation tutorial is silky and easy to use
[Base] Laravel concepts laravel basis, the custom service provider: Contracts, ServiceContainer, ServiceProvider, Facades relations
Import torchvision error problem solving DLL: module not found
observer & watch & notify = pub & sub
A small turntable program [HTML + CSS + JS]
CorelDRAW 2018 shortcuts Daquan
Supervise el botón de menú para lograr un gatillo de presión prolongada
JS将时间秒转换成天小时分钟秒的字符串
RIP basic configuration
[Deleted] solution to a problem a few questions (Noip1994)
Daily
More
2024-05-11(32)
2024-05-10(34)
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)
2024-05-03(8)
2024-05-02(0)

Code World

© 2018 codetd.com