正向代理服務器:局域網內的主機通過一個正向代理服務器訪問外網服務器,並將外網服務器上的結果返回給局域網內的主機; 反向代理服務器:來自Internet上的請求通過反向代理服務器來訪問局域網內的服務器,並將從局域網服務器得到的結果返回給Internet上請求連接的客戶端;
The way nginx and its modules work is determined in the configuration file.
By default, the configuration file is named nginx.conf and placed in the directory /usr/local/nginx/conf, /etc/nginx, or /usr/local/etc/nginx.
Starting, Stopping, and Reloading Configuration
To start nginx, run the executable file. Once nginx is started, it can be controlled by invoking the executable with the -s parameter. Use the following syntax:
nginx -s signal
Where signal may be one of the following:
stop — fast shutdown
quit — graceful shutdown
reload — reloading the configuration file
reopen — reopening the log files
For example, to stop nginx processes with waiting for the worker processes to finish serving current requests, the following command can be executed:
nginx -s quit
This command should be executed under the same user that started nginx.
Changes made in the configuration file will not be applied until the command to reload configuration is sent to nginx or it is restarted. To reload configuration, execute:
nginx -s reload
Once the master process receives the signal to reload configuration, it checks the syntax validity of the new configuration file and tries to apply the configuration provided in it. If this is a success, the master process starts new worker processes and sends messages to old worker processes, requesting them to shut down. Otherwise, the master process rolls back the changes and continues to work with the old configuration. Old worker processes, receiving a command to shut down, stop accepting new connections and continue to service current requests until all such requests are serviced. After that, the old worker processes exit.
A signal may also be sent to nginx processes with the help of Unix tools such as the kill utility. In this case a signal is sent directly to a process with a given process ID. The process ID of the nginx master process is written, by default, to the nginx.pid in the directory /usr/local/nginx/logs or /var/run. For example, if the master process ID is 1628, to send the QUIT signal resulting in nginx’s graceful shutdown, execute:
kill -s QUIT 1628
For getting the list of all running nginx processes, the ps utility may be used, for example, in the following way:
ps -ax | grep nginx
For more information on sending signals to nginx, see Controlling nginx.
http://nginx.org/en/docs/beginners_guide.html
rewrite通過正則表達式的使用來改變URI,可以同時存在一個或者多個指令,按照順序依次對URL進行匹配和處理(使用break可以依次處理,其它不可以)。
rewrite語法:rewrite regex replacement [falg];regex用於匹配URI的正則表達式。使用括號“()”標記想要截取的內容。
flag由以下幾個選項:last,break,redirect,permanent
說明:
rewrite接收到的URI不包含host地址。因此regex不可能匹配到URI的host地址
例如URL: http://myweb.com/source?arg1=value1&arg2=value2
rewrite指令接收到的URI為"/source“,不包含"?arg1=value1&arg2=value2"
replace,匹配成功后用於替換URI中被截取內容的字符串。默認情況下,如果該字符串是由”http://"或者"https://"開頭的,則不會繼續向下對URI進行其它處理,而直接將重寫后的URI返回給客戶端。
rewrite模塊接收到的URI不包含URL中的請求信息(queryString),如果我們希望將這些指令傳給重寫后的URI,需要怎么做呢?
Nginx全局變量$request_uri可以幫忙,
rewrite myweb.com http://example.com$request_uri? permanent;
幾個名詞解析:
$request_uri This variable is equal to the *original* request URI as received from the client including the args.
It cannot be modified. Look at $uri for the post-rewrite/altered URI. Does not include host name.
Example: "/foo/bar.php?arg=baz" 這個變量等於從客戶端發送來的原生請求URI,包括參數。它不可以進行修改。$uri變量反映的是重寫后/改變的URI。不包括主機名。
例如:"/foo/bar.php?arg=baz" $uri This variable is the current request URI, without any arguments (see argsforthose).
This variable will reflect any modification sdonesofarbyinternalredirectsortheindexmodule.
Note this maybe different from args for those).
This variable will reflect any modificationsdones ofarbyinternalredirectsortheindexmodule.
