目录索引模块 ngx_http_autoindex_module
1)语法
|
1 2 3 |
Syntax: autoindex on | off; Default: autoindex off; Context: http, server, location |
2)配置
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 |
[root@web02 /etc/nginx/conf.d]# vim mali.conf server { listen 80; server_name www.mali.com; location / { root /code/zhiwu; index index.html; } location /download { root /code; autoindex on; index index.html; } } |
3)常用优化参数
|
1 2 3 4 5 6 7 8 9 10 11 12 |
#显示文件字节大小 配置 on 显示字节 配置 off 显示方便读取的大小 K/M/G Syntax: autoindex_exact_size on | off; Default: autoindex_exact_size on; Context: http, server, location #显示时间,如果是off,时间与真实时间相差8小时,如果是on,是真实时间 Syntax: autoindex_localtime on | off; Default: autoindex_localtime off; Context: http, server, location #字符集问题 charset utf-8; |
4)完整配置
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 |
[root@web02 /etc/nginx/conf.d]# vim mali.conf server { listen 80; server_name www.mali.com; charset utf-8; location / { root /code/zhiwu; index index.html; } location /download { root /code; autoindex on; autoindex_exact_size off; autoindex_localtime on; index index.html; } } |
访问控制模块 ngx_http_access_module
1)语法
|
1 2 3 4 5 6 7 8 9 |
#允许访问的语法 Syntax: allow address | all; Default: — Context: http, server, location, limit_except #拒绝访问的语法 Syntax: deny address | all; Default: — Context: http, server, location, limit_except |
2)配置访问控制
案例一:
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 |
#要求允许10.0.0.1可以访问我的/download页面,其他网站不允许 [root@web02 /etc/nginx/conf.d]# cat mali.conf server { listen 80; server_name www.mali.com; charset utf-8; access_log /var/log/nginx/www.mali.com.log json; location / { root /code/zhiwu; index index.html; } location /download { root /code; autoindex on; autoindex_exact_size off; autoindex_localtime on; index index.html; allow 10.0.0.1; deny all; } } |
案例二:
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 |
#要求:10.0.0.1不能访问我的/download,其他网站都可以访问 [root@web02 /etc/nginx/conf.d]# cat mali.conf server { listen 80; server_name www.mali.com; charset utf-8; access_log /var/log/nginx/www.mali.com.log json; location / { root /code/zhiwu; index index.html; } location /download { root /code; autoindex on; autoindex_exact_size off; autoindex_localtime on; index index.html; deny 10.0.0.1; allow all; } } #all的配置不管是允许还是拒绝,都一定配置在最后 |
目录索引模块 ngx_http_autoindex_module
1)配置
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 |
[root@web02 /etc/nginx/conf.d]# vim test.conf server { listen 80; server_name www.test.com; location / { root /code; index index.html; } location /download { root /code; index index.html; autoindex on; } } |
2)优化参数
|
1 2 3 4 5 |
#显示文件大小,使用off autoindex_exact_size off; #显示确切文件修改时间 autoindex_localtime on; |
访问限制模块 ngx_http_access_module
1)语法
|
1 2 3 4 5 6 7 8 9 |
#开启认证控制,没有任何作用就是为了开启 Syntax: auth_basic string | off; Default: auth_basic off; Context: http, server, location, limit_except #指定用户认证的文件 Syntax: auth_basic_user_file file; Default: — Context: http, server, location, limit_except |
2)配置密码文件
|
1 2 3 4 5 6 7 8 9 10 11 12 13 |
#生成密码文件 [root@web02 /etc/nginx/conf.d]# htpasswd -c /etc/nginx/auth_basic lhd New password: Re-type new password: Adding password for user lhd #生成密码,在命令行输入密码 [root@web02 /etc/nginx/conf.d]# htpasswd -b -c /etc/nginx/auth_basic lhd linux Adding password for user lhd #查看 [root@web02 /etc/nginx/conf.d]# vim /etc/nginx/auth_basic lhd:$apr1$JmblF9to$jDnvQn1w7oETPYyvaL2OG. |
3)配置nginx
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 |
[root@web02 /etc/nginx/conf.d]# cat test.conf server { listen 80; server_name www.test.com; location / { root /code; index index.html; } location /download { root /code; index index.html; autoindex on; autoindex_exact_size off; autoindex_localtime on; allow 10.0.0.1; deny all; auth_basic "输入用户名和密码"; auth_basic_user_file /etc/nginx/auth_basic; } } |
4)添加多用户
|
1 2 3 4 5 6 7 8 9 |
#不添加-c参数可以添加多个用户 [root@web02 /etc/nginx/conf.d]# htpasswd /etc/nginx/auth_basic lhd New password: Re-type new password: Adding password for user lhd [root@web02 /etc/nginx/conf.d]# vim /etc/nginx/auth_basic qiudao:$apr1$UL89inf6$.59e04v5ILGHpkMs2xZzF. lhd:$apr1$9fOQ/hLl$DEugqKzv.0SNBziFMLdVZ1 |
nginx状态模块
1)语法
|
1 2 3 |
