做個lnmp環境下 nginx.conf的常見配置說明
vim /usr/local/nginx/conf/nginx.conf 使用如下配置
user nobody nobody; //nginx子進程的用戶 worker_processes 2; //nginx子進程個數 error_log /usr/local/nginx/logs/nginx_error.log debug; //錯誤日誌路徑及日誌級別 debug調試用內容最詳細 、一般用crit pid /usr/local/nginx/logs/nginx.pid; //nginx的進程pid worker_rlimit_nofile 51200; events { use epoll; worker_connections 6000; } http { include mime.types; default_type application/octet-stream; server_names_hash_bucket_size 3526; server_names_hash_max_size 4096; log_format main '$proxy_add_x_forwarded_for - $remote_user [$time_local] ' '"$request" $status $body_bytes_sent ' '"$http_referer" "$http_user_agent"'; //日誌保存格式 sendfile on; tcp_nopush on; keepalive_timeout 30; client_header_timeout 3m; client_body_timeout 3m; send_timeout 3m; connection_pool_size 256; client_header_buffer_size 1k; large_client_header_buffers 8 4k; request_pool_size 4k; output_buffers 4 32k; postpone_output 1460; client_max_body_size 10m; client_body_buffer_size 256k; client_body_temp_path /usr/local/nginx/client_body_temp; proxy_temp_path /usr/local/nginx/proxy_temp; fastcgi_temp_path /usr/local/nginx/fastcgi_temp; fastcgi_intercept_errors on; tcp_nodelay on; gzip on; gzip_min_length 1k; gzip_buffers 4 8k; gzip_comp_level 5; gzip_http_version 1.1; gzip_types text/plain application/x-javascript text/css text/htm application/xml; server { listen 80; server_name --//域名 index index.html index.htm index.php; root /usr/local/nginx/html; --//對應的目錄 location ~ \.php$ { include fastcgi_params; fastcgi_pass unix:/tmp/php-fcgi.sock; --//路徑可以是sock 也可以是IP:PORT格式 fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME /usr/local/nginx/html$fastcgi_script_name; } --//這部分是PHP解析設置 } include /usr/local/nginx/conf/vhosts/*.conf; }
需要增加虛擬機的可以在/usr/local/nginx/conf/vhosts/目錄下添加
我用的是discuz論壇 配置如下
vim /usr/local/nginx/conf/vhosts/discuz.conf
添加如下內容:
server { listen 80; server_name www.discuz.com --//雙域名 discuz 和 bbc1 if ($host != 'www.discuz.com' ) { rewrite ^/(.*)$ http://www.discuz.com/$1 permanent; } --//域名跳轉指向www.discuz.com index index.html index.htm index.php; root /data/www; location ~ .*rc/w/ { auth_basic "Auth"; --//認證窗口名 可以隨意取 auth_basic_user_file /usr/local/nginx/conf/htpasswd; --//認證用戶名和密碼保存路徑 include fastcgi_params; --//如果無php解析這部分可以不要 fastcgi_pass unix:/tmp/php-fcgi.sock; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME /data/www$fastcgi_script_name; } --//針對目錄做的一個認證 location ~ admin\.php$ { auth_basic "Auth"; auth_basic_user_file /usr/local/nginx/conf/htpasswd; include fastcgi_params; fastcgi_pass unix:/tmp/php-fcgi.sock; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME /data/www$fastcgi_script_name; } --//針對admin.php單獨做的一個認證 ,提高後臺安全性 location ~ \.php$ { include fastcgi_params; fastcgi_pass unix:/tmp/php-fcgi.sock; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME /data/www$fastcgi_script_name; } --//php解析模塊 location ~ .*\.(jpg|gif|jpeg|png|js|css)$ { --//文件類型可以根據實際情況添加 expires 30d; --//設置緩存時間30天 access_log off; --//針對以上合適不設置日誌記錄 valid_referers none blocked server_names *.taobao.com *.baidu.com *.google.com *.google.cn *.soso.com *.apelearn.com; --//設置防盜鏈,只有這些網址可以使用本站鏈接 if ($invalid_referer) { return 403; # rewrite ^/ http://www.example.com/nophoto.gif; } --//不屬於以上網站的全部返回403 #allow 192.168.205.128; --//允許單個IP #allow 127.0.0.1 #allow 10.0.1.0/24; --//允許IP段 #deny all; --//這部分是對ip的限制 include deny.ip; --//也可以在conf目錄下創建一個deny.ip在裏面對ip進行限制 }
以上是基本的配置,其他的配置以後再說吧