Notethismaybedifferentfromrequest_uri, as $request_uri is what was originally sent by the browser before any such modifications.
Does not include the protocol or host name. Example: /foo/bar.html 這個變量指當前的請求URI,不包括任何參數(見args)。這個變量反映任何內部重定向或index模塊所做的修改。
注意,這和args)。這個變量反映任何內部重定向或index模塊所做的修改。注意,這和request_uri不同,因$request_uri是瀏覽器發起的不做任何修改的原生URI。
不包括協議及主機名。例如:"/foo/bar.html" $document_uri The same as $uri. 同$uri.
處理query_string
(1)什么是query_string:
http://i.cnblogs.com/EditPosts.aspx?opt=1
上面鏈接中的?后面的opt=1就是query_string,即url中?后面的都是
(2)nginx中如何獲取到上面的值。本例以query_string有一個key為例,多個就是多個正則引用$1,$2的區別而已
nginx中全局變量$args和$query_string中存放的數據就是請求的url中帶的query_string
如何獲取query_string中key對應的value呢,以上面的鏈接為例,就是key:opt 對應的value: 1
方法1:下面使用了permanent,因為使用last沒有生效。那個大神給看看是什么原因
last沒有生效的原因是:
last,終止繼續在本location塊中處理接收到的URI,並將此處重寫的URI作為一個新的URI,使用各location塊進行處理。
last標志將重寫后的URI重新在server塊中執行,為重寫后的URI提供了轉入到其它location塊的機會
看到這時,是不是有的小伙伴已經發現一個bug,下面的是不是就死循環了:
location /myweb/{
rewrite ^(/myweb/.*)/media/(.*)\..*$ myweb/$1/mp3/$2.mp3 last;
}
的確會出現死循環,
因為使用last,相當於一個新請求進來,再重新走一遍location。重寫后的URI會被該location塊重新匹配到
Nginx服務器遇到這種情況,會嘗試10次循環之后返回錯誤狀態代碼500
rewrite中與last容易混淆的幾個用來設置rewrite對URI處理行為的flag,也簡單介紹一下:
break,將此處重寫的URI作為一個新的URI,在本塊中繼續進行處理。該標志將重寫后的地址在當前的location塊中執行,不會將新的URI轉向到其他location塊
redirect,將重寫后的URI返回給客戶端,狀態代碼為302,指明是臨時重定向URI,主要用在replacement變量不是以"http://"或"https://"開頭的情況下
permanent,將重寫后的URI返回給客戶端,狀態代碼301,指明是永久重定向URI,
location /EditPosts.aspx {
if ($args ~ opt=(\d+)){
set $opt $1; #將截取到的opt對應的值$1賦值給變量$opt(變量必須以$開頭,並且不能與nginx預設的全局變量同名)以備后用。
rewrite /(.*)\.aspx /$1/$opt? permanent; #最后的?很關鍵,表示正則結束,不然rewrite后的url會變成/EditPosts/1?opt=1
}
}
在正則表達式中可以,可以使用小括號對變量值進行截取,在花括號中使用$1...$9引用截取的值(注意,$后面的數字從1開始的哦)
方法2:
location /EditPosts.aspx {
if ($args ~ opt=(\d+)){
rewrite /(\w*)\.aspx /$1/$arg_opt? permanent; #即$arg_query_string中key代表的字符串
}
}
log_format及nginx的部分預設全局變量的值:
log_format main '$remote_addr - $remote_user [$time_local] "$uri" - "$request_uri" -"$request" -"$status" "$http_referer" "$http_user_agent" ' ' "$http_x_forwarded_for" "$request_time" ' '[$cookie_customerID_cookie_flag] [$args]' ; 127.0.0.1 - - [11/Jul/2016:17:11:56 +0800] "/bbs/index.html" - "/bbs/" -"GET /bbs/ HTTP/1.1" -"200" "-" "Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/45.0.2454.85 Safari/537.36" "-" "0.000" [-] [-] 127.0.0.1 - - [11/Jul/2016:17:11:57 +0800] "/vender/AdminLTE/AdminLTE.min.css" - "/vender/AdminLTE/AdminLTE.min.css" -"GET /vender/AdminLTE/AdminLTE.min.css HTTP/1.1" -"200" "http://localhost/bbs/" "Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/45.0.2454.85 Safari/537.36" "-" "0.000" [-] [-] 127.0.0.1 - - [11/Jul/2016:17:11:57 +0800] "/vender/bootstrap_v3.3.5/css/bootstrap.min.css" - "/vender/bootstrap_v3.3.5/css/bootstrap.min.css" -"GET /vender/bootstrap_v3.3.5/css/bootstrap.min.css HTTP/1.1" -"200" "http://localhost/bbs/" "Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/45.0.2454.85 Safari/537.36" "-" "0.000" [-] [-]
粘一個匹配過程:
location / {
root D:/workspace/webapp;
index index.html index.htm;
}
location /api {
