做個lnmp環境下 nginx.conf的常見配置說明
vim /usr/local/nginx/conf/nginx.conf 使用如下配置
user nobody nobody; //nginx子進程的用戶
worker_processes 2; //nginx子進程個數
error_log /usr/local/nginx/logs/nginx_error.log debug; //錯誤日誌路徑及日誌級別 debug調試用內容最詳細 、一般用crit
pid /usr/local/nginx/logs/nginx.pid; //nginx的進程pid
worker_rlimit_nofile 51200;
events
{
use epoll;
worker_connections 6000;
}
http
{
include mime.types;
default_type application/octet-stream;
server_names_hash_bucket_size 3526;
server_names_hash_max_size 4096;
log_format main '$proxy_add_x_forwarded_for - $remote_user [$time_local] '
'"$request" $status $body_bytes_sent '
'"$http_referer" "$http_user_agent"'; //日誌保存格式
sendfile on;
tcp_nopush on;
keepalive_timeout 30;
client_header_timeout 3m;
client_body_timeout 3m;
send_timeout 3m;
connection_pool_size 256;
client_header_buffer_size 1k;
large_client_header_buffers 8 4k;
request_pool_size 4k;
output_buffers 4 32k;
postpone_output 1460;
client_max_body_size 10m;
client_body_buffer_size 256k;
client_body_temp_path /usr/local/nginx/client_body_temp;
proxy_temp_path /usr/local/nginx/proxy_temp;
fastcgi_temp_path /usr/local/nginx/fastcgi_temp;
fastcgi_intercept_errors on;
tcp_nodelay on;
gzip on;
gzip_min_length 1k;
gzip_buffers 4 8k;
gzip_comp_level 5;
gzip_http_version 1.1;
gzip_types text/plain application/x-javascript text/css text/htm application/xml;
server
{
listen 80;
server_name --//域名
index index.html index.htm index.php;
root /usr/local/nginx/html; --//對應的目錄
location ~ \.php$ {
include fastcgi_params;
fastcgi_pass unix:/tmp/php-fcgi.sock; --//路徑可以是sock 也可以是IP:PORT格式
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /usr/local/nginx/html$fastcgi_script_name;
} --//這部分是PHP解析設置
}
include /usr/local/nginx/conf/vhosts/*.conf;
}需要增加虛擬機的可以在/usr/local/nginx/conf/vhosts/目錄下添加
我用的是discuz論壇 配置如下
vim /usr/local/nginx/conf/vhosts/discuz.conf
添加如下內容:
server
{
listen 80;
server_name www.discuz.com --//雙域名 discuz 和 bbc1
if ($host != 'www.discuz.com' ) {
rewrite ^/(.*)$ http://www.discuz.com/$1 permanent;
} --//域名跳轉指向www.discuz.com
index index.html index.htm index.php;
root /data/www;
location ~ .*rc/w/ {
auth_basic "Auth"; --//認證窗口名 可以隨意取
auth_basic_user_file /usr/local/nginx/conf/htpasswd; --//認證用戶名和密碼保存路徑
include fastcgi_params; --//如果無php解析這部分可以不要
fastcgi_pass unix:/tmp/php-fcgi.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /data/www$fastcgi_script_name;
} --//針對目錄做的一個認證
location ~ admin\.php$ {
auth_basic "Auth";
auth_basic_user_file /usr/local/nginx/conf/htpasswd;
include fastcgi_params;
fastcgi_pass unix:/tmp/php-fcgi.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /data/www$fastcgi_script_name;
} --//針對admin.php單獨做的一個認證 ,提高後臺安全性
location ~ \.php$ {
include fastcgi_params;
fastcgi_pass unix:/tmp/php-fcgi.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /data/www$fastcgi_script_name;
} --//php解析模塊
location ~ .*\.(jpg|gif|jpeg|png|js|css)$ { --//文件類型可以根據實際情況添加
expires 30d; --//設置緩存時間30天
access_log off; --//針對以上合適不設置日誌記錄
valid_referers none blocked server_names *.taobao.com *.baidu.com *.google.com *.google.cn *.soso.com *.apelearn.com; --//設置防盜鏈,只有這些網址可以使用本站鏈接
if ($invalid_referer) {
return 403;
# rewrite ^/ http://www.example.com/nophoto.gif;
} --//不屬於以上網站的全部返回403
#allow 192.168.205.128; --//允許單個IP #allow 127.0.0.1
#allow 10.0.1.0/24; --//允許IP段
#deny all; --//這部分是對ip的限制
include deny.ip; --//也可以在conf目錄下創建一個deny.ip在裏面對ip進行限制
}以上是基本的配置,其他的配置以後再說吧