306 lines
8.6 KiB
Markdown
306 lines
8.6 KiB
Markdown
---
|
||
title: Nginx
|
||
date: 2023-09-25 15:42:47
|
||
tags:
|
||
---
|
||
|
||
## Nginx 隐藏版本号
|
||
|
||
nginx配置文件`nginx.conf`里增加 server_tokens off;
|
||
|
||
server_tokens作用域是http server location语句块
|
||
server_tokens默认值是on,表示显示版本信息,设置server_tokens值是off,就可以在所有地方隐藏nginx的版本信息。
|
||
|
||
```conf
|
||
http{
|
||
server_tokens off;
|
||
}
|
||
```
|
||
|
||
修改`fastcgi_params`和`fastcgi.conf`文件
|
||
|
||
将两个文件中的
|
||
|
||
```conf
|
||
fastcgi_param SERVER_SOFTWARE nginx/$nginx_version;
|
||
```
|
||
|
||
修改为
|
||
|
||
```conf
|
||
fastcgi_param SERVER_SOFTWARE nginx;
|
||
```
|
||
|
||
重启Nginx服务
|
||
|
||
## 配置
|
||
|
||
```conf
|
||
|
||
#user nobody;
|
||
worker_processes 1;
|
||
|
||
#error_log logs/error.log;
|
||
#error_log logs/error.log notice;
|
||
#error_log logs/error.log info;
|
||
|
||
#pid logs/nginx.pid;
|
||
|
||
|
||
events {
|
||
worker_connections 1024;
|
||
}
|
||
|
||
|
||
http {
|
||
include mime.types;
|
||
default_type application/octet-stream;
|
||
|
||
#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
|
||
# '$status $body_bytes_sent "$http_referer" '
|
||
# '"$http_user_agent" "$http_x_forwarded_for"';
|
||
|
||
#access_log logs/access.log main;
|
||
|
||
sendfile on;
|
||
#tcp_nopush on;
|
||
|
||
#keepalive_timeout 0;
|
||
keepalive_timeout 65;
|
||
|
||
server_tokens off;
|
||
|
||
# 开启gzip
|
||
gzip on;
|
||
# 禁用IE 6 gzip
|
||
gzip_buffers 32 4k;
|
||
# gzip 压缩级别,1-9,数字越大压缩的越好,也越占用CPU时间,后面会有详细说明
|
||
gzip_comp_level 6;
|
||
# 启用gzip压缩的最小文件,小于设置值的文件将不会压缩
|
||
gzip_min_length 1k;
|
||
# 进行压缩的文件类型。javascript有多种形式。其中的值可以在 mime.types 文件中找到。
|
||
gzip_types application/javascript text/css text/xml;
|
||
# 禁用IE 6 gzip
|
||
gzip_disable "MSIE [1-6]\."; #配置禁用gzip条件,支持正则。此处表示ie6及以下不启用gzip(因为ie低版本不支持)
|
||
# 是否在http header中添加Vary: Accept-Encoding,建议开启
|
||
gzip_vary on;
|
||
# map $http_upgrade $connection_upgrade {
|
||
# default upgrade;
|
||
# '' close;
|
||
# }
|
||
|
||
map $http_connection $connection_upgrade {
|
||
"~*Upgrade" $http_connection;
|
||
default keep-alive;
|
||
}
|
||
server {
|
||
listen 7779;
|
||
server_name localhost;
|
||
|
||
#charset koi8-r;
|
||
|
||
#access_log logs/host.access.log main;
|
||
|
||
#location / {
|
||
# root html;
|
||
# index index.html index.htm;
|
||
#}
|
||
|
||
root html/dist;
|
||
index index.html index.htm;
|
||
|
||
# 根请求会指向的页面
|
||
location / {
|
||
# 此处的 @router 实际上是引用下面的转发,否则在 Vue 路由刷新时可能会抛出 404
|
||
try_files $uri $uri/ @router;
|
||
# 请求指向的首页
|
||
index index.html;
|
||
}
|
||
|
||
location @router {
|
||
rewrite ^.*$ /index.html last;
|
||
}
|
||
|
||
#error_page 404 /404.html;
|
||
|
||
# redirect server error pages to the static page /50x.html
|
||
#
|
||
#error_page 500 502 503 504 /50x.html;
|
||
#location = /50x.html {
|
||
# root html;
|
||
#}
|
||
|
||
location /prod-api {
|
||
proxy_set_header Host $http_host;
|
||
proxy_set_header X-Real-IP $remote_addr;
|
||
#proxy_set_header REMOTE-HOST $remote_addr;
|
||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||
proxy_set_header Cookie $http_cookie;
|
||
proxy_pass http://127.0.0.1:50;
|
||
proxy_redirect off;
|
||
|
||
proxy_set_header HTTP-X-REQUESTED-WITH $http_x_requested_with;
|
||
proxy_set_header HTTP_X_REQUESTED_WITH $http_x_requested_with;
|
||
proxy_set_header x-requested-with $http_x_requested_with;
|
||
client_max_body_size 10m;
|
||
client_body_buffer_size 128k;
|
||
proxy_connect_timeout 90;
|
||
proxy_send_timeout 90;
|
||
proxy_read_timeout 90;
|
||
proxy_buffer_size 128k;
|
||
proxy_buffers 32 32k;
|
||
proxy_busy_buffers_size 128k;
|
||
proxy_temp_file_write_size 128k;
|
||
rewrite ^/prod-api/(.*) /$1 break;
|
||
}
|
||
|
||
location /msghub {
|
||
proxy_pass http://127.0.0.1:50/msgHub;
|
||
|
||
# Configuration for WebSockets
|
||