proxy_pass http://localhsot:9090/api;
}
location /topic/view {
rewrite /topic/view/(.*) /topic/#/$1 permanent;
}
location ~ /topic/module/\d+ {
if ($args ~ type=(\d+)){
#set $type $1;
#rewrite /topic/module/(\d+) /hello/#/$1?cid=$type? permanent;
rewrite /topic/module/(\d+) /hello/#/$1?cid=$arg_type? permanent;
}
rewrite /topic/module/(\d+) /hello/#/$1 permanent;
}
2016/07/12 18:44:23 [debug] 3580#292: post event 0054E058
2016/07/12 18:44:23 [debug] 3580#292: delete posted event 0054E058
2016/07/12 18:44:23 [debug] 3580#292: accept on 0.0.0.0:80, ready: 0
2016/07/12 18:44:23 [debug] 3580#292: malloc: 00512E08:256
2016/07/12 18:44:23 [debug] 3580#292: *89 accept: 127.0.0.1:49491 fd:400
2016/07/12 18:44:23 [debug] 3580#292: *89 event timer add: 400: 60000:3736476011
2016/07/12 18:44:23 [debug] 3580#292: *89 reusable connection: 1
2016/07/12 18:44:23 [debug] 3580#292: *89 select add event fd:400 ev:0
2016/07/12 18:44:23 [debug] 3580#292: *89 post event 0054E0A8
2016/07/12 18:44:23 [debug] 3580#292: *89 delete posted event 0054E0A8
2016/07/12 18:44:23 [debug] 3580#292: *89 http wait request handler
2016/07/12 18:44:23 [debug] 3580#292: *89 malloc: 005211A0:1024
2016/07/12 18:44:23 [debug] 3580#292: *89 WSARecv: fd:400 rc:0 444 of 1024
2016/07/12 18:44:23 [debug] 3580#292: *89 reusable connection: 0
2016/07/12 18:44:23 [debug] 3580#292: *89 malloc: 00518010:4096
2016/07/12 18:44:23 [debug] 3580#292: *89 http process request line
2016/07/12 18:44:23 [debug] 3580#292: *89 http request line: "GET /topic/module/7?channel=3 HTTP/1.1"
2016/07/12 18:44:23 [debug] 3580#292: *89 http uri: "/topic/module/7"
2016/07/12 18:44:23 [debug] 3580#292: *89 http args: "channel=3"
2016/07/12 18:44:23 [debug] 3580#292: *89 http exten: ""
2016/07/12 18:44:23 [debug] 3580#292: *89 http process request header line
2016/07/12 18:44:23 [debug] 3580#292: *89 http header: "Host: localhost"
2016/07/12 18:44:23 [debug] 3580#292: *89 http header: "Connection: keep-alive"
2016/07/12 18:44:23 [debug] 3580#292: *89 http header: "Upgrade-Insecure-Requests: 1"
2016/07/12 18:44:23 [debug] 3580#292: *89 http header: "User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.106 Safari/537.36"
2016/07/12 18:44:23 [debug] 3580#292: *89 http header: "Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8"
2016/07/12 18:44:23 [debug] 3580#292: *89 http header: "Accept-Encoding: gzip, deflate, sdch"
2016/07/12 18:44:23 [debug] 3580#292: *89 http header: "Accept-Language: zh-CN,zh;q=0.8"
2016/07/12 18:44:23 [debug] 3580#292: *89 http header: "Cookie: JSESSIONID=608D2B53198A02DE2B977D976A6DE026"
2016/07/12 18:44:23 [debug] 3580#292: *89 http header done
2016/07/12 18:44:23 [debug] 3580#292: *89 event timer del: 400: 3736476011
2016/07/12 18:44:23 [debug] 3580#292: *89 generic phase: 0
2016/07/12 18:44:23 [debug] 3580#292: *89 rewrite phase: 1
2016/07/12 18:44:23 [debug] 3580#292: *89 test location: "/"
2016/07/12 18:44:23 [debug] 3580#292: *89 test location: "api"
2016/07/12 18:44:23 [debug] 3580#292: *89 test location: "topic/view"
