搭建基本的网站页面

coding

cd /opt/tengine233/html
mkdir a
mkdir b
mkdir c
echo aaa >a/index.html
echo bbb >b/index.html
echo cccc >c/index.html
elinks http://127.0.0.1 --dump

effect

主页面

子页面

访问控制

Solution1 —- white list of IP

code

    server {
        listen       80;
        server_name  localhost;
        charset utf-8;
        #access_log  logs/host.access.log  main;
        #access_log  "pipe:rollback logs/host.access_log interval=1d baknum=7 maxsize=2G"  main;
        location / {
            root   html;
            index  index.html index.htm;
        }
    # /opt/tengine233/html/a/html
    location /a {
        #allow  127.0.0.1;
        deny all;   
    }

effect

redirect 404

code

    server {
        listen       80;
        server_name  localhost;
        charset utf-8;
        #access_log  logs/host.access.log  main;
        #access_log  "pipe:rollback logs/host.access_log interval=1d baknum=7 maxsize=2G"  main;
        location / {
            root   html;
            index  index.html index.htm;
        }
    # /opt/tengine233/html/a/html
    location /a {
        allow  127.0.0.1;
        deny all;
        return 404;   
    }
        error_page  404              /404.html;

effect

redirect website

    server {
        listen       80;
        server_name  localhost;
        charset utf-8;
        #access_log  logs/host.access.log  main;
        #access_log  "pipe:rollback logs/host.access_log interval=1d baknum=7 maxsize=2G"  main;
        location / {
            root   html;
            index  index.html index.htm;
        }
    # /opt/tengine233/html/a/html
    location /a {
        allow  127.0.0.1;
        deny all;
        return https://image.baidu.com/;   
    }
        error_page  404              /404.html;

effect

visit by passwd

ready

1. 处理包依赖
yum -y install httpd-devel-2.4.6-97.el7.centos.1.x86_64
yum -y install httpd-tools
2. 使用htpasswd生成密码,不存在参数为c， 存在则参数为m
touch /opt/nginx/htpasswd
htpasswd -c /opt/nginx/htpasswd sky
3. nginx 配置文件
    location /b {
        auth_basic "登陆验证";
        auth_basic_user_file /etc/nginx/htpasswd;
    }

effect

self-made log

configure

http {
    include       mime.types;
    default_type  application/octet-stream;
    #log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
    #                  '$status $body_bytes_sent "$http_referer" '
    #                  '"$http_user_agent" "$http_x_forwarded_for"';
    #access_log  logs/access.log  main;
    #access_log  "pipe:rollback logs/access_log interval=1d baknum=7 maxsize=2G"  main;
    log_format caesar_01 '[$time_local] $remote_addr "$request" $status'
    server {
    access_log  logs/host.access.log  caesar_01;
    location /a{
    }
  }
}

operation

1. 重载Nginx配置文件
nginx -s reload
2. 访问日志文件，并且动态显示
cd /opt/tengin233/log
tailf host.acess.log
3. 浏览器访问页面

effect

log_format in json

introduction

Nginx访问日志主要有两个参数控制
1. log_ format #用来定义记录日志的格式(可以定义多种日志格式，取不同名字即可)
log. format log. name string
2. access_ log #用来指定日至文件的路径及使用的何种日志格式记录日志
access_ log logs/access.log main;
log. format格式变量:
$remote_addr #记录访问网站的客户端地址
$remote_user #远程客户端用户名
$time_local #记录访问时尚与时区
$request #用户的http请求起始行信息
$status #tp状态码，记录请求返回的状态码，例如: 200、 301、 404等
$body_bytes_sent #服务器发送给客户端的响应body字节数
$http_referer #记录此次请求是从哪个连接访问过来的，可以根据该参 数进行防盗链设置。
$http_user_agent #记录客户端访问信息，例如:浏览器、手机客户端等
$http_x_forwarded for #当前端有代理服务器时，设置web节点记录客户端地址的配置，此参数生效的前是是代服务 器也要进行相关的x_forwarded for设置

cofiguratiion

http {
    include       mime.types;
    default_type  application/octet-stream;
    #log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
    #                  '$status $body_bytes_sent "$http_referer" '
    #                  '"$http_user_agent" "$http_x_forwarded_for"';
    #access_log  logs/access.log  main;
    #access_log  "pipe:rollback logs/access_log interval=1d baknum=7 maxsize=2G"  main;
    #log_format caesar_01 '[$time_local] $remote_addr "$request" $status'
    log_format main_json '{"@timestamp":"$time_iso8601",'
                '"@version":"1",'
                '"server_addr":"$server_addr",'
                '"remote_addr":"$remote_addr",'
                '"host":"$host",'
                '"uri":"$uri",'
                '"body_bytes_sent":$body_bytes_sent,'
                '"bytes_sent":$body_bytes_sent,'
                '"upstream_response_time":$upstream_response_time,'
                '"request":"$request",'
                '"request_length":$request_length,'
                '"request_time":$request_time,'
                '"status":"$status",'
                '"http_referer":"$http_referer",'
                '"http_x_forwarded_for":"$http_x_forwarded_for",'
                '"http_user_agent":"$http_user_agent"'
                '}';
    sendfile        on;
    #tcp_nopush     on;
    #keepalive_timeout  0;
    keepalive_timeout  65;
    gzip  on;
    server {
        listen       80;
        server_name  localhost;
        charset utf-8;
        access_log  logs/host.access.log  main_json;
  }
}

effect

thef link from other

operation

### default website
curl -e "https://www.baidu.com" -I https://www.whereabouts.cn/fly/blog/img/linhaifeng.jpg
curl -e "https://www.google.com" -I https://www.whereabouts.cn/fly/blog/img/linhaifeng.jpg
    location /media {
      valid_referers none blocked server_names *.example.com example.* www.example.org/galleries/~\.google\.;
      if ($invalid_referer){
        return 404;
    }
    alias /opt/whereabouts/media/;
}

configuration

valid_referers none blocked *.ayitula.com;
if ($invalid_referer){
                return 403;
}

refer

reference

https://www.cnblogs.com/htfhtf/p/15174613.html
https://blog.csdn.net/qq_33240556/article/details/121113328
[official doc]
https://nginx.org/en/docs/http/ngx_http_referer_module.html
[Embedded Variables]
https://www.jianshu.com/p/12b9c364b86a
[Python home source]
https://mirrors.huaweicloud.com/python/