[root@localhost ~]# systemctl stop firewalld.service 
[root@localhost ~]# setenforce 0
[root@localhost ~]# yum -y install pcre-devel zlib-devel gcc gcc-c++ make

2.编译安装Nginx

[root@localhost opt]# rz -E
rz waiting to receive.
[root@localhost opt]# ls
nginx-1.12.0.tar.gz
[root@localhost opt]# tar zxf nginx-1.12.0.tar.gz 
[root@localhost opt]# ls
nginx-1.12.0  nginx-1.12.0.tar.gz
[root@localhost opt]# cd nginx-1.12.0/
[root@localhost nginx-1.12.0]# ls
auto  CHANGES  CHANGES.ru  conf  configure  contrib  html  LICENSE  man  README  src
[root@localhost nginx-1.12.0]# ./configure \
> --prefix=/usr/local/nginx \
> --user=nginx \
> --group=nginx \
> --with-http_stub_status_module
[root@localhost nginx-1.12.0]# make && make install -j4

3.优化路径

[root@localhost nginx-1.12.0]# ln -s /usr/local/nginx/sbin/nginx /usr/local/sbin/

4.添加 Nginx 系统服务

[root@localhost nginx-1.12.0]# cd /lib/systemd/system
[root@localhost system]# vim nginx.service
[Unit]
Description=nginx
After=network.target
[Service]
Type=forking
PIDFile=/usr/local/nginx/logs/nginx.pid
ExecStart=/usr/local/nginx/sbin/nginx
ExecReload=/usr/bin/kill -s HUP $MAINPID
ExecStop=/usr/bin/kill -s QUIT $MAINPID
PrivateTmp=true
[Install]
WantedBy=multi-user.target
[root@localhost system]# systemctl start nginx.service
[root@localhost system]# systemctl enable nginx.service
Created symlink from /etc/systemd/system/multi-user.target.wants/nginx.service to /usr/lib/systemd/system/nginx.service.
[root@localhost system]# ss -natp |grep 80
LISTEN     0      128          *:80                       *:*                   users:(("nginx",pid=5117,fd=6),("nginx",pid=5116,fd=6))

二.隐藏版本号

1.查看版本号

[root@localhost ~]# cd /usr/local/nginx/html
[root@localhost html]# ls
50x.html  index.html
[root@localhost html]# rz -E
rz waiting to receive.
[root@localhost html]# ls
1.jpg  50x.html  index.html

http://192.168.68.30/1.jpg

此时可以查看nginx的版本号和ip地址

curl -I ＋IP地址也可以查看nginx的版本号

2.隐藏版本号法一

修改主配置文件

[root@localhost html]# vim /usr/local/nginx/conf/nginx.conf

[root@localhost html]# vim /usr/local/nginx/conf/nginx.conf
 18     include       mime.types;
 19     default_type  application/octet-stream;
 20     server_tokens off;
##加入server_tokens off
[root@localhost html]# cd ..
[root@localhost nginx]# nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
[root@localhost nginx]# systemctl restart nginx.service