2016/07/12 18:44:23 [debug] 3580#292: *89 test location: ~ "/topic/module/\d+"
2016/07/12 18:44:23 [debug] 3580#292: *89 using configuration "/topic/module/\d+"
2016/07/12 18:44:23 [debug] 3580#292: *89 http cl:-1 max:1048576
2016/07/12 18:44:23 [debug] 3580#292: *89 rewrite phase: 3
2016/07/12 18:44:23 [debug] 3580#292: *89 http script var
2016/07/12 18:44:23 [debug] 3580#292: *89 http script var: "channel=3"
2016/07/12 18:44:23 [debug] 3580#292: *89 http script regex: "channel=(\d+)"
2016/07/12 18:44:23 [notice] 3580#292: *89 "channel=(\d+)" matches "channel=3", client: 127.0.0.1, server: localhost, request: "GET /topic/module/7?channel=3 HTTP/1.1", host: "localhost"
2016/07/12 18:44:23 [debug] 3580#292: *89 http script if
2016/07/12 18:44:23 [debug] 3580#292: *89 http script regex: "/topic/module/(\d+)"
2016/07/12 18:44:23 [notice] 3580#292: *89 "/topic/module/(\d+)" matches "/topic/module/7", client: 127.0.0.1, server: localhost, request: "GET /topic/module/7?channel=3 HTTP/1.1", host: "localhost"
2016/07/12 18:44:23 [debug] 3580#292: *89 http script copy: "/bbs/#/"
2016/07/12 18:44:23 [debug] 3580#292: *89 http script capture: "7"
2016/07/12 18:44:23 [debug] 3580#292: *89 http script copy: "?cid="
2016/07/12 18:44:23 [debug] 3580#292: *89 http script var: "3"
2016/07/12 18:44:23 [debug] 3580#292: *89 http script regex end
2016/07/12 18:44:23 [notice] 3580#292: *89 rewritten redirect: "/bbs/#/7?cid=3", client: 127.0.0.1, server: localhost, request: "GET /topic/module/7?channel=3 HTTP/1.1", host: "localhost"
2016/07/12 18:44:23 [debug] 3580#292: *89 http finalize request: 301, "/topic/module/7?channel=3" a:1, c:1
2016/07/12 18:44:23 [debug] 3580#292: *89 http special response: 301, "/topic/module/7?channel=3"
2016/07/12 18:44:23 [debug] 3580#292: *89 http set discard body
2016/07/12 18:44:23 [debug] 3580#292: *89 HTTP/1.1 301 Moved Permanently
Server: nginx/1.10.1
Date: Tue, 12 Jul 2016 10:44:23 GMT
Content-Type: text/html
Content-Length: 185
Location: http://localhost/bbs/#/7?cid=3
Connection: keep-alive
2016/07/12 18:44:23 [debug] 3580#292: *89 write new buf t:1 f:0 0051896C, pos 0051896C, size: 205 file: 0, size: 0
2016/07/12 18:44:23 [debug] 3580#292: *89 http write filter: l:0 f:0 s:205
2016/07/12 18:44:23 [debug] 3580#292: *89 http output filter "/topic/module/7?channel=3"
2016/07/12 18:44:23 [debug] 3580#292: *89 http copy filter: "/topic/module/7?channel=3"
2016/07/12 18:44:23 [debug] 3580#292: *89 http postpone filter "/topic/module/7?channel=3" 00518B04
2016/07/12 18:44:23 [debug] 3580#292: *89 write old buf t:1 f:0 0051896C, pos 0051896C, size: 205 file: 0, size: 0
2016/07/12 18:44:23 [debug] 3580#292: *89 write new buf t:0 f:0 00000000, pos 00EC39D8, size: 132 file: 0, size: 0
2016/07/12 18:44:23 [debug] 3580#292: *89 write new buf t:0 f:0 00000000, pos 00EC3780, size: 53 file: 0, size: 0
2016/07/12 18:44:23 [debug] 3580#292: *89 http write filter: l:1 f:0 s:390
2016/07/12 18:44:23 [debug] 3580#292: *89 http write filter limit 0
2016/07/12 18:44:23 [debug] 3580#292: *89 WSASend: fd:400, s:390
