- 安装:
yum -y install nginx
# 默认目录是:/usr/share/nginx/html
- 支持目录索引:
- 支持php: a. 安装php-fpm:
yum -y install php-fpm
b. 修改php-fpm的配置文件:
c. 启动php-fpm服务:
systemctl start php-fpm
d. 修改nginx配置文件:
4. 开启pathinfo:
5. 解决跨域:
6. rewrite功能:
7. 配置虚拟主机:
8. 防盗链:
9. 动静分离:
location ~* ^.+.(js|css|htm|html|gif|jpg|jpeg|png|bmp|swf|ioc|rar|zip|txt|flv|mid|doc|ppt|pdf|xls|mp3|wma)$ {
# 静态站点
}
location ~* ^.+.(?![js|css|htm|html|gif|jpg|jpeg|png|bmp|swf|ioc|rar|zip|txt|flv|mid|doc|ppt|pdf|xls|mp3|wma])$ {
# 动态站点
}
- 代理websocket:
proxy_pass http://worker;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
- 使支持react-router:
try_files $uri /index.html;
12. 使用gzip压缩:
gzip on;
gzip_min_length 1k;
gzip_comp_level 2;
gzip_types text/plain application/javascript application/x-javascript text/css application/xml text/javascript application/x-httpd-php image/jpeg image/gif image/png font/ttf font/otf image/svg+xml;
gzip_vary on;
gzip_disable "MSIE [1-6]\.";
location ~* ^.+\.(ico|gif|jpg|jpeg|png)$ {
access_log off;
expires 1h;
}
location ~* ^.+\.(css|js|txt|xml|swf|wav)$ {
access_log off;
expires 1h;
}
location ~* ^.+\.(html|htm)$ {
expires 1h;
}
location ~* ^.+\.(eot|ttf|otf|woff|svg)$ {
access_log off;
expires max;
}
- 白名单设置:
allow 192.168.8.0/24;
deny all;
- 限制上传文件大小:
client_max_body_size 8M;
client_body_buffer_size 128k;
- 防止跨站:
fastcgi_param PHP_VALUE "open_basedir=$document_root";
- 配置文件参考:
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;
include /usr/share/nginx/modules/*.conf;
events {
worker_connections 1024;
}
http {
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
gzip on;
gzip_min_length 1k;
gzip_comp_level 2;
gzip_types text/plain application/javascript application/x-javascript text/css application/xml text/javascript application/x-httpd-php image/jpeg image/gif image/png font/ttf font/otf image/svg+xml;
gzip_vary on;
gzip_disable "MSIE [1-6]\.";
client_max_body_size 8M;
client_body_buffer_size 128k;
include /etc/nginx/mime.types;
default_type application/octet-stream;
include /etc/nginx/conf.d/*.conf;
allow 192.168.8.0/24;
deny all;
upstream api {
server 96.45.177.108:80;
server 96.45.184.247:80;
}
upstream worker {
server 96.45.177.108:2345;
server 96.45.184.247:2345;
}
server {
listen 80;
listen [::]:80;
server_name www.dollarphp.com;
root /usr/share/nginx/html/www;
include /etc/nginx/default.d/*.conf;
location / {
index index.html index.htm;
autoindex on;
autoindex_localtime on;
try_files $uri /index.html;
}
location ~* ^.+\.(ico|gif|jpg|jpeg|png)$ {
access_log off;
expires 1h;
}
location ~* ^.+\.(css|js|txt|xml|swf|wav)$ {
access_log off;
expires 1h;
}
location ~* ^.+\.(html|htm)$ {
expires 1h;
}
location ~* ^.+\.(eot|ttf|otf|woff|svg)$ {
access_log off;
expires max;
}
error_page 404 /404.html;
location = /40x.html {
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
}
server {
listen 80;
listen [::]:80;
server_name api.dollarphp.com;
include /etc/nginx/default.d/*.conf;
location / {
proxy_pass http://api;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
server {
listen 80;
listen [::]:80;
server_name worker.dollarphp.com;
include /etc/nginx/default.d/*.conf;
location / {
proxy_pass http://worker;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
}
}
}