3.隐藏版本号法二

修改源码文件，重新编译安装

重新编译安装

[root@localhost nginx-1.12.0]# vim /usr/local/nginx/conf/nginx.conf

[root@localhost ~]# cd /opt/
[root@localhost opt]# cd nginx-1.12.0/
[root@localhost nginx-1.12.0]# 
[root@localhost nginx-1.12.0]# cd
[root@localhost ~]# 
[root@localhost ~]# cd /opt/nginx-1.12.0/
[root@localhost nginx-1.12.0]# ls
auto     CHANGES.ru  configure  html     Makefile  objs    src
CHANGES  conf        contrib    LICENSE  man       README
[root@localhost nginx-1.12.0]# systemctl stop nginx.service 
[root@localhost nginx-1.12.0]# cd src/
[root@localhost src]# ls
core  event  http  mail  misc  os  stream
[root@localhost src]# cd core/
[root@localhost core]# vim nginx.h
 12 #define nginx_version      1012000
 13 #define NGINX_VERSION      "12345678"
 14 #define NGINX_VER          "IIS/" NGINX_VERSION
[root@localhost core]# cd ../../
[root@localhost nginx-1.12.0]# ls
auto     CHANGES.ru  configure  html     Makefile  objs    src
CHANGES  conf        contrib    LICENSE  man       README
[root@localhost nginx-1.12.0]# ./configure \
> --prefix=/usr/local/nginx \
> --user=nginx \
> --group=nginx \
> --with-http_stub_status_module
[root@localhost nginx-1.12.0]# make && make install -j4
[root@localhost nginx-1.12.0]# systemctl restart nginx.service 
[root@localhost nginx-1.12.0]# vim /usr/local/nginx/conf/nginx.conf
 17 http {
 18     include       mime.types;
 19     default_type  application/octet-stream;
 20     server_tokens on;
[root@localhost nginx-1.12.0]# curl -I 192.168.68.30
HTTP/1.1 200 OK
Server: IIS/12345678
Date: Sat, 13 Nov 2021 13:15:04 GMT
Content-Type: text/html
Content-Length: 612
Last-Modified: Sat, 13 Nov 2021 12:19:40 GMT
Connection: keep-alive
ETag: "618fad5c-264"
Accept-Ranges: bytes

三.修改用户与组

[root@localhost nginx-1.12.0]# ps aux |grep nginx
root       8048  0.0  0.0  20496   600 ?        Ss   21:14   0:00 nginx: master process /usr/local/nginx/sbin/nginx
nginx      8049  0.0  0.0  23024  1640 ?        S    21:14   0:00 nginx: worker process
root       8124  0.0  0.0 112680   980 pts/2    R+   21:20   0:00 grep --color=auto nginx
[root@localhost nginx-1.12.0]# !vim 
vim /usr/local/nginx/conf/nginx.conf 
2 user  ooo ooo;
[root@localhost nginx-1.12.0]# useradd -s /sbin/nologin ooo
[root@localhost nginx-1.12.0]# systemctl restart nginx.service 
[root@localhost nginx-1.12.0]# ps aux |grep ooo
ooo        8216  0.0  0.0  23028  1396 ?        S    21:25   0:00 nginx: worker process
root       8228  0.0  0.0 112676   984 pts/2    S+   21:25   0:00 grep --color=auto ooo

四.缓存时间

当nginx 将网页数据返回给客户端后，可设置缓存时间，以方便在日后进行相同内容的请求时直接返回，避免重复请求，加快了访问速度一般针对静态网页设置，对动态网页不设置缓存时间。

[root@localhost nginx-1.12.0]# vim /usr/local/nginx/conf/nginx.conf

[root@localhost nginx-1.12.0]# vim /usr/local/nginx/conf/nginx.conf
 48         location ~\.(gif|jpg|jpeg|png|bmp|ico)$ {
 49             root   html;
 50             expires 1d;
 51         }   
[root@localhost nginx-1.12.0]# nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
[root@localhost nginx-1.12.0]# systemctl restart nginx.service

五.日志切割

[root@localhost logs]# vim log.sh

[root@localhost nginx-1.12.0]# cd /usr/local/nginx/logs
[root@localhost logs]# vim log.sh
#!/bin/bash
d=$(date +%F -d -1day)
logpath="/var/log/nginx"
pid="/usr/local/nginx/logs/nginx.pid"

[ -d $logpath ] || mkdir -p $logpath
mv /usr/local/nginx/logs/access.log ${logpath}/www.ooo.com.log-$d
kill -USR1 $(cat $pid)
find $logpath -mtime +30 -exec rm -rf {} \;

[root@localhost logs]# chmod +x log.sh 
[root@localhost logs]# bash log.sh 
[root@localhost logs]# ls /var/lo
local/ lock/  log/   
[root@localhost logs]# ls /var/log/nginx/www.ooo.com.log-2021-11-12 
/var/log/nginx/www.ooo.com.log-2021-11-12
[root@localhost logs]# crontab -e
crontab: installing new crontab
30 1 * * * /usr/local/nginx/logs/log.sh