2016/07/12 18:44:23 [debug] 3580#292: *89 http write filter 00000000
2016/07/12 18:44:23 [debug] 3580#292: *89 http copy filter: 0 "/topic/module/7?channel=3"
2016/07/12 18:44:23 [debug] 3580#292: *89 http finalize request: 0, "/topic/module/7?channel=3" a:1, c:1
2016/07/12 18:44:23 [debug] 3580#292: *89 set http keepalive handler
2016/07/12 18:44:23 [debug] 3580#292: *89 http close request
2016/07/12 18:44:23 [debug] 3580#292: *89 http log handler
2016/07/12 18:44:23 [debug] 3580#292: *89 free: 00518010, unused: 1022
2016/07/12 18:44:23 [debug] 3580#292: *89 free: 005211A0
2016/07/12 18:44:23 [debug] 3580#292: *89 hc free: 00000000 0
2016/07/12 18:44:23 [debug] 3580#292: *89 hc busy: 00000000 0
2016/07/12 18:44:23 [debug] 3580#292: *89 tcp_nodelay
上面提到的問題解決了,原因是如下:
2016/07/12 20:13:28 [debug] 4044#3764: *15 http process request line
2016/07/12 20:13:28 [debug] 4044#3764: *15 http request line: "GET /topic/module/7?channel=3 HTTP/1.1"
2016/07/12 20:13:28 [debug] 4044#3764: *15 http uri: "/topic/module/7"
2016/07/12 20:13:28 [debug] 4044#3764: *15 http args: "channel=3"
2016/07/12 20:13:28 [debug] 4044#3764: *15 http exten: ""
2016/07/12 20:13:28 [debug] 4044#3764: *15 http process request header line
2016/07/12 20:13:28 [debug] 4044#3764: *15 http header: "Host: localhost"
2016/07/12 20:13:28 [debug] 4044#3764: *15 http header: "Connection: keep-alive"
2016/07/12 20:13:28 [debug] 4044#3764: *15 http header: "Upgrade-Insecure-Requests: 1"
2016/07/12 20:13:28 [debug] 4044#3764: *15 http header: "User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.106 Safari/537.36"
2016/07/12 20:13:28 [debug] 4044#3764: *15 http header: "Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8"
2016/07/12 20:13:28 [debug] 4044#3764: *15 http header: "Accept-Encoding: gzip, deflate, sdch"
2016/07/12 20:13:28 [debug] 4044#3764: *15 http header: "Accept-Language: zh-CN,zh;q=0.8"
2016/07/12 20:13:28 [debug] 4044#3764: *15 http header done
2016/07/12 20:13:28 [debug] 4044#3764: *15 event timer del: 400: 3741821009
2016/07/12 20:13:28 [debug] 4044#3764: *15 generic phase: 0
2016/07/12 20:13:28 [debug] 4044#3764: *15 rewrite phase: 1
2016/07/12 20:13:28 [debug] 4044#3764: *15 test location: "/"
2016/07/12 20:13:28 [debug] 4044#3764: *15 test location: "api"
2016/07/12 20:13:28 [debug] 4044#3764: *15 test location: "topic/view"
2016/07/12 20:13:28 [debug] 4044#3764: *15 test location: ~ "/topic/module/\d+"
2016/07/12 20:13:28 [debug] 4044#3764: *15 using configuration "/topic/module/\d+"
2016/07/12 20:13:28 [debug] 4044#3764: *15 http cl:-1 max:1048576
2016/07/12 20:13:28 [debug] 4044#3764: *15 rewrite phase: 3
2016/07/12 20:13:28 [debug] 4044#3764: *15 http script var
2016/07/12 20:13:28 [debug] 4044#3764: *15 http script var: "channel=3"
2016/07/12 20:13:28 [debug] 4044#3764: *15 http script regex: "channel=(\d+)"
2016/07/12 20:13:28 [notice] 4044#3764: *15 "channel=(\d+)" matches "channel=3", client: 127.0.0.1, server: localhost, request: "GET /topic/module/7?channel=3 HTTP/1.1", host: "localhost"