Syntax: stub_status; Default: — Context: server, location |
2)配置
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 |
[root@web02 /etc/nginx/conf.d]# cat test.conf server { listen 80; server_name www.test.com; location / { root /code; index index.html; } location /download { root /code; index index.html; autoindex on; autoindex_exact_size off; autoindex_localtime on; allow 10.0.0.1; deny all; auth_basic "输入用户名和密码"; auth_basic_user_file /etc/nginx/auth_basic; } location /status { stub_status; } } |
3)状态页
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 |
#访问 http://www.test.com/status #返回内容 Active connections: 2 server accepts handled requests 2 2 1 Reading: 0 Writing: 1 Waiting: 1 #nginx七种状态 Active connections #活跃的连接数 accepts #接受的TCP连接数 handled #已处理的TCP连接数 requests #请求数 Reading #读取的请求头的数量 Writing #响应的请求头的数量 Waiting #等待的请求数量 #可以用作监控日PV [root@web02 /etc/nginx/conf.d]# curl -s www.test.com/status| awk 'NR==3{print $3}' |
连接限制模块 ngx_http_limit_conn_module
1)语法
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 |
#设置限制的空间 Syntax: limit_conn_zone key zone=name:size; Default: — Context: http limit_conn_zone #调用限制模块 key #存储的内容 zone= #空间 name: #空间的名字 size; #空间的大小 #调用空间 Syntax: limit_conn zone number; Default: — Context: http, server, location limit_conn #调用空间 zone #空间名字 number; #同一个信息可以保存的次数 |
2)配置
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 |
[root@web02 /etc/nginx/conf.d]# cat test.conf limit_conn_zone $remote_addr zone=conn_zone:1m; server { listen 80; server_name www.test.com; limit_conn conn_zone 1; location / { root /code; index index.html; } location /download { root /code; index index.html; autoindex on; autoindex_exact_size off; autoindex_localtime on; allow 10.0.0.1; deny all; auth_basic "输入用户名和密码"; auth_basic_user_file /etc/nginx/auth_basic; } location /status { stub_status; } } |
请求限制模块
1)语法
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 |
#设置请求限制的空间 Syntax: limit_req_zone key zone=name:size rate=rate [sync]; Default: — Context: http limit_req_zone #调用模块 key #空间存储的内容 zone= #指定空间 name: #空间的名字 size #空间的大小 rate=rate; #读写速率 #调用空间 Syntax: limit_req zone=name [burst=number] [nodelay | delay=number]; Default: — Context: http, server, location limit_req #调用空间 zone=name #指定空间名字 [burst=number] #扩展 [nodelay | delay=number]; #延时 |
2)配置
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 |
[root@web02 /etc/nginx/conf.d]# cat test.conf limit_conn_zone $remote_addr zone=conn_zone:1m; limit_req_zone $remote_addr zone=req_zone:1m rate=1r/s; server { listen 80; server_name www.test.com; limit_conn conn_zone 1; limit_req zone=req_zone; location / { root /code; index index.html; } location /download { root /code; index index.html; autoindex on; autoindex_exact_size off; autoindex_localtime on; allow 10.0.0.1; deny all; auth_basic "输入用户名和密码"; auth_basic_user_file /etc/nginx/auth_basic; } location /status { stub_status; } } |
3)测试请求限制
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 |
[root@web02 /etc/nginx/conf.d]# ab -n 200 -c 2 http://www.test.com/ This is ApacheBench, Version 2.3 <$Revision: 1430300 $> Copyright 1996 Adam Twiss, Zeus Technology Ltd, http://www.zeustech.net/ Licensed to The Apache Software Foundation, http://www.apache.org/ Benchmarking www.test.com (be patient) Completed 100 requests Completed 200 requests Finished 200 requests Server Software: nginx/1.18.0 Server Hostname: www.test.com Server Port: 80 Document Path: / Document Length: 13 bytes Concurrency Level: 2 Time taken for tests: 0.036 seconds Complete requests: 200 Failed requests: 199 (Connect: 0, Receive: 0, Length: 199, Exceptions: 0) Write errors: 0 Non-2xx responses: 199 Total transferred: 73674 bytes HTML transferred: 39216 bytes Requests per second: 5492.24 [#/sec] (mean) Time per request: 0.364 [ms] (mean) Time per request: 0.182 [ms] (mean, across all concurrent requests) Transfer rate: 1975.76 [Kbytes/sec] received Connection Times (ms) min mean[+/-sd] median max Connect: 0 0 0.8 0 12 Processing: 0 0 0.6 0 4 Waiting: 0 0 0.5 0 4 Total: 0 0 1.0 0 12 Percentage of the requests served within a certain time (ms) 50% 0 66% 0 75% 0 80% 0 90% 0 95% 0 98% 4 99% 4 100% 12 (longest request) [root@web02 /etc/nginx/conf.d]# |