NGINX common module (II)

5.Nginx log configuration

Nginx has a very flexible logging mode. Each level configuration can have a separate access log. Log Format command definition format by log_format

1.log_format instruction

# 配置语法：包括：error.log access.log
Syntax:    log_format name [escape=default|json|none] string ...;
Default:    
log_format combined "...";
Context:    http

# 默认Nginx定义的日志语法
log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                  '$status $body_bytes_sent "$http_referer" '
                  '"$http_user_agent" "$http_x_forwarded_for"';

10.0.1.1 - - [07/Feb/2020:12:50:29 +0800] "GET /img/favicon.png HTTP/1.1" 401 581 "http://www.xiao.com/" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36" "-"

# Nginx log format allows variable contains 
$ remote_addr # records the IP address of the client 
$ remote_user # record the client's user name 
$ body_bytes_sent # to a number of bytes of the client, not including the size of the head in response to the 
IP address of $ http_x_forwarded_for # record client 
$ http_user_agent # records information about the browser client     
$ http_referer # records over which page link from the access of 
$ bytes_sent # sent to the client's bytes 
$ connection # connecting serial number 
$ connection_requests # the current request number (issued by connecting 1.1 . 18 ) 
the time when the log writing $ msec # (in milliseconds), in milliseconds 
$ pipe # "p" (if the request has been passed) otherwise ,. "" 
the method of recording $ request # request and the request protocol 
$ request_length # request length (including the request line, header, and body of the request)
$ request_time # claim milliseconds of processing time (in milliseconds); first byte is read from the client to the last byte of the log passes between the sending to the client after the write time
$ status # responded state 
$ time_iso8601 # ISO 8601 standard format local time 
local time $ time_local # common log format

# Note: If Nginx is located in the load balancer, nginx reverse proxy after, web server can not obtain directly to the client's real IP address.
# $ Remote_addr get a reverse proxy IP address. Reverse proxy server in the http header information to forward the request.
# X-Forward-For increasing the information used to record the server address and the IP address of the client requesting the client.

2.access_log instruction

Syntax:    access_log path [format [buffer=size] [gzip[=level]] [flush=time] [if=condition]];
access_log off;
Default:    
access_log logs/access.log combined;
Context:    http, server, location, if in location, limit_except

Example:
server {
    ...
    access_log /var/log/nginx/www.oldboy.com.log main;
    ...
}

 $http_x_forwarded_for

 

6.Nginx virtual site

Environment: Implementing multiple sites on a single server 
hosting business: 
    minicomputer 
        unix 
    workstation 
        unix 
    X86 server 

implementations on virtual hosts: 
IP-based      
    different IP 
-based port *** 
    same IP, different port 
-based domain *** ** 
    same IP, same port, different domain name

Demand, the company needs three sites, namely, www, bbs, blog

Solution 1: IP-based virtual hosts

1 ) Create a directory
 mkdir -p / var / WWW / (WWW, BBS, Blog) 

2 ) creates a corresponding profile 
Vim /etc/nginx/conf.d/ www.conf 
Server { 
    the listen 172.16 . 1.7 : 80 ; 
    server_name WWW .xiao.com; 
    
    LOCATION / { 
        the root / var / WWW / WWW; 
        index index.html; 
    } 
} 

Vim /etc/nginx/conf.d/ bbs.conf 
Server { 
    the listen 172.16 . 1.8 : 80 ; 
    server_name bbs.xiao. com;
    
    location / {
        root /var/www/bbs;
        index index.html;
    }
}

vim /etc/nginx/conf.d/blog.conf
server {
    listen 172.16.1.9:80;
    server_name blog.xiao.com;
    
    location / {
        root /var/www/blog;
        index index.html;
    }
}

Solution 2: based on port

vim /etc/nginx/conf.d/www.conf
server {
    listen 80;
    server_name www.xiao.com;
    
    location / {
        root /var/www/www;
        index index.html;
    }
}

vim /etc/nginx/conf.d/bbs.conf
server {
    listen 81;
    server_name bbs.xiao.com;
    
    location / {
        root /var/www/bbs;
        index index.html;
    }
}

vim /etc/nginx/conf.d/blog.conf
server {
    the listen82 ; 
    server_name blog.xiao.com; 
    