2016/07/12 20:13:28 [debug] 4044#3764: *15 http script if
2016/07/12 20:13:28 [debug] 4044#3764: *15 http script regex: "/topic/module/(\d+)"
2016/07/12 20:13:28 [notice] 4044#3764: *15 "/topic/module/(\d+)" matches "/topic/module/7", client: 127.0.0.1, server: localhost, request: "GET /topic/module/7?channel=3 HTTP/1.1", host: "localhost"
2016/07/12 20:13:28 [debug] 4044#3764: *15 http script copy: "/bbs/#/"
2016/07/12 20:13:28 [debug] 4044#3764: *15 http script capture: "7"
2016/07/12 20:13:28 [debug] 4044#3764: *15 http script args
2016/07/12 20:13:28 [debug] 4044#3764: *15 http script copy: "cid="
2016/07/12 20:13:28 [debug] 4044#3764: *15 http script var: "3"
2016/07/12 20:13:28 [debug] 4044#3764: *15 http script regex end
2016/07/12 20:13:28 [notice] 4044#3764: *15 rewritten data: "/bbs/#/7", args: "cid=3", client: 127.0.0.1, server: localhost, request: "GET /topic/module/7?channel=3 HTTP/1.1", host: "localhost"
2016/07/12 20:13:28 [debug] 4044#3764: *15 post rewrite phase: 4
2016/07/12 20:13:28 [debug] 4044#3764: *15 uri changes: 11
2016/07/12 20:13:28 [debug] 4044#3764: *15 test location: "/"
2016/07/12 20:13:28 [debug] 4044#3764: *15 test location: "api"
2016/07/12 20:13:28 [debug] 4044#3764: *15 test location: "topic/view"
2016/07/12 20:13:28 [debug] 4044#3764: *15 test location: ~ "/topic/module/\d+"
2016/07/12 20:13:28 [debug] 4044#3764: *15 using configuration "/"
2016/07/12 20:13:28 [debug] 4044#3764: *15 http cl:-1 max:1048576
2016/07/12 20:13:28 [debug] 4044#3764: *15 rewrite phase: 3
2016/07/12 20:13:28 [debug] 4044#3764: *15 post rewrite phase: 4
2016/07/12 20:13:28 [debug] 4044#3764: *15 generic phase: 5
2016/07/12 20:13:28 [debug] 4044#3764: *15 generic phase: 6
2016/07/12 20:13:28 [debug] 4044#3764: *15 generic phase: 7
2016/07/12 20:13:28 [debug] 4044#3764: *15 access phase: 8
2016/07/12 20:13:28 [debug] 4044#3764: *15 access phase: 9
2016/07/12 20:13:28 [debug] 4044#3764: *15 access phase: 10
2016/07/12 20:13:28 [debug] 4044#3764: *15 post access phase: 11
2016/07/12 20:13:28 [debug] 4044#3764: *15 content phase: 12
2016/07/12 20:13:28 [debug] 4044#3764: *15 content phase: 13
2016/07/12 20:13:28 [debug] 4044#3764: *15 content phase: 14
2016/07/12 20:13:28 [debug] 4044#3764: *15 content phase: 15
2016/07/12 20:13:28 [debug] 4044#3764: *15 content phase: 16
2016/07/12 20:13:28 [debug] 4044#3764: *15 content phase: 17
2016/07/12 20:13:28 [debug] 4044#3764: *15 http filename: "D:/workspace/webapp/bbs/#/7"
2016/07/12 20:13:28 [debug] 4044#3764: *15 add cleanup: 00DF8948
2016/07/12 20:13:28 [error] 4044#3764: *15 CreateFile() "D:/workspace/webapp/bbs/#/7" failed (3: The system cannot find the path specified), client: 127.0.0.1, server: localhost, request: "GET /topic/module/7?channel=3 HTTP/1.1", host: "localhost"
2016/07/12 20:13:28 [debug] 4044#3764: *15 http finalize request: 404, "/bbs/#/7?cid=3" a:1, c:1
2016/07/12 20:13:28 [debug] 4044#3764: *15 http special response: 404, "/bbs/#/7?cid=3"
2016/07/12 20:13:28 [debug] 4044#3764: *15 internal redirect: "/404.html?"