proxy_set_header Upgrade $http_upgrade;
|
||
proxy_set_header Connection $connection_upgrade;
|
||
proxy_cache off;
|
||
# WebSockets were implemented after http/1.0
|
||
proxy_http_version 1.1;
|
||
|
||
# Configuration for ServerSentEvents
|
||
proxy_buffering off;
|
||
|
||
# Configuration for LongPolling or if your KeepAliveInterval is longer than 60 seconds
|
||
proxy_read_timeout 100s;
|
||
|
||
proxy_set_header Host $host;
|
||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||
proxy_set_header X-Forwarded-Proto $scheme;
|
||
}
|
||
|
||
# proxy the PHP scripts to Apache listening on 127.0.0.1:80
|
||
#
|
||
#location ~ \.php$ {
|
||
# proxy_pass http://127.0.0.1;
|
||
#}
|
||
|
||
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
|
||
#
|
||
#location ~ \.php$ {
|
||
# root html;
|
||
# fastcgi_pass 127.0.0.1:9000;
|
||
# fastcgi_index index.php;
|
||
# fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
|
||
# include fastcgi_params;
|
||
#}
|
||
|
||
# deny access to .htaccess files, if Apache's document root
|
||
# concurs with nginx's one
|
||
#
|
||
#location ~ /\.ht {
|
||
# deny all;
|
||
#}
|
||
}
|
||
|
||
server {
|
||
listen 8087;
|
||
server_name localhost;
|
||
|
||
root html/dist1;
|
||
index index.html index.htm;
|
||
|
||
# 根请求会指向的页面
|
||
location / {
|
||
# 此处的 @router 实际上是引用下面的转发,否则在 Vue 路由刷新时可能会抛出 404
|
||
try_files $uri $uri/ @router;
|
||
# 请求指向的首页
|
||
index index.html;
|
||
}
|
||
|
||
location @router {
|
||
rewrite ^.*$ /index.html last;
|
||
}
|
||
|
||
location /prod-api {
|
||
proxy_set_header Host $http_host;
|
||
proxy_set_header X-Real-IP $remote_addr;
|
||
#proxy_set_header REMOTE-HOST $remote_addr;
|
||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||
proxy_set_header Cookie $http_cookie;
|
||
proxy_pass http://127.0.0.1:8888;
|
||
proxy_redirect off;
|
||
|
||
proxy_set_header HTTP-X-REQUESTED-WITH $http_x_requested_with;
|
||
proxy_set_header HTTP_X_REQUESTED_WITH $http_x_requested_with;
|
||
proxy_set_header x-requested-with $http_x_requested_with;
|
||
client_max_body_size 10m;
|
||
client_body_buffer_size 128k;
|
||
proxy_connect_timeout 90;
|
||
proxy_send_timeout 90;
|
||
proxy_read_timeout 90;
|
||
proxy_buffer_size 128k;
|
||
proxy_buffers 32 32k;
|
||
proxy_busy_buffers_size 128k;
|
||
proxy_temp_file_write_size 128k;
|
||
rewrite ^/prod-api/(.*) /$1 break;
|
||
}
|
||
|
||
location /msghub {
|
||
proxy_pass http://127.0.0.1:8888/msgHub;
|
||
|
||
# Configuration for WebSockets
|
||
proxy_set_header Upgrade $http_upgrade;
|
||
proxy_set_header Connection $connection_upgrade;
|
||
proxy_cache off;
|
||
# WebSockets were implemented after http/1.0
|
||
proxy_http_version 1.1;
|
||
|
||
# Configuration for ServerSentEvents
|
||
proxy_buffering off;
|
||
|
||
# Configuration for LongPolling or if your KeepAliveInterval is longer than 60 seconds
|
||
proxy_read_timeout 100s;
|
||
|
||
proxy_set_header Host $host;
|
||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||
proxy_set_header X-Forwarded-Proto $scheme;
|
||
}
|
||
|
||
}
|
||
# another virtual host using mix of IP-, name-, and port-based configuration
|
||
#
|
||
#server {
|
||
# listen 8000;
|
||
# listen somename:8080;
|
||
# server_name somename alias another.alias;
|
||
|
||
# location / {
|
||
# root html;
|
||
# index index.html index.htm;
|
||
# }
|
||
#}
|
||
|
||
|
||
# HTTPS server
|
||
#
|
||
#server {
|
||
# listen 443 ssl;
|
||
# server_name localhost;
|
||
|
||
# ssl_certificate cert.pem;
|
||
# ssl_certificate_key cert.key;
|
||
|
||
# ssl_session_cache shared:SSL:1m;
|
||
# ssl_session_timeout 5m;
|
||
|
||
# ssl_ciphers HIGH:!aNULL:!MD5;
|
||
# ssl_prefer_server_ciphers on;
|
||
|
||
# location / {
|
||
# root html;
|
||
# index index.html index.htm;
|
||
# }
|
||
#}
|
||
|
||
}
|
||
|
||
```
|
||
|