2018-3-13 12周2次课 Nginx安装默认虚拟主机用户认证域名重定向
Posted
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了2018-3-13 12周2次课 Nginx安装默认虚拟主机用户认证域名重定向相关的知识,希望对你有一定的参考价值。
12.6 nginx安装
[[email protected] ~]# cd /usr/local/src/ [[email protected] src]# wget http://nginx.org/download/nginx-1.12.2.tar.gz (过程省略) [[email protected] src]# tar zxvf nginx-1.12.2.tar.gz [[email protected] src]# cd nginx-1.12.2/ [[email protected] nginx-1.12.2]# ls auto CHANGES CHANGES.ru conf configure contrib html LICENSE man README src [[email protected] nginx-1.12.2]# ./configure --prefix=/usr/local/nginx ##编译nginx (过程省略) [[email protected] nginx-1.12.2]# make && make install (过程省略) [[email protected] nginx-1.12.2]# ls /usr/local/nginx/ conf html logs sbin [[email protected] nginx-1.12.2]# ls /usr/local/nginx/conf/ fastcgi.conf fastcgi_params.default mime.types nginx.conf.default uwsgi_params fastcgi.conf.default koi-utf mime.types.default scgi_params uwsgi_params.default fastcgi_params koi-win nginx.conf scgi_params.default win-utf [[email protected] nginx-1.12.2]# ls /usr/local/nginx/html/ 50x.html index.html [[email protected] nginx-1.12.2]# ls /usr/local/nginx/logs/ [[email protected] nginx-1.12.2]# ls /usr/local/nginx/sbin/ nginx [[email protected] nginx-1.12.2]# /usr/local/nginx/sbin/nginx -t ##支持检查配置文件 nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful [[email protected] nginx-1.12.2]# vim /etc/init.d/nginx
[[email protected] nginx-1.12.2]# chmod 755 !$ chmod 755 /etc/init.d/nginx [[email protected] nginx-1.12.2]# chkconfig --add nginx [[email protected] nginx-1.12.2]# chkconfig nginx on [[email protected] nginx-1.12.2]# chkconfig 注:该输出结果只显示 SysV 服务,并不包含 原生 systemd 服务。SysV 配置数据 可能被原生 systemd 配置覆盖。 要列出 systemd 服务,请执行 'systemctl list-unit-files'。 查看在具体 target 启用的服务请执行 'systemctl list-dependencies [target]'。 mysqld 0:关1:关2:开3:开4:开5:开6:关 netconsole 0:关1:关2:关3:关4:关5:关6:关 network 0:关1:关2:开3:开4:开5:开6:关 nginx 0:关1:关2:开3:开4:开5:开6:关 php-fpm 0:关1:关2:开3:开4:开5:开6:关 [[email protected] nginx-1.12.2]# cd /usr/local/nginx/conf/ [[email protected] conf]# ls fastcgi.conf fastcgi_params.default mime.types nginx.conf.default uwsgi_params fastcgi.conf.default koi-utf mime.types.default scgi_params uwsgi_params.default fastcgi_params koi-win nginx.conf scgi_params.default win-utf [[email protected] conf]# mv nginx.conf nginx.conf.bak [[email protected] conf]# vim nginx.conf ##编辑配置文件
user 定义上传等操作完成的用户
worker_processes 定义子进程的数量
error_log 错误日志
pid pid号
worker_rlimit_nofile 指定nginx最多打开多少文件
use epoll 使用epoll模式
worker_connections 进程最大的连接数
fastcgi_pass 如果监听端口是9000,可以写为127.0.0.1:9000这是两种不同方式
[[email protected] conf]# /usr/local/nginx/sbin/nginx -t nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful [[email protected] conf]# /etc/init.d/nginx start Starting nginx (via systemctl): [ 确定 ] [[email protected] conf]# ps aux |grep nginx root 9634 0.0 0.0 20496 628 ? Ss 21:26 0:00 nginx: master process /usr/local/nginx/sbin/nginx -c /usr/local/nginx/conf/nginx.conf nobody 9635 0.0 0.3 22940 3212 ? S 21:26 0:00 nginx: worker process nobody 9636 0.1 0.3 22940 3212 ? S 21:26 0:00 nginx: worker process root 9638 0.0 0.0 112676 980 pts/0 S+ 21:26 0:00 grep --color=auto nginx
(上方有两个子进程 worker process,由配置文件中的worker_processes定义的)
[[email protected] conf]# curl localhost
(上方欢迎语由/usr/local/nginx/html/index.html,而为什么能访问到index.html由nginx.conf定义)
[[email protected] conf]# cd /usr/local/nginx/html/ [[email protected] html]# vim 1.php
[[email protected] html]# curl localhost/1.php This is nginx test page.[[email protected] html]#
12.7 默认虚拟主机
[[email protected] conf]# vim nginx.conf
删除以上内容,增加一行 include vhost/*.conf
[[email protected] conf]# mkdir vhost [[email protected] conf]# cd vhost/ [[email protected] vhost]# vim aaa.com.conf
(由default_server就证明这是默认虚拟主机)
[[email protected] vhost]# mkdir -p /data/wwwroot/default [[email protected] vhost]# cd !$ cd /data/wwwroot/default [[email protected] default]# vim index.html
[[email protected] default]# /usr/local/nginx/sbin/nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
[[email protected] default]# /usr/local/nginx/sbin/nginx -s reload ##改配置文件后重新加载
[[email protected] vhost]# curl localhost
This is the default site.
