做个lnmp环境下 nginx.conf的常见配置说明
vim /usr/local/nginx/conf/nginx.conf 使用如下配置
user nobody nobody; //nginx子进程的用户 worker_processes 2; //nginx子进程个数 error_log /usr/local/nginx/logs/nginx_error.log debug; //错误日志路径及日志级别 debug调试用内容最详细 、一般用crit pid /usr/local/nginx/logs/nginx.pid; //nginx的进程pid worker_rlimit_nofile 51200; events { use epoll; worker_connections 6000; } http { include mime.types; default_type application/octet-stream; server_names_hash_bucket_size 3526; server_names_hash_max_size 4096; log_format main ‘$proxy_add_x_forwarded_for - $remote_user [$time_local] ‘ ‘"$request" $status $body_bytes_sent ‘ ‘"$http_referer" "$http_user_agent"‘; //日志保存格式 sendfile on; tcp_nopush on; keepalive_timeout 30; client_header_timeout 3m; client_body_timeout 3m; send_timeout 3m; connection_pool_size 256; client_header_buffer_size 1k; large_client_header_buffers 8 4k; request_pool_size 4k; output_buffers 4 32k; postpone_output 1460; client_max_body_size 10m; client_body_buffer_size 256k; client_body_temp_path /usr/local/nginx/client_body_temp; proxy_temp_path /usr/local/nginx/proxy_temp; fastcgi_temp_path /usr/local/nginx/fastcgi_temp; fastcgi_intercept_errors on; tcp_nodelay on; gzip on; gzip_min_length 1k; gzip_buffers 4 8k; gzip_comp_level 5; gzip_http_version 1.1; gzip_types text/plain application/x-javascript text/css text/htm application/xml; server { listen 80; server_name --//域名 index index.html index.htm index.php; root /usr/local/nginx/html; --//对应的目录 location ~ \.php$ { include fastcgi_params; fastcgi_pass unix:/tmp/php-fcgi.sock; --//路径可以是sock 也可以是IP:PORT格式 fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME /usr/local/nginx/html$fastcgi_script_name; } --//这部分是PHP解析设置 } include /usr/local/nginx/conf/vhosts/*.conf; }
需要增加虚拟机的可以在/usr/local/nginx/conf/vhosts/目录下添加
我用的是discuz论坛 配置如下
vim /usr/local/nginx/conf/vhosts/discuz.conf
添加如下内容:
server { listen 80; server_name www.discuz.com --//双域名 discuz 和 bbc1 if ($host != ‘www.discuz.com‘ ) { rewrite ^/(.*)$ http://www.discuz.com/$1 permanent; } --//域名跳转指向www.discuz.com index index.html index.htm index.php; root /data/www; location ~ .*rc/w/ { auth_basic "Auth"; --//认证窗口名 可以随意取 auth_basic_user_file /usr/local/nginx/conf/htpasswd; --//认证用户名和密码保存路径 include fastcgi_params; --//如果无php解析这部分可以不要 fastcgi_pass unix:/tmp/php-fcgi.sock; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME /data/www$fastcgi_script_name; } --//针对目录做的一个认证 location ~ admin\.php$ { auth_basic "Auth"; auth_basic_user_file /usr/local/nginx/conf/htpasswd; include fastcgi_params; fastcgi_pass unix:/tmp/php-fcgi.sock; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME /data/www$fastcgi_script_name; } --//针对admin.php单独做的一个认证 ,提高后台安全性 location ~ \.php$ { include fastcgi_params; fastcgi_pass unix:/tmp/php-fcgi.sock; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME /data/www$fastcgi_script_name; } --//php解析模块 location ~ .*\.(jpg|gif|jpeg|png|js|css)$ { --//文件类型可以根据实际情况添加 expires 30d; --//设置缓存时间30天 access_log off; --//针对以上合适不设置日志记录 valid_referers none blocked server_names *.taobao.com *.baidu.com *.google.com *.google.cn *.soso.com *.apelearn.com; --//设置防盗链,只有这些网址可以使用本站链接 if ($invalid_referer) { return 403; # rewrite ^/ http://www.example.com/nophoto.gif; } --//不属于以上网站的全部返回403 #allow 192.168.205.128; --//允许单个IP #allow 127.0.0.1 #allow 10.0.1.0/24; --//允许IP段 #deny all; --//这部分是对ip的限制 include deny.ip; --//也可以在conf目录下创建一个deny.ip在里面对ip进行限制 }
以上是基本的配置,其他的配置以后再说吧
时间: 2024-10-29 19:08:55