From eb6829df8a9cab7f5828365af974fe97f8124b71 Mon Sep 17 00:00:00 2001 From: "YUN-PC5\\user" Date: Thu, 28 Sep 2023 16:21:46 +0800 Subject: [PATCH] =?UTF-8?q?=E6=96=B0=E5=A2=9Enginx=E6=96=87=E6=A1=A3?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- source/_posts/Nginx.md | 305 +++++++++++++++++++++++++++++++++++++++++ 1 file changed, 305 insertions(+) create mode 100644 source/_posts/Nginx.md diff --git a/source/_posts/Nginx.md b/source/_posts/Nginx.md new file mode 100644 index 0000000..65e3ac2 --- /dev/null +++ b/source/_posts/Nginx.md @@ -0,0 +1,305 @@ +--- +title: Nginx +date: 2023-09-25 15:42:47 +tags: +--- + +## Nginx 隐藏版本号 + +nginx配置文件`nginx.conf`里增加 server_tokens off; + +server_tokens作用域是http server location语句块 +server_tokens默认值是on,表示显示版本信息,设置server_tokens值是off,就可以在所有地方隐藏nginx的版本信息。 + +```conf +http{ + server_tokens off; +} +``` + +修改`fastcgi_params`和`fastcgi.conf`文件 + +将两个文件中的 + +```conf +fastcgi_param SERVER_SOFTWARE nginx/$nginx_version; +``` + +修改为 + +```conf +fastcgi_param SERVER_SOFTWARE nginx; +``` + +重启Nginx服务 + +## 配置 + +```conf + +#user nobody; +worker_processes 1; + +#error_log logs/error.log; +#error_log logs/error.log notice; +#error_log logs/error.log info; + +#pid logs/nginx.pid; + + +events { + worker_connections 1024; +} + + +http { + include mime.types; + default_type application/octet-stream; + + #log_format main '$remote_addr - $remote_user [$time_local] "$request" ' + # '$status $body_bytes_sent "$http_referer" ' + # '"$http_user_agent" "$http_x_forwarded_for"'; + + #access_log logs/access.log main; + + sendfile on; + #tcp_nopush on; + + #keepalive_timeout 0; + keepalive_timeout 65; + + server_tokens off; + + # 开启gzip + gzip on; + # 禁用IE 6 gzip + gzip_buffers 32 4k; + # gzip 压缩级别,1-9,数字越大压缩的越好,也越占用CPU时间,后面会有详细说明 + gzip_comp_level 6; + # 启用gzip压缩的最小文件,小于设置值的文件将不会压缩 + gzip_min_length 1k; + # 进行压缩的文件类型。javascript有多种形式。其中的值可以在 mime.types 文件中找到。 + gzip_types application/javascript text/css text/xml; + # 禁用IE 6 gzip + gzip_disable "MSIE [1-6]\."; #配置禁用gzip条件,支持正则。此处表示ie6及以下不启用gzip(因为ie低版本不支持) + # 是否在http header中添加Vary: Accept-Encoding,建议开启 + gzip_vary on; + # map $http_upgrade $connection_upgrade { + # default upgrade; + # '' close; + # } + + map $http_connection $connection_upgrade { + "~*Upgrade" $http_connection; + default keep-alive; + } + server { + listen 7779; + server_name localhost; + + #charset koi8-r; + + #access_log logs/host.access.log main; + + #location / { + # root html; + # index index.html index.htm; + #} + + root html/dist; + index index.html index.htm; + + # 根请求会指向的页面 + location / { + # 此处的 @router 实际上是引用下面的转发,否则在 Vue 路由刷新时可能会抛出 404 + try_files $uri $uri/ @router; + # 请求指向的首页 + index index.html; + } + + location @router { + rewrite ^.*$ /index.html last; + } + + #error_page 404 /404.html; + + # redirect server error pages to the static page /50x.html + # + #error_page 500 502 503 504 /50x.html; + #location = /50x.html { + # root html; + #} + + location /prod-api { + proxy_set_header Host $http_host; + proxy_set_header X-Real-IP $remote_addr; + #proxy_set_header REMOTE-HOST $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header Cookie $http_cookie; + proxy_pass http://127.0.0.1:50; + proxy_redirect off; + + proxy_set_header HTTP-X-REQUESTED-WITH $http_x_requested_with; + proxy_set_header HTTP_X_REQUESTED_WITH $http_x_requested_with; + proxy_set_header x-requested-with $http_x_requested_with; + client_max_body_size 10m; + client_body_buffer_size 128k; + proxy_connect_timeout 90; + proxy_send_timeout 90; + proxy_read_timeout 90; + proxy_buffer_size 128k; + proxy_buffers 32 32k; + proxy_busy_buffers_size 128k; + proxy_temp_file_write_size 128k; + rewrite ^/prod-api/(.