(如果有错,请查看nginx.con、aaa.com.conf等配置是否有误)
指定默认虚拟主机:
1,vhost aaa 或者 0 等顺序
2,conf里指定default_server
12.8 Nginx用户认证
[[email protected] vhost]# vim test.com.conf
[[email protected] vhost]# /usr/local/nginx/sbin/nginx -s reload
·如果没有安装Apache,那么可以yum安装
[[email protected] vhost]# yum install -y httpd
·如果安装了Apache,那么可以直接使用htpasswd
[[email protected] vhost]# htpasswd -c /usr/local/nginx/conf/htpasswd alex New password: Re-type new password: Adding password for user alex [[email protected] vhost]# htpasswd /usr/local/nginx/conf/htpasswd arron New password: Re-type new password: Adding password for user arro [[email protected] vhost]# !cat cat /usr/local/nginx/conf/htpasswd alex:$apr1$MLMPfmsl$oH/QYxybIFQSNj4xLCh4S/ arron:$apr1$RfKhGXgJ$46dujc2WWwJDfWhhPn0311 (再创建第二个用户则不用 -c ) [[email protected] vhost]# curl -x127.0.0.1:80 test.com -I HTTP/1.1 401 Unauthorized Server: nginx/1.12.2 Date: Tue, 13 Mar 2018 15:25:28 GMT Content-Type: text/html Content-Length: 195 Connection: keep-alive WWW-Authenticate: Basic realm="Auth" [[email protected] vhost]# curl -u alex:123456 -x127.0.0.1:80 test.com <html> ##由于去访问的是index.html,而还未创建,所以404 <head><title>404 Not Found</title></head> <body bgcolor="white"> <center><h1>404 Not Found</h1></center> <hr><center>nginx/1.12.2</center> </body> </html>
·创建test.com主目录,并编辑index.html文件
[[email protected] vhost]# mkdir /data/wwwroot/test.com
[[email protected] vhost]# echo "test.com" > /data/wwwroot/test.com/index.html
[[email protected] vhost]# curl -u alex:123456 -x127.0.0.1:80 test.com
test.com
·如果需求为访问某个目录才需要认证,那么可以改配置文件
[[email protected] vhost]# /usr/local/nginx/sbin/nginx -s reload [[email protected] vhost]# curl -x127.0.0.1:80 test.com test.com [[email protected] vhost]# curl -x127.0.0.1:80 test.com/admin/ <html> <head><title>401 Authorization Required</title></head> <body bgcolor="white"> <center><h1>401 Authorization Required</h1></center> <hr><center>nginx/1.12.2</center> </body> </html> ##此时访问test.com是不需要认证,而在访问admin目录是则被限制 [[email protected] vhost]# vim /data/wwwroot/test.com/admin/ [[email protected] vhost]# mkdir !$ mkdir /data/wwwroot/test.com/admin/ [[email protected] vhost]# echo "test.com admin dir" > /data/wwwroot/test.com/admin/index.html [[email protected] vhost]# curl -ualex:123456 -x127.0.0.1:80 test.com/admin/ test.com admin dir
·针对url限制,例如admin.php,那么可以配置文件定义匹配:
[[email protected] vhost]# /usr/local/nginx/sbin/nginx -s reload [[email protected] vhost]# curl -x127.0.0.1:80 test.com/admin/ test.com admin dir [[email protected] vhost]# curl -x127.0.0.1:80 test.com/admin.php <html> <head><title>401 Authorization Required</title></head> <body bgcolor="white"> <center><h1>401 Authorization Required</h1></center> <hr><center>nginx/1.12.2</center> </body> </html>
(匹配admin.php后,/admin/不做限制,只针对admin.php进行限制)
·
创建admin.php才能访问到,不创建则会有404错误
[[email protected] vhost]# vim /data/wwwroot/test.com/admin.php
[[email protected] vhost]# /usr/local/nginx/sbin/nginx -s reload
[[email protected] vhost]# curl -ualex:123456 -x127.0.0.1:80 test.com/admin.php
test test test
12.9 Nginx域名重定向
[[email protected] vhost]# vim test.com.conf
(如果不是test.com,那么重定向到test.com下,permanent是301)
[[email protected] vhost]# curl -x127.0.0.1:80 test2.com/index.html -I
[[email protected] vhost]# curl -x127.0.0.1:80 test2.com/admin/index.html -I
[[email protected] vhost]# curl -x127.0.0.1:80 test3.com/admin/index.html -I HTTP/1.1 404 Not Found Server: nginx/1.12.2 Date: Tue, 13 Mar 2018 16:02:00 GMT Content-Type: text/html Content-Length: 169 Connection: keep-alive [[email protected] vhost]# ls aaa.com.conf test.com.conf
(由于没有定义test3.com,此时他会去访问默认虚拟主机,第一个也就是aaa.com)
如有错误,欢迎指正,互相学习,共同进步!!!
以上是关于2018-3-13 12周2次课 Nginx安装默认虚拟主机用户认证域名重定向的主要内容,如果未能解决你的问题,请参考以下文章
2018-3-16 12周5次课 Nginx负载均衡ssl原理秘钥配置