Outline
As a front-end, I think we must learn to use nginx to dry the following things:
- Acting static resources
- Setting up a Reverse Proxy (add https)
- Setting Cache
- Set log
- Smtp service deployment
- Set redis cache (selected)
Here I follow the rhythm eleven research again, the experience recorded for later reference when developing, we believe it is useful to others.
References:
Front-end engineers learn Nginx Beginners
Setting up a Reverse Proxy
Why is it called a reverse proxy? Because most of the proxy is a proxy client, and if we want a proxy server, if the reverse, as it is called reverse proxy. So we put a proxy server called a proxy reverse proxy.
nginx reverse proxy set up inside only need to use proxy_pass instructions on it. In this particular document Module ngx_http_proxy_module . Examples are as follows:
events {
# worker_connections 1024; ## Default: 1024
}
http {
server {
listen 8767;
server_name 192.168.2.32;
location / {
root /Users/zhouyang/Documents/tencent/test/local-nginx;
}
location /baidu {
proxy_pass http://www.baidu.com;
}
}
}
We execute the following command at the bash, then open 192.168.2.32:8767/baidu will automatically jump to Baidu. (Note: 192.168.2.32 here to change your ip address).
nginx -s quit // 优雅退出
nginx -c /Users/zhouyang/Documents/tencent/test/local-nginx/nginx.conf // 使用指令目录下的配置文件启动 nginx
Setting Jump
1. The jump url. The url jump is also very simple, the code can be read as follows:
events {
# worker_connections 1024; ## Default: 1024
}
http {
server {
listen 8767;
server_name 192.168.2.32;
location / {
root /Users/zhouyang/Documents/tencent/test/local-nginx;
}
location /baidu {
proxy_pass http://www.baidu.com;
}
location /yaya {
return 302 /baidu;
}
}
}
We execute the following command in bash, then open 192.168.2.32:8767/yaya, it will automatically jump to 192.168.2.32:8767/yaya, finally automatically jump to Baidu. (Note: 192.168.2.32 here to change your ip address).
nginx -s quit // 优雅退出
nginx -c /Users/zhouyang/Documents/tencent/test/local-nginx/nginx.conf // 使用指令目录下的配置文件启动 nginx
2. Skip according referer. The url jump is also very simple, the code can be changed as follows. In this particular document Module ngx_http_referer_module .
events {
# worker_connections 1024; ## Default: 1024
}
http {
server {
listen 8767;
server_name 192.168.2.32;
location / {
root /Users/zhouyang/Documents/tencent/test/local-nginx;
}
location /haha {
valid_referers none blocked server_names
*.example.com example.* www.example.org/galleries/
~\.google\.;
if ($invalid_referer = '') {
return 401;
}
}
location /baidu {
proxy_pass http://www.baidu.com;
}
location /yaya {
return 302 /baidu;
}
}
}
We execute the following command in bash, then open 192.168.2.32:8767/haha, will see a 401 Forbidden. (Note: 192.168.2.32 here to change your ip address).
Note: nginx based matching valid_referers listed, if the internal variables are automatically assigned $ invalid_referer match the empty string, if it does not match the string is automatically assigned to '1'.
nginx -s quit // 优雅退出
nginx -c /Users/zhouyang/Documents/tencent/test/local-nginx/nginx.conf // 使用指令目录下的配置文件启动 nginx
Control access based on ip address
We can also control access based on ip address, some of ban ip access. Examples are as follows:
events {
# worker_connections 1024; ## Default: 1024
}
http {
server {
listen 8767;
server_name 192.168.2.32;
location / {
deny 192.168.2.32;
root /Users/zhouyang/Documents/tencent/test/local-nginx;
}
location /haha {
valid_referers none blocked server_names
*.example.com example.* www.example.org/galleries/
~\.google\.;
if ($invalid_referer = '') {
return 401;
}
}
location /baidu {
proxy_pass http://www.baidu.com;
}
location /yaya {
return 302 /baidu;
}
}
}
Above we banned 192.168.2.32 access 192.168.2.32:8767, but because nginx matching mechanism, or can access other routes.
Load Balancing
We can also do load balancing, specific document here Module ngx_http_upstream_module .
I do not have in-depth study, to study in depth, then you can look at a document and find information.
Add https
Since I still apply for AWS EC2 , so wait to come back after you sign up to add.