*) /$1 break; + } + + location /msghub { + proxy_pass http://127.0.0.1:50/msgHub; + + # Configuration for WebSockets + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection $connection_upgrade; + proxy_cache off; + # WebSockets were implemented after http/1.0 + proxy_http_version 1.1; + + # Configuration for ServerSentEvents + proxy_buffering off; + + # Configuration for LongPolling or if your KeepAliveInterval is longer than 60 seconds + proxy_read_timeout 100s; + + proxy_set_header Host $host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + } + + # proxy the PHP scripts to Apache listening on 127.0.0.1:80 + # + #location ~ \.php$ { + # proxy_pass http://127.0.0.1; + #} + + # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 + # + #location ~ \.php$ { + # root html; + # fastcgi_pass 127.0.0.1:9000; + # fastcgi_index index.php; + # fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name; + # include fastcgi_params; + #} + + # deny access to .htaccess files, if Apache's document root + # concurs with nginx's one + # + #location ~ /\.ht { + # deny all; + #} + } + + server { + listen 8087; + server_name localhost; + + root html/dist1; + index index.html index.htm; + + # 根请求会指向的页面 + location / { + # 此处的 @router 实际上是引用下面的转发,否则在 Vue 路由刷新时可能会抛出 404 + try_files $uri $uri/ @router; + # 请求指向的首页 + index index.html; + } + + location @router { + rewrite ^.*$ /index.html last; + } + + location /prod-api { + proxy_set_header Host $http_host; + proxy_set_header X-Real-IP $remote_addr; + #proxy_set_header REMOTE-HOST $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header Cookie $http_cookie; + proxy_pass http://127.0.0.1:8888; + proxy_redirect off; + + proxy_set_header HTTP-X-REQUESTED-WITH $http_x_requested_with; + proxy_set_header HTTP_X_REQUESTED_WITH $http_x_requested_with; + proxy_set_header x-requested-with $http_x_requested_with; + client_max_body_size 10m; + client_body_buffer_size 128k; + proxy_connect_timeout 90; + proxy_send_timeout 90; + proxy_read_timeout 90; + proxy_buffer_size 128k; + proxy_buffers 32 32k; + proxy_busy_buffers_size 128k; + proxy_temp_file_write_size 128k; + rewrite ^/prod-api/(.*) /$1 break; + } + + location /msghub { + proxy_pass http://127.0.0.1:8888/msgHub; + + # Configuration for WebSockets + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection $connection_upgrade; + proxy_cache off; + # WebSockets were implemented after http/1.0 + proxy_http_version 1.1; + + # Configuration for ServerSentEvents + proxy_buffering off; + + # Configuration for LongPolling or if your KeepAliveInterval is longer than 60 seconds + proxy_read_timeout 100s; + + proxy_set_header Host $host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + } + + } + # another virtual host using mix of IP-, name-, and port-based configuration + # + #server { + # listen 8000; + # listen somename:8080; + # server_name somename alias another.alias; + + # location / { + # root html; + # index index.html index.htm; + # } + #} + + + # HTTPS server + # + #server { + # listen 443 ssl; + # server_name localhost; + + # ssl_certificate cert.pem; + # ssl_certificate_key cert.key; + + # ssl_session_cache shared:SSL:1m; + # ssl_session_timeout 5m; + + # ssl_ciphers HIGH:!aNULL:!MD5; + # ssl_prefer_server_ciphers on; + + # location / { + # root html; + # index index.html index.htm; + # } + #} + +} + +``` +