Nginx虛擬主機常用配置(學習筆記四)

sktj發表於2018-05-16
Nginx筆記

1、

upstream test_1633_pool {

server 10.160.51.75:8200 weight=10 max_fails=2 fail_timeout=600s;

server 10.168.246.204:8200 weight=10 max_fails=2 fail_timeout=600s backup;

}

upstream i_1633_pool {

ip_hash;

server 10.160.12.61:8001 weight=10 max_fails=2 fail_timeout=300s;

server 10.160.12.62:8001 weight=10 max_fails=2 fail_timeout=300s;

}

upstream tag_1633_pool {

server 10.160.51.75:8022 weight=10 max_fails=2 fail_timeout=30s;

server 10.168.246.204:8022 weight=10 max_fails=2 fail_timeout=600s down;

}

2、#stub_status開啟狀態檢視

server {

        listen 9001;

    location ~ /nginx_status {

    stub_status on;

    access_log off;

  allow 117.25.164.2;

      allow 117.25.172.106;

      allow 127.0.0.1;

    deny all;

    }

}

3、#負載均衡,重寫

server {

        listen  80;

        charset utf-8;

        server_name  xxxx.com;

access_log  /usr/local/wwwroot/xxx.log;

if ( $request_uri = “/” ) {

rewrite “/” /index/home/ break;

}

location  / {

                  proxy_set_header Host $host;

proxy_set_header x-real-IP $remote_addr;

        proxy_pass http://hr_1633_pool;

}

include drop_sql.conf;

}

4、#permanent重寫

location / {

                        rewrite ^/(.*)$ http://www.1633.com/jimei/ permanent;                   

proxy_set_header x-real-IP $remote_addr;

                        }

5、#圖片檔案快取7天

location ~ .*.(gif|jpg|jpeg|png|bmp|swf|js|apk)$

{

                        proxy_pass http://10.165.12.250:8002;

expires 7d;

}

6、#rewrite

rewrite ^/service/(.*) /$1 break;

7、#proxy_next_upstream 設定出現500錯誤後,跳轉到另外的伺服器

location / {

proxy_next_upstream http_500 http_502 http_503 http_504 error timeout invalid_header;

                  proxy_set_header Host $host;

                        rewrite ^/about.shtml  http://xxx/bbs/html/mobile/about.html  break;

                        proxy_pass http://10.160.12.63:8007;

proxy_set_header x-real-IP $remote_addr;

                if ($request_uri ~ ^/about.shtml) {

                        rewrite ^/about.shtml  /bbs/html/mobile/about.html  break;

                    proxy_pass http://bbs_xx_pool;

                          }

  }

8、#break後繼續執行

location / {

                  proxy_set_header Host $host;

                        rewrite ^/$  /web/login.do  break;

                        proxy_pass http://10.132.83.149:8088;

proxy_set_header x-real-IP $remote_addr;

                        }

9、#ssl配置,監聽443

server {

        listen  80;

        listen  443 ssl;

        listen [::]:80 ipv6only=on;

        charset utf-8;

        server_name  xxx;

        server_name  xxxxxx;

ssl_certificate  /usr/local/nginx/key/lsfwebos.pem;

ssl_certificate_key /usr/local/nginx/key/lsfwebos.key;

ssl_session_timeout 5m;

ssl_protocols TLSv1 TLSv1.1 TLSv1.2;

ssl_ciphers AESGCM:ALL:!DH:!EXPORT:!RC4:+HIGH:!MEDIUM:!LOW:!aNULL:!eNULL;

ssl_prefer_server_ciphers on;

location / {

proxy_next_upstream http_500 http_502 http_503 http_504 error timeout invalid_header;

                  proxy_set_header Host $host;

                        proxy_pass http://xxxx_pool;

proxy_set_header x-real-IP $remote_addr;

                        }

include drop_sql.conf;

                  }

10、#query_string 判斷查詢字串

if ( $query_string ~ “fak=5649380bd13b4701c4099287” ){

         rewrite ^/review/  /review/?$query_string last;

    }

11、#valid_referers 只允許某些域名的請求

location /upload/ {

  valid_referers  blocked  certify.keyibao.com admin.keyibao.com *.hn51js.gov.cn *.haixia.gov.cn *.xmdxy.gov.cn *.1633.com *.sztat.gov.cn *.tky.gov.cn *.qh1633.com *.ztkj.gov.cn  *.lgttc.com  *.gctt.gov.cn *.xa1633.com *.hncd1633.com *.xmbio.gov.cn *.jjky.gov.cn *.k8008.com *.xctrm.com *.vtitt.com *.scsttc.com *.pszj.pxkc.com.cn *.zjk.jjkjw.gov.cn *.xmsme.gov.cn *.lnjssc.gov.cn *.xyskj.gov.cn *.hhkc.gov.cn *.fjcctt.cn *.dgiptts.com *.kjzbsc.com *.xmdxy.net.cn *.xmhc-bio.com *.fky.gov.cn *.lystis.cn *.ysqkjy.gov.cn *.gljkfhq.com *.226.34 *.226.34:8003;

  if ($invalid_referer) {

    return  404;

    break;

}

proxy_pass http://10.160.12.66:805;

}

12、#!~  ~

location !^/html/build.html$ {

rewrite (.*) /html/build.html permanent;

}

13、#host引數

location / {

#proxy_set_header Host $host;

        if ($host ~ ^policy.test.gov.cn) {

rewrite ^/(.*) /hn51js_G20.shtml break;

                    proxy_pass http://10.132.61.215:8005;

          }

                        proxy_pass http://10.160.12.65:809;

proxy_set_header x-real-IP $remote_addr;

        }

14、#host  防止爬蟲

if ($host = `xxxx.com`) {

rewrite ^(.*)$ http://www.xxxx.com$1 permanent;

}

location = /robots.txt {

    if ($http_user_agent !~* “spider|bot|Python-urllib|pycurl”) {

        return 403;

    }

}

15、#開啟目錄列表

#nginx開啟目錄列表

autoindex on;//自動顯示目錄

    autoindex_exact_size off;//人性化方式顯示檔案大小否則以byte顯示

    autoindex_localtime on;//按伺服器時間顯示,否則以gmt時間顯示


相關文章