nginx depth optimization - Hide the version number, log splitting, caching

Content Highlights:

Hide the version number
Web cache
Log split

Hide the version number

Two configuration methods:

Modify the configuration file method
Modify the source code law

First, modify the configuration file method:

[root @ localhost init.d] # curl -I http://192.168.13.140/ ## to view the information Nginx
HTTP / 1.1 200 the OK
Server: nginx / ## 1.12.2 version number is displayed
Date: Tue, 12 Nov 2019 14 : 23 is: 24 GMT
the Content-the Type: text / the htmlContent-the Length: 612
Last-Modified: Tue, 12 is-Nov 2019 13:46:35 GMT
Connection: Keep-Alive
the ETag: "5dcab7bb-264" the Accept-Ranges: bytes
[the root @localhost init.d] # vim /usr/local/nginx/conf/nginx.conf ## to modify the configuration file

http {## added at HTTP
        the include the mime.types;
        default_type file application / OCTET-Stream;
        server_tokens OFF; ## Close the version number

[root @ localhost init.d] # service nginx stop ## closed services
[root @ localhost init.d] # service nginx start ## open service
[root @ localhost init.d] # curl -I http://192.168.13.140/ ## View Nginx information
HTTP / 1.1 200 the OK
Server: nginx version number ## is hidden
Date: Tue, 12 Nov 2019 14:22 : GMT 00
Content-Type: text / HTML
Content-the Length: 612Last-Modified: Tue, 12 Nov 2019 13:46:35
GMTConnection: the Keep-Alive
the ETag: "5dcab7bb-264"
the Accept-Ranges: bytes

Use curl -I command detection, you can see the version number

Again using curl -I query

Second, the counterfeit version number (recompiling installation can operate the installation before compilation)

[root @ localhost ~] # cd /opt/nginx-1.12.1/src/core 
[root @ localhost Core] # vim nginx.h into the configuration file revision number you want to show 
[root @ localhost core] # cd ../../ 
[@ localhost Nginx the root-1.12.2] # ./configure \ recompilation 
> --prefix = / usr / local / Nginx \ 
> --user = Nginx \ 
> = Nginx --group \ 
> --with-http_stub_status_module

Restart nginx service, check the version information

[root@localhost nginx-1.12.2]# service nginx stop  ##关闭
[root@localhost nginx-1.12.2]# service nginx start  ##开启
[root@localhost nginx-1.12.2]# curl -I http://192.168.13.140/   ##查看Nginx信息
HTTP/1.1 200 OK
Server: nginx/1.1.1       ##此时的版本号就是伪造的版本号
Date: Tue, 12 Nov 2019 14:34:02
GMTContent-Type: text/htmlContent-Length: 612
Last-Modified: Tue, 12 Nov 2019 13:46:35
GMTConnection: keep-alive
ETag: "5dcab7bb-264"
Accept-Ranges: bytes

网页缓存时间

当Nginx将网页数据返回给客户端后，可设置缓存时间，以方便在日后进行相同内容的请求时直接返回，避免重复请求，加快了访问速度
一般针对静态网页设置，对动态网页不设置缓存时间
可在Windows客户端中使用fiddler查看网页缓存时间

配置方法：

可修改配置文件，在http段，或者server段，或者location段加入对特定内容的过期参数

1、将测试图片复制至nginx网页站点目录下

[root@localhost mnt]# cp test.jpg /usr/local/nginx/html/   ##复制图片到站点中
[root@localhost mnt]# cd /usr/local/nginx/html/    ##切换到站点下
[root@localhost html]# ls
test.jpg  50x.html  index.ht

2、修改网页信息，将测试图片添加到index.html文件中

[root@localhost html]# vim index.html ##修改网页信息

</head>
<body>
<h1>Welcome to nginx!</h1>
<img src="test.jpg"/> ##加入图片到网页中

3、修改配置文件信息，添加缓存时间

[root@localhost html]# vim /usr/local/nginx/conf/nginx.conf   ##修改配置文件events {
        worker_connections  1024;
}
        user nginx nginx;     ##修改Nginx用户和组

    # deny access to .htaccess files, if Apache's document root
    # concurs with nginx's one
    #
    location ~\.(gif|jepg|jpg|ico|bmp|png)$ {     ##支持图片格式
        root html;     ##站点
        expires 1d;   ##缓存一天
        }
[root@localhost html]# service nginx stop   ##关闭开启服务[root@localhost html]# service nginx start

4、访问网页，使用fiddler查看缓存

Nginx Optimization - hide the version number, the page cache, log splitting (a)

nginx的日志分割

随着Nginx运行时间增加，日志也会增加。为了方便掌握Nginx运行状态，需要时刻关注日志文件
太大的日志文件对监控是一个大灾难定期进行日志文件的切割
Nginx自身不具备日志分割处理的功能,但可以通过Nginx信号控制功能的脚本实现日志的自动切割，并通过Linux的计划任务周期性的进行日志切割

1、编写日志分割脚本文件

[root@localhost ~]# vim fenge.sh  ##编写脚本文件
#!/bin/bash
#Filename:fenge.sh
d=$(date -d "-1 day" "+%Y%m%d")        ##显示一天前的时间
logs_path="/var/log/nginx"                      ##分割日志的保存路径
pid_path="/usr/local/nginx/logs/nginx.pid"    ##pid的路径
[ -d $logs_path ] || mkdir -p $logs_path  ##没有目录则创建目录
mv /usr/local/nginx/logs/access.log ${logs_path}/test.com-access.log-$d
##原有日志文件生成到新路径下
kill -USR1 $(cat $pid_path)  ##结束重新生成新的pid文件
find $logs_path -mtime +30 | xargs rm -rf  ##删除30天前的日志文件

[root@localhost ~]# chmod +x fenge.sh ##给执行权限
[root@localhost ~]# ./fenge.sh ##执行脚本文件

2、查看日志分割情况

[root @ localhost ~] # cd / var / log / nginx / ## switches to the next directory Nginx log
[Nginx the root @ localhost] #-lstest.com the access.log-20,191,112
[the root @ localhost Nginx] -s # DATE 2019-11-14 ## modified date for tomorrow's time
November 14, 2019 CST Thursday 00:00:00
[root @ localhost nginx] # cd ~
[root @ localhost ~] # ./fenge.sh ## again execute scripts
[root @ localhost ~] # cd / var / log / nginx /
[root @ localhost nginx] # ## View log split LS log file
test.com-access.log-20191112 test.com-access.log -20191113

3, set up a recurring scheduled tasks, regular division

[root @ localhost nginx] # crontab -e ## periodically scheduled task
0 1 * * * /opt/fenge.sh

More nginx optimization state statistics, access control, etc., into my home page view

nginx depth optimization - Hide the version number, log splitting, caching

Guess you like