nginx用户认证

添加用户

1
adduser test && passwd test

在配置文件中添加

1
2
3
4
5
location  \ {
    auth_basic "请输入用户名和密码";
    auth_basic_user_file conf.d/htpasswd; #注意你用户的存放的路径
    autoindex on;
}

nginx的域名重定向

1
2
3
4
5
6
7
server {
    ........
    if ($host != 'node12.com'){
	    rewrite ^/(.*) http://node12.com/$1 permanent;
    }   
    ........
}

nginx限流

1
2
3
4
5
6
7
8
9
10
11
http {
    ........
    limit_req_zone $binary_remote_addr zone=one:10m rate=10r/s;    # $binary_remote_addr: 远程客户端IP; rate=10r/s: 限制频率为每秒10个请求
    ........
}

server {
    location ~ \.php$ {
        limit_req zone=one burst=5 nodelay;    # burst=5: 允许超过频率限制的请求数不多于5个
    }
}

nginx 限制爬虫、禁止爬虫

1
2
3
4
5
6
7
8
# 禁止Scrapy等工具的抓取
server {
    ........
    if ($http_user_agent ~* (Scrapy|Curl|HttpClient)) {
         return 403;
    }
    ........
}

nginx 针对请求的URI来代理

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
upstream aa.com {         
    server 192.168.0.121;
    server 192.168.0.122;  
}
upstream bb.com {  
    server 192.168.0.123;
    server 192.168.0.124;
}
server {
    listen       80;
    server_name  www.abc.com;
    
    # 请求到这个URI是就代理到aa.com的机器上
    location ~ aa.php{
            proxy_pass http://aa.com/;
            proxy_set_header Host   $host;
            proxy_set_header X-Real-IP      $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    }

    # 请求到这个URI是就代理到bb.com的机器上
    location ~ bb.php {
              proxy_pass http://bb.com/;
              proxy_set_header Host   $host;
              proxy_set_header X-Real-IP      $remote_addr;
              proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    }
}

nginx配置防盗链

1
2
3
4
5
6
7
8
9
10
11
12
server {
    ........
    location ~* ^.+\.(gif|jpg|png|swf|flv|rar|zip|doc|pdf|gz|bz2|jpeg|bmp|xls)$ {   
        invalid_referers none blocked server_names  *.taobao.com *.baidu.com *.google.com *.google.cn *.soso.com ;  // 对这些域名的网站不进行盗链。
                
        if ($invalid_referer) {
            rewrite ^/ http://www.example.com/nophoto.gif;
        }
                
    }
    ........
}

nginx静态文件不记录日志,配置缓存

1
2
3
4
5
6
7
8
9
10
11
12
server {
    ........
    location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$ {
      expires      30d;
      access_log off;
    }

    location ~ .*\.(js|css)$ {
      expires      12h;
      access_log off;
    }
}