報錯:
2017/02/16 11:36:39 [emerg] 4008#0: bind() to 0.0.0.0:80 failed (13: Permission denied)
2017/02/16 11:36:57 [error] 4013#0: *2 "/home/ec2-user/nginx/html/index.html" is forbidden (13: Permission denied), client: 196.1.1.200, server: localhost, request: "GET / HTTP/1.1", host: "196.1.1.100"
2017/02/16 11:36:58 [error] 4013#0: *2 "/home/ec2-user/nginx/html/index.html" is forbidden (13: Permission denied), client: 196.1.1.200, server: localhost, request: "GET / HTTP/1.1", host: "196.1.1.100"
2017/02/16 11:37:02 [error] 4013#0: *2 "/home/ec2-user/nginx/html/index.html" is forbidden (13: Permission denied), client: 196.1.1.200, server: localhost, request: "GET / HTTP/1.1", host: "196.1.1.100"
2017/02/16 11:40:16 [emerg] 4031#0: bind() to 0.0.0.0:80 failed (13: Permission denied)
2017/02/16 11:40:43 [error] 4037#0: *1 "/home/ec2-user/nginx/html/index.html" is forbidden (13: Permission denied), client: 196.1.1.200, server: localhost, request: "GET / HTTP/1.1", host: "196.1.1.100"
2017/02/16 11:40:44 [error] 4037#0: *1 "/home/ec2-user/nginx/html/index.html" is forbidden (13: Permission denied), client: 196.1.1.200, server: localhost, request: "GET / HTTP/1.1", host: "196.1.1.100"
2017/02/16 11:40:45 [error] 4037#0: *1 "/home/ec2-user/nginx/html/index.html" is forbidden (13: Permission denied), client: 196.1.1.200, server: localhost, request: "GET / HTTP/1.1", host: "196.1.1.100"
2017/02/16 11:43:11 [error] 4037#0: *2 "/home/ec2-user/nginx/html/index.html" is forbidden (13: Permission denied), client: 196.1.1.200, server: localhost, request: "GET / HTTP/1.1", host: "196.1.1.100"
解決辦法:
One permission requirement that is often overlooked is a user needs x permissions in every parent directory of a file to access that file. Check the permissions on /, /home, /home/demo, etc. for www-data x access. My guess is that /home is probably 770 and www-data can't chdir through it to get to any subdir. If it is, try chmod o+x /home (or whatever dir is denying the request).