    LOCATION / { 
        the root / var / WWW / Blog; 
        index index.html; 
    } 
} 

. 3 ) grammar test, reload Nginx 
Nginx - T 
Nginx - S reload 

. 4 ) Write hosts resolved
 10.0 . 1.7 bbs.xiao.com blog.xiao.com www.xiao.com 

[web01 the root @ ~] # mkdir -p / var / WWW / {WWW, BBS, Blog} 
[web01 the root @ ~] # echo WWW> / var / WWW / WWW / index.html 
[web01 the root @ ~] # echo BBS> / var / WWW / BBS / index.html 
[web01 the root @ ~] # echo Blog> / var / WWW / Blog / index.html 
verification result: 
in the verification process, plus 81 after use www.xiao.com 82 port numbers, can have access to bbs.xiao.com, blog.xiao.com home page, on the contrary, like

Solution 3: name-based

vim /etc/nginx/conf.d/www.conf
server {
    listen 80;
    server_name www.xiao.com;
    
    location / {
        root /var/www/www;
        index index.html;
    }
}

vim /etc/nginx/conf.d/bbs.conf
server {
    listen 80;
    server_name bbs.xiao.com;
    
    location / {
        root /var/www/bbs;
        index index.html;
    }
}

vim /etc/nginx/conf.d/blog.conf
server {
    the listen 80 ; 
    server_name blog.xiao.com; 
    
    LOCATION / { 
        the root / var / WWW / Blog; 
        index index.html; 
    } 
} 

. 3 ) grammar test, reload Nginx 
Nginx - T 
Nginx - S reload 

. 4 ) Write hosts resolved
 10.0 . 1.7 www.xiao.com bbs.xiao.com blog.xiao.com 

5 ) test 
HTTP: // www.xiao.com/ 
HTTP: // bbs.xiao.com/ 
HTTP: // blog.xiao.com/

Increased demand: the implementation of each separate site log

1 ) modify the configuration file
 / etc / Nginx / nginx.conf 
# access_log   / var / log / Nginx / the access.log main;

 /etc/nginx/conf.d/ www.conf 
    access_log / code / log / www.xiao.com main .log;
 /etc/nginx/conf.d/ bbs.conf 
    access_log / code / log / bbs.xiao.com.log main;
 /etc/nginx/conf.d/ blog.conf 
    access_log / code / log / Blog main .xiao.com.log;     
    
2 ) creates the directory 
[web01 the root @ ~] # mkdir -p / code / log

 

7.Nginx Location

Use Nginx Location can control access to the site path

Priority matching rule matcher
 = exact match                         1 
^ ~ characters beginning with a                    2 
- a case-sensitive match regular               3 
~ * regular case-insensitive matching             4 
! ~ Not case-sensitive match the regular             5 
! ~ * Not n distinguish the case does not match the            6 
/ generic matches, any requests are matched to         7

Location scenarios

# Generic matches, will be matched to any request 
LOCATION / { 

} 

# strict case-sensitive, the match ending in .php are taking this LOCATION 
LOCATION ~ \ .php $ { 
    fastcgi_pass HTTP: // 127.0.0.1:9000; 
} 

# stringent case-sensitive, the match ending in .jsp are taking this LOCATION 
LOCATION ~ \ .jsp $ { 
    proxy_pass HTTP: // 127.0.0.1:8080; 
} 

# case-insensitive match, as long as the user accesses .jpg, gif, png, js, css have to take this LOCATION 
LOCATION ~ * * \ (JPG | PNG | GIF | JS |.. CSS) {$ 
    rewrite (. HTTP: *) // CDN: xiao.com $ requet_uri; 
} 

# insensitive write matches 
LOCATION ~ * ". \ (SQL | BAK | tgz | tar.gz | .git) $ " { 
    default_type text / HTML; 
    return 403  " Enable Access Control success " ; 
}