5.Nginx log configuration
Nginx has a very flexible logging mode. Each level configuration can have a separate access log. Log Format command definition format by log_format
1.log_format instruction
# 配置语法:包括:error.log access.log Syntax: log_format name [escape=default|json|none] string ...; Default: log_format combined "..."; Context: http # 默认Nginx定义的日志语法 log_format main '$remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"';
10.0.1.1 - - [07/Feb/2020:12:50:29 +0800] "GET /img/favicon.png HTTP/1.1" 401 581 "http://www.xiao.com/" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36" "-"
# Nginx log format allows variable contains $ remote_addr # records the IP address of the client $ remote_user # record the client's user name $ body_bytes_sent # to a number of bytes of the client, not including the size of the head in response to the IP address of $ http_x_forwarded_for # record client $ http_user_agent # records information about the browser client $ http_referer # records over which page link from the access of $ bytes_sent # sent to the client's bytes $ connection # connecting serial number $ connection_requests # the current request number (issued by connecting 1.1 . 18 ) the time when the log writing $ msec # (in milliseconds), in milliseconds $ pipe # "p" (if the request has been passed) otherwise ,. "" the method of recording $ request # request and the request protocol $ request_length # request length (including the request line, header, and body of the request) $ request_time # claim milliseconds of processing time (in milliseconds); first byte is read from the client to the last byte of the log passes between the sending to the client after the write time $ status # responded state $ time_iso8601 # ISO 8601 standard format local time local time $ time_local # common log format
# Note: If Nginx is located in the load balancer, nginx reverse proxy after, web server can not obtain directly to the client's real IP address.
# $ Remote_addr get a reverse proxy IP address. Reverse proxy server in the http header information to forward the request.
# X-Forward-For increasing the information used to record the server address and the IP address of the client requesting the client.
2.access_log instruction
Syntax: access_log path [format [buffer=size] [gzip[=level]] [flush=time] [if=condition]]; access_log off; Default: access_log logs/access.log combined; Context: http, server, location, if in location, limit_except Example: server { ... access_log /var/log/nginx/www.oldboy.com.log main; ... }
$http_x_forwarded_for
6.Nginx virtual site
Environment: Implementing multiple sites on a single server hosting business: minicomputer unix workstation unix X86 server implementations on virtual hosts: IP-based different IP -based port *** same IP, different port -based domain *** ** same IP, same port, different domain name
Demand, the company needs three sites, namely, www, bbs, blog
Solution 1: IP-based virtual hosts
1 ) Create a directory mkdir -p / var / WWW / (WWW, BBS, Blog) 2 ) creates a corresponding profile Vim /etc/nginx/conf.d/ www.conf Server { the listen 172.16 . 1.7 : 80 ; server_name WWW .xiao.com; LOCATION / { the root / var / WWW / WWW; index index.html; } } Vim /etc/nginx/conf.d/ bbs.conf Server { the listen 172.16 . 1.8 : 80 ; server_name bbs.xiao. com; location / { root /var/www/bbs; index index.html; } } vim /etc/nginx/conf.d/blog.conf server { listen 172.16.1.9:80; server_name blog.xiao.com; location / { root /var/www/blog; index index.html; } }
Solution 2: based on port
vim /etc/nginx/conf.d/www.conf server { listen 80; server_name www.xiao.com; location / { root /var/www/www; index index.html; } } vim /etc/nginx/conf.d/bbs.conf server { listen 81; server_name bbs.xiao.com; location / { root /var/www/bbs; index index.html; } } vim /etc/nginx/conf.d/blog.conf server { the listen82 ; server_name blog.xiao.com; LOCATION / { the root / var / WWW / Blog; index index.html; } } . 3 ) grammar test, reload Nginx Nginx - T Nginx - S reload . 4 ) Write hosts resolved 10.0 . 1.7 bbs.xiao.com blog.xiao.com www.xiao.com [web01 the root @ ~] # mkdir -p / var / WWW / {WWW, BBS, Blog} [web01 the root @ ~] # echo WWW> / var / WWW / WWW / index.html [web01 the root @ ~] # echo BBS> / var / WWW / BBS / index.html [web01 the root @ ~] # echo Blog> / var / WWW / Blog / index.html verification result: in the verification process, plus 81 after use www.xiao.com 82 port numbers, can have access to bbs.xiao.com, blog.xiao.com home page, on the contrary, like
Solution 3: name-based
vim /etc/nginx/conf.d/www.conf server { listen 80; server_name www.xiao.com; location / { root /var/www/www; index index.html; } } vim /etc/nginx/conf.d/bbs.conf server { listen 80; server_name bbs.xiao.com; location / { root /var/www/bbs; index index.html; } } vim /etc/nginx/conf.d/blog.conf server { the listen 80 ; server_name blog.xiao.com; LOCATION / { the root / var / WWW / Blog; index index.html; } } . 3 ) grammar test, reload Nginx Nginx - T Nginx - S reload . 4 ) Write hosts resolved 10.0 . 1.7 www.xiao.com bbs.xiao.com blog.xiao.com 5 ) test HTTP: // www.xiao.com/ HTTP: // bbs.xiao.com/ HTTP: // blog.xiao.com/
Increased demand: the implementation of each separate site log
1 ) modify the configuration file / etc / Nginx / nginx.conf # access_log / var / log / Nginx / the access.log main; /etc/nginx/conf.d/ www.conf access_log / code / log / www.xiao.com main .log; /etc/nginx/conf.d/ bbs.conf access_log / code / log / bbs.xiao.com.log main; /etc/nginx/conf.d/ blog.conf access_log / code / log / Blog main .xiao.com.log; 2 ) creates the directory [web01 the root @ ~] # mkdir -p / code / log
7.Nginx Location
Use Nginx Location can control access to the site path
Priority matching rule matcher = exact match 1 ^ ~ characters beginning with a 2 - a case-sensitive match regular 3 ~ * regular case-insensitive matching 4 ! ~ Not case-sensitive match the regular 5 ! ~ * Not n distinguish the case does not match the 6 / generic matches, any requests are matched to 7
Location scenarios
# Generic matches, will be matched to any request LOCATION / { } # strict case-sensitive, the match ending in .php are taking this LOCATION LOCATION ~ \ .php $ { fastcgi_pass HTTP: // 127.0.0.1:9000; } # stringent case-sensitive, the match ending in .jsp are taking this LOCATION LOCATION ~ \ .jsp $ { proxy_pass HTTP: // 127.0.0.1:8080; } # case-insensitive match, as long as the user accesses .jpg, gif, png, js, css have to take this LOCATION LOCATION ~ * * \ (JPG | PNG | GIF | JS |.. CSS) {$ rewrite (. HTTP: *) // CDN: xiao.com $ requet_uri; } # insensitive write matches LOCATION ~ * ". \ (SQL | BAK | tgz | tar.gz | .git) $ " { default_type text / HTML; return 403 " Enable Access Control success " ; }