Configure multiple domain names for one site
1 | server { |
server_name can be followed by multiple domain names, and multiple domain names are separated by spaces
Configure multiple sites for one service
1 | server { |
Based on Nginx virtual host configuration, Nginx has three types of virtual hosts
IP-based virtual host: You need to have multiple addresses on your server. Each site corresponds to different addresses. This method is rarely used
Port-based virtual host: Each site corresponds to a different port. When accessing, use ip: port to access. You can modify the port of listen to use
Domain name based virtual host: The most widely used way is to use domain name based virtual host in the above example. The precondition is that you have multiple domain names corresponding to each site, server_ name Fill in different domain names
Nginx adds account password verification
1 | server { |
Many services are accessed through nginx, but they do not provide account authentication function. They can be implemented through the authbase account password authentication provided by nginx. The following script can be used to generate the account password
1 | # cat pwd.pl |
usage method:
1 | # perl pwd.pl ops-coffee.cn |
Nginx Open Column Directory
When you want nginx to exist as a file download server, you need to open the nginx column directory
1 | server { |
autoindex_ exact_ size: display the exact size of the file when it is on (default), in bytes; Change to off to display the approximate size of the file, in KB or MB or GB
autoindex_ localtime: When it is off (default), the file time displayed is GMT time; After changing to on, the displayed file time is the server time
By default, when accessing the listed txt and other files, the file content will be displayed on the browser. If you let the browser download directly first, add the following configuration
1 | if ($request_filename ~* ^.*?\.(txt|pdf|jpg|png)$) { |
Configure default site
1 | server { |
When multiple virtual hosts are created on a nginx service, they will be searched from top to bottom by default. If the virtual host cannot be matched, the content of the first virtual host will be returned. If you want to specify a default site, you can put the virtual host of this site in the location of the first virtual host in the configuration file, or configure the listen default on the virtual host of this site
IP access is not allowed
1 | server { |
There may be some unregistered domain names or domain names you don’t want to point the server address to your server, which will have a certain impact on your site. You need to prohibit access to IP or unconfigured domain names. We use the default rule mentioned above to transfer the default traffic to 404
The above method is rough. Of course, you can also configure all unconfigured addresses to be redirected to your website directly by 301, which can also bring some traffic to your website
1 | server { |
Directly return the verification file
1 | location = /XDFyle6tNA.txt { |
Many times, WeChat and other programs require us to put a txt file into the project to verify the project ownership. We can modify nginx directly through the above method without actually putting the file on the server
Nginx configures upstream reverse proxy
1 | http { |
You may fall into a proxy if you don’t pay attention_ Pass is the trap of adding bars without adding bars. Let’s talk about proxy in detail_ pass http://tomcats And proxy_ pass http://tomcats/ Difference:
Although it is only a/difference, the results are quite different. There are two situations:
- The target address does not contain uri (proxy_pass http://tomcats ). At this time, the matching uri in the new target url will not be modified. It is what it is.
1
2
3
4
5
6location /ops-coffee/ {
proxy_pass http://192.168.106.135:8181;
}
http://domain/ops-coffee/ --> http://192.168.106.135:8181/ops-coffee/
http://domain/ops-coffee/action/abc --> http://192.168.106.135:8181/ops-coffee/action/abc - The target address contains uri (proxy_pass http://tomcats/ ,/is also a uri). At this time, the matching uri part in the new target url will be modified to the uri in this parameter.
1
2
3
4
5
6location /ops-coffee/ {
proxy_pass http://192.168.106.135:8181/;
}
http://domain/ops-coffee/ --> http://192.168.106.135:8181
http://domain/ops-coffee/action/abc --> http://192.168.106.135:8181/action/abc
Nginx upstream enable keepalive
1 | upstream tomcat { |
Nginx will be used as a reverse proxy in most cases in the project, such as nginx followed by tomcat, nginx followed by php, etc. At this time, we can enable keepalive between nginx and back-end services to reduce the resource consumption caused by frequent creation of TCP connections. The configuration is as follows
Keepalive: specifies that the maximum number of connections that each nginx worker can maintain is 1024, which is not set by default, that is, keepalive does not take effect when nginx is used as a client
proxy_ http_ version 1.1: Enabling keepalive requires the HTTP protocol version to be HTTP 1.1
proxy_ set_ header Connection “”: In order to be compatible with the old protocol and prevent keepalive failure caused by the connection close in the http header, it is necessary to clear the connection in the HTTP header in time
404 Automatically jump to the home page
1 | server { |
The 404 page on the website is not particularly friendly. We can automatically jump to the home page after the 404 page appears through the above configuration