配置文件
默认路径:/etc/nginx/nginx.conf
user nobody;
worker_processes 1;
error_log logs/error.log;
error_log logs/error.log notice;
error_log logs/error.log info;
pid logs/nginx.pid;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
#access_log logs/access.log main;
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 65;
#gzip on;
server {
listen 80;
server_name localhost;
#charset koi8-r;
#access_log logs/host.access.log main;
location / {
root html;
index index.html index.htm;
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
# proxy the PHP scripts to Apache listening on 127.0.0.1:80
#
#location ~ \.php$ {
# proxy_pass http://127.0.0.1;
#}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
#location ~ \.php$ {
# root html;
# fastcgi_pass 127.0.0.1:9000;
# fastcgi_index index.php;
# fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
# include fastcgi_params;
#}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
}
# another virtual host using mix of IP-, name-, and port-based configuration
#
#server {
# listen 8000;
# listen somename:8080;
# server_name somename alias another.alias;
# location / {
# root html;
# index index.html index.htm;
# }
#}
# HTTPS server
#
#server {
# listen 443 ssl;
# server_name localhost;
# ssl_certificate cert.pem;
# ssl_certificate_key cert.key;
# ssl_session_cache shared:SSL:1m;
# ssl_session_timeout 5m;
# ssl_ciphers HIGH:!aNULL:!MD5;
# ssl_prefer_server_ciphers on;
# location / {
# root html;
# index index.html index.htm;
# }
#}
}
常用技巧
上传大文件
nginx
http {
proxy_connect_timeout 300s;
proxy_send_timeout 300s;
proxy_read_timeout 300s;
client_max_body_size 100m;
client_header_timeout 300s;
client_body_timeout 300s;
}
location ~ \.php(.*)$ {
fastcgi_read_timeout 300s;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
include fastcgi.conf;
}
php
post_max_size = 100M
upload_max_filesize = 100M
memory_limit = 1024M
max_execution_time = 300
max_input_time = 300
PHP 线程监控
nginx
在相应的虚拟主机配置中添加以下内容
location ~ ^/status$ {
include fastcgi_params;
fastcgi_pass 127.0.0.1:9000;
fastcgi_param SCRIPT_FILENAME $fastcgi_script_name;
}
php-fpm
pm.status_path = /status
配置多个域名
server {
listen 80;
server_name yuwei.cc www.yuwei.cc;#server_name 后跟多个域名用空格隔开即可
}
配置多个站点
借用 Nginx 虚拟主机配置来实现,Nginx 有三种类型的虚拟主机:
基于 IP:需要服务器上有多个地址,每个站点对应不同的地址
基于端口:每个站点对应不同的端口,访问的时候需要后接:port
,可以修改 listen 忽略
基于域名:server_name 填写不同的域名即可
server {
listen 80;
server_name w.yuwei.cc;
location / {
root /opt/w;
index index.html;
}
}
server {
listen 80;
server_name ww.yuwei.cc;
location / {
root /opt/ww;
index index.html;
}
}
server {
listen 80;
server_name www.yuwei.cc;
location / {
root /opt/www;
index index.html;
}
}
开启列目录
Nginx 作为文件下载服务器存在时,需要开启 nginx 列目录
server {
location download {
autoindex on;
autoindex_exact_size off;#默认为 on 显示文件的确切大小,单位是 byte,改为 off 显示文件大概大小,单位 KB 或 MB 或 GB
autoindex_localtime on;#默认为 off 显示的文件时间为 GMT 时间,改为 on 后显示文件服务器时间
}
if ($request_filename ~* ^.*?\.(txt|pdf|jpg|png)$) {#列出的指定格式文件需要先下载
add_header Content-Disposition 'attachment';
}
}
禁止 IP 访问
禁止 IP 或未配置的域名访问,可以利用上边所说的default
规则,将它们都转到 404 页面去
server {
listen 80 default;
server_name _;
return 404;
}
上述方法较粗暴,可以将它们直接301重定向到指定的域名,相当于给站点增加了外链
server {
rewrite ^/(.*)$ https://yuwei.cc/$1 permanent;
}
配置默认站点
如果 Nginx 服务器上创建了多个虚拟主机,默认会从上到下查找,匹配不到虚拟主机则会返回第一个虚拟主机;如果想指定一个默认站点时,可以将这个站点的虚拟主机放在配置文件中第一个虚拟主机的位置,或者在这个站点的虚拟主机上配置listen port default
server {
listen 80 default;
}
404 跳转到首页
网站出现 404页面不是特别友好,我们可以通过上边的配置在出现404之后给自动跳转到首页去
返回验证文件
微信支付等服务需要放一个txt 文件到服务器上进行验证,可以直接修改配置而无需把文件传到服务器指定位置
location = /XGFyic8tZB.txt {
default_type text/plain;
return 200 'd6399a83657vb225615c31c10684e6ac';
}