EDIT: To easily display all the permissions on a path, you can use namei -om /path/to/check
Same here. On my install of CentOS 6, /home/user dirs are set to 700 by default.
http://stackoverflow.com/questions/6795350/nginx-403-forbidden-for-all-files
問題:
2017/10/27 17:16:17 [alert] 1347#0: *19916 socket() failed (24: Too many open files) while connecting to upstream, client: 120.132.18.132, server: _, request: "GET /admin/v1/evaluation/careers HTTP/1.1", upstream: "http://10.25.174.68:5000/admin/v1/evaluation/careers", host: "120.132.18.132", referrer: "http://1gepingguo.cn/swagger-ui.html"
2017/10/27 17:16:17 [crit] 1347#0: *19916 open() "/usr/share/nginx/html/50x.html" failed (24: Too many open files), client: 120.132.18.132, server: _, request: "GET /admin/v1/evaluation/careers HTTP/1.1", upstream: "http://10.25.174.68:5000/admin/v1/evaluation/careers", host: "120.132.18.132", referrer: "http://1gepingguo.cn/swagger-ui.html"
2017/10/27 17:21:30 [notice] 1373#0: signal process started
解決辦法:
#nginx worker進程運行用戶以及用戶組
user nobody nobody;
#nginx worker數量
worker_processes 4;
#全局錯誤日志文件,日志輸出級別有debug、info、notice、warn、error、crit(類似於Python中的logging)
error_log logs/error.log notice;
#指定主進程id的存儲文件位置
pid logs/nginx.pid;
#指定一個nginx進程可以打開的最多文件描述符數目
worker_rlimit_nofile 65535; //增加此配置
#設定nginx的工作模式及連接數上限
events{
use epoll; #linux 服務器的優點所在
worker_connections 65536;#設定worker的最大連接數
}
http://inbank2012.blog.51cto.com/6302802/1097939
http://www.cnblogs.com/coder2012/p/4072387.html
location /public{
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://localhost:8080;
}
tomcat access log的日志記錄:
[30/Nov/2017:10:21:24 +0800] [http-nio-9090-exec-1] 101.81.27.120 127.0.0.1 GET /public/css/mycss.css HTTP/1.0 304 (3 ms)
Nginx是可以做正向代理的,但是必須指定resolver(既DNS)。但是我沒有搭建內網DNS,所以就把104又搭建成了一台反向代理來模擬正向代理。我認為正向、反向代理原理都是差不多的,取得的結果也應該差不多的
我們在客戶機上打開瀏覽器訪問http://xxxx.com,看到的結果是:
REMOTE_ADDR=192.168.1.105
HTTP_X_FORWARDED_FOR=192.168.1.101, 192.168.1.104, 192.168.1.105
HTTP_X_REAL_IP=192.168.1.104
106上的Nginx log是:
remote_addr=192.168.1.105:34780, http_x_forwarded_for=192.168.1.101, 192.168.1.104, proxy_add_x_forwarded_for=192.168.1.101, 192.168.1.104, 192.168.1.105
105上的Nginx log是:
remote_addr=192.168.1.104:60142, http_x_forwarded_for=192.168.1.101, proxy_add_x_forwarded_for=192.168.1.101, 192.168.1.104
104上的Nginx log是:
remote_addr=192.168.1.101:23470, http_x_forwarded_for=-, proxy_add_x_forwarded_for=192.168.1.101
結果描述:
REMOTE_ADDR還是反向代理105的IP地址
HTTP_X_FORWARDED_FOR記錄了真實客戶端IP和兩台反向代理IP,以逗號分隔。
HTTP_X_REAL_IP變成了104
結論:
在默認配置情況下,如果要取得客戶端真實IP地址的話,只有取HTTP_X_FORWARDED_FOR的第一個逗號前的IP地址最靠譜,其他的地址都有可能被重寫。當然,如果連HTTP_X_FORWARDED_FOR都被重寫的話就另當別論了
https://www.cnblogs.com/harryc/p/6361892.html
Nginx的https配置記錄以及http強制跳轉到https的方法梳理
server {
listen 80;
server_name dev.wangshibo.com;
index index.html index.php index.htm;
access_log /usr/local/nginx/logs/8080-access.log main;
error_log /usr/local/nginx/logs/8080-error.log;
return 301 https://$server_name$request_uri; //這是nginx最新支持的寫法
location ~ / {
root /var/www/html/8080;
index index.html index.php index.htm;
}
}
https://www.cnblogs.com/kevingrace/p/6187072.html