六.连接超时

HTTP服务有一个KeepAlive模式，它告诉web服务器在处理完一个请求后保持这个TCP连接的打开状态。若接收到来自同一客户端的其他请求，服务端会利用这个未被关闭的连接，而不需要再次建立一个连接
KeepAlive在一段时间内保持打开状态，它们会在这段时间内占用资源，占用过多就会影响服务器的性能

[root@localhost conf]# vim nginx.conf

[root@localhost nginx]# cd /usr/local/nginx/conf
[root@localhost conf]# vim nginx.conf
 30     #keepalive_timeout  0;
 31     keepalive_timeout  65 180;
[root@localhost conf]# systemctl restart nginx.service

七.更改请求进程数

[root@localhost conf]# !vim
vim nginx.conf

[root@localhost conf]# ps aux |grep nginx
root      11496  0.0  0.0  20496   612 ?        Ss   22:41   0:00 nginx: master process /usr/local/nginx/sbin/nginx
nginx     11497  0.0  0.0  23024  1648 ?        S    22:41   0:00 nginx: worker process
root      11690  0.0  0.0 112676   984 pts/2    S+   22:56   0:00 grep --color=auto nginx
[root@localhost conf]# !vim
vim nginx.conf
  2 #user  nobody;
  3 worker_processes  4;
[root@localhost conf]# systemctl restart nginx.service 
[root@localhost conf]# ps aux |grep nginx
root      11736  0.0  0.0  20496   612 ?        Ss   22:57   0:00 nginx: master process /usr/local/nginx/sbin/nginx
nginx     11737  0.0  0.0  23024  1396 ?        S    22:57   0:00 nginx: worker process
nginx     11738  0.0  0.0  23024  1392 ?        S    22:57   0:00 nginx: worker process
nginx     11739  0.0  0.0  23024  1396 ?        S    22:57   0:00 nginx: worker process
nginx     11740  0.0  0.0  23024  1396 ?        S    22:57   0:00 nginx: worker process
root      11742  0.0  0.0 112676   980 pts/2    S+   22:57   0:00 grep --color=auto nginx

八.网页压缩

[root@localhost conf]# vim /usr/local/nginx/conf/nginx.conf

[root@localhost conf]# vim /usr/local/nginx/conf/nginx.conf
 33     gzip  on;
 34     gzip_buffers 4 64k;
 35     gzip_http_version 1.1;
 36     gzip_comp_level 6;
 37     gzip_min_length 1k;
 38     gzip_vary on;
 39     gzip_types text/plain text/javascript application/x-javascript text/css text/xml application/xml application/xml+rss image/jpg     image/png;
[root@localhost conf]# nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
[root@localhost conf]# systemctl restart nginx.service

九.防盗链

盗图主机

[root@localhost html]# vim index.html

[root@localhost html]# vim /etc/hosts

防盗主机

将防盗的图拖到这个目录下

最后将错误图片放到防盗主机的html文件夹下，再刷新，在盗图主机下输入www.oooo.com之后就看不到原来的图片了

[root@localhost ~]# cd /var/www/html/
[root@localhost html]# vim index.html
<html>
<body>
<h1>this is ooo
<img src="http://www.ooo.com/1.jpg"/>
</body>
</html>
[root@localhost html]# vim /etc/hosts
127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.68.30 www.ooo.com
192.168.68.105 www.oooo.com
[root@localhost html]# systemctl start httpd
[root@localhost conf]# vim nginx.conf
 54         location ~* \.(gif|jpg|jpeg|bmp|ico)$ {
 55             valid_referers none blocked *.ooo.com ooo.com;
 56             if ( $invalid_referer ) {
 57                            rewrite ^/ http://www.ooo.com/2.png;
 58         }
[root@localhost conf]# nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful

Nginx网页优化（隐藏版本号，日志分割，更改进程数，网页压缩，防盗链详

一.安装Nginx服务

1.安装Nginx服务

2.编译安装Nginx

3.优化路径

4.添加 Nginx 系统服务

二.隐藏版本号

1.查看版本号

2.隐藏版本号法一

修改主配置文件

3.隐藏版本号法二

修改源码文件，重新编译安装

重新编译安装

三.修改用户与组

四.缓存时间

五.日志切割

六.连接超时

七.更改请求进程数

八.网页压缩

九.防盗链

猜你喜欢