aoaonginx

发布于 2024年04月05日

:hibiscus: nginx这个所有IT必要会啊,太强大了

nginx web服务器

代理中转访问

server {
    listen 80;

    server_name _;

    location / {
        proxy_pass http://www.google.com;
        proxy_set_header Host www.google.com;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
    }
}

http反向代理

server {
    listen 80 ;
    listen 443 ssl http2 ;
    server_name aoao.club;
    index index.php index.html index.htm default.php default.htm default.html;
    proxy_set_header Host $host;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Host $server_name;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "upgrade";
    access_log /www/sites/aoao.club/log/access.log;
    error_log /www/sites/aoao.club/log/error.log;
    access_by_lua_file /www/common/waf/access.lua;
    set $RulePath /www/sites/aoao.club/waf/rules;
    set $logdir /www/sites/aoao.club/log;
    set $redirect on;
    set $attackLog on;
    set $CCDeny off;
    set $urlWhiteAllow off;
    set $urlBlockDeny off;
    set $argsDeny off;
    set $postDeny off;
    set $cookieDeny off;
    set $fileExtDeny off;
    set $ipBlockDeny off;
    set $ipWhiteAllow off;
    location ^~ /.well-known/acme-challenge {
        allow all;
        root /usr/share/nginx/html;
    }
    if ($scheme = http) {
        return 301 https://$host$request_uri;
    }
    ssl_certificate /www/sites/aoao.club/ssl/fullchain.pem;
    ssl_certificate_key /www/sites/aoao.club/ssl/privkey.pem;

    location / {
        proxy_pass http://127.0.0.1:8080;
        proxy_pass http://127.0.0.1:8081;
    }
}

TCP upstream 负载均衡反向代理

轮询代理

upstream aoao {
        server  123.123.123.123:8081;
        server  123.123.123.123:8081;
}

location /{
   proxy_pass http://hello
}

最少连接负载均衡反向代理

stream {
    upstream aoao {
        least_conn; # 指定使用最少连接算法
        server backend1.example.com:3306;
        server backend2.example.com:3306;
        server backend3.example.com:3306;
    }

    server {
        listen 3306; # 监听端口 3306
        proxy_pass aoao; # 将请求转发到 backend 集群
        proxy_connect_timeout 1s; # 连接超时设置
        proxy_timeout 3s; # 代理超时设置
    }
}

哈希连接负载均衡反向代理

http {
    upstream aoao {
        hash $remote_addr; # 使用客户端 IP 地址作为哈希键值
        server backend1.example.com;
        server backend2.example.com;
    }

    server {
        listen 80;

        location / {
            proxy_pass http://aoao;
        }
    }
}

redirect 重定向跳转

if ($host ~ '^file.aoao.club') {
    return 301 http://test.aoao.club:40072/$request_uri;
}

增加一个超链接

、、、

location = /aoao.xml{
   alias /www/sites/aoao.xml
}

、、、
HTTP状态码

常见状态码及含义

HTTP状态码

常见状态码及含义

状态状态码含义
2xx
200OK,服务器成功返回网页(可以正常给用户响应)
3xx
301Moved Permanently(永久跳转);请求的网页已永久跳转到新位置。类似于搬家
302Moved Temporarily(临时跳转),用户访问页的域名临时进行跳转。用于http-->https
304Not Modified(没有修改),用户访问资源(内容)来自于浏览器缓存
4xx
403Forbidden(禁止访问,权限拒绝)
404Not Found(服务器找不到请求的页面)
5xx
500Internal Server Error(内部服务器错误)
502Bad Gateway(坏的网关),一般是网关服务器请求后端服务器时,后端服务没有按照http协议正确返回结果
503Service Unavailable(服务当前不可用),可能因为超载或停机维护
504Gateway Timeout(网关超时),一般是网关服务器请求后端服务器时,后端服务没有在特定的时间内完成服务


评论