A very powerful and friendly nginx is based on lua-nginx-module (openresty)

Language 2020-04-15 01:06:16 views: null

Today, I will share some learning videos with you. Click to watch!


A very powerful and friendly nginx is based on lua-nginx-module (openresty), providing WAF, control panel and dashboard

VeryNginx

VeryNginx is a very powerful and friendly nginx.

Chinese documentation

note

After v0.2, the input uri of the control panel was moved to /verynginx/index.html

description

VeryNginx is based on lua_nginx_module (openrestry). It implements advanced firewall (waf), access statistics and some other functions. It enhances the functionality of Nginx and provides a friendly web interface.

VeryNginx online demo

User / password: verynginx / verynginx

The full version of the configuration guide can be found at the VeryNginx Wiki.

Nginx running status analysis

  • Requests per second
  • Response time
  • Net flow
  • Tcp connectinn num
A very powerful and friendly nginx is based on lua-nginx-module (openresty)

Custom action

VeryNginx supports custom operations and can perform many operations.

The custom operation consists of two parts, Matcher and Action. Matcher is used to test whether the request meets the rules, and Action is the logic you want to run.

The advantage of this design is that Matcher contains all selection rules, and can be reused, using rules to describe logic that may be very complex.

match

A Matcher is used to select a part of all requests, a Matcher can contain one or more conditions. The following conditions are currently supported:

  • Client IP
  • host
  • User agent
  • HATE
  • Referral
  • Request Args

When the request does not conflict with any conditions of the matcher, the request will be matched by Matcher

action

Each Action refers to a Matcher and will run on the request selected by Matcher

Now, we have these Action Trumpets

  • Scheme Lock locks the scheme to http / https
  • Redirect request
  • URI Rewrite internally rewrites the request
  • Browser verification uses set-cookies and javascript to verify that the client is a browser and blocks bot traffic. This action may block search engine spiders, so please enable it only when under attack.
  • Frequency limit limits the maximum request time within a specified time period
  • Filter Block has some requests, you can do WAF

Matcher can select requests through multiple conditions, so using Filter Action, we get a powerful waf. waf can filter requests with complex rules and return special status codes when blocking requests.

VeryNginx presets some simple filtering rules to prevent simple SQL injection, Git and SVN file leakage, directory traversal attacks and common scanning tools.

A very powerful and friendly nginx is based on lua-nginx-module (openresty)

A very powerful and friendly nginx is based on lua-nginx-module (openresty)

rear end

Each Backend refers to a Matcher and will process the request selected by Matcher

Now we have these Backend

  • Proxy Pass proxy sends requests to other servers
  • Static files use local files to process request files

Request statistics

VeryNginx can record URI requests, including these data for each URI:

  • Count of all requests
  • Request a count for each status code
  • Total bytes
  • Average bytes
  • Total response time
  • Average response time
A very powerful and friendly nginx is based on lua-nginx-module (openresty)

installation

Install Nginx / OpenResty

VeryNginx is based on OpenResty, so you need to install it first. But don't worry, VeryNginx provides an automatically executed script.

python install.py install复制代码

Just run this command and openresty and verynginx will be installed automatically.

Want to use custom nginx?

VeryNginx can automatically install openresty, so you don't need to install nginx (openresty) manually.

But if you want to use your own compiled nginx, it doesn't matter. You can see some help

Use-own-nginx

usage

Edit nginx configuration file

The configuration file of VeryNginx is /opt/verynginx/openresty/nginx/conf/nginx.conf, this is a demo. It allows verynginx to run so that you can see the verynginx dashboard. If you want to do something very useful, you need to edit the file and add your own nginx configuration.

This configuration file adds three include commands to embed verynginx into the original nginx (openresty)

  • Including /opt/verynginx/verynginx/nginx_conf/in_external.conf;
  • include /opt/verynginx/verynginx/nginx_conf/in_http_block.conf;
  • include /opt/verynginx/verynginx/nginx_conf/in_server_block.conf;

These include commands are placed outside a block to prevent the http internal configuration and the server configuration block. Remenber keeps these three lines when modifying it. If you add a new server configuration block or http configuration block, you also need to add the appropriate include line.

Start / stop / restart service

#Start Service/opt/verynginx/openresty/nginx/sbin/nginx#Stop Service/opt/verynginx/openresty/nginx/sbin/nginx -s stop#Restart Service/opt/verynginx/openresty/nginx/sbin/nginx -s reload复制代码

Configure VeryNginx on the dashboard

After the service starts, you can view the server status and perform configuration on the dashboard.

The address of the dashboard is http: // {{your_machine_address}} /verynginx/index.html.

The default user and password are verynginx / vernginx. You should now be able to complete all options.

The full version of the configuration guide can be found in the VeryNginx Wiki.

Troubleshooting

If you encounter any problems during installation / configuration / use, you can refer to the troubleshooting documentation.

Troubleshooting

prompt

  • The new configuration will take effect immediately after saving. There is no need to restart or reload nginx.
  • When saving the configuration, VeryNginx writes all the configuration to /opt/verynginx/verynginx/configs/config.json.
  • If the chat in the status page is stuck, you can click the gear icon in the upper right corner to close the animation
  • If you lock yourself out of VeryNginx by doing something stupid, you can always delete config.json to restore VeryNginx to its default value.

更新VeryNginx / OpenResty

Over time, VeryNginx will develop on its own and can also support newer versions of OpenResty. The new version of VeryNginx may support some new features or fix some old errors. If you want to update VeryNginx installed locally, just extract the latest code from github to the local, and then run the following command:

#Update VeryNginxpython install.py update verynginx#Update OpenRestypython install.py update openresty复制代码

install.py will keep the old config.json and nginx.conf during the update. This way you will not lose the configuration after the update.

Build VeryNginx docker Image

After cloning the code to the local file system, you can run the following command:

docker build -t verynginx .docker run verynginx复制代码

Then, you can navigate to your browser http: // {{your_docker_machine_address}} /verynginx/index.html

You can choose to run docker run -p xxxx: 80 verynginx to map container port 80 to the host's xxx port


Guess you like

Origin juejin.im/post/5e95969bf265da47c80133b8
Recommended
Ranking
2019 JD pen questions - Choir
Grafana installation & basic configuration
How to solve the high gas fee of Filecoin? The official attitude is bright!
Informatization development 59
Date,DateFormat,Calendar,
Introduction to MySQL - Understanding MySQL
win10 conexão de área de trabalho remota ubuntu20 (RDP)
52. Customize generics on methods
Detailed explanation of CAP, ACID, BASE theory and NWR practice strategy
UnknownHostException:XXX:Name or service not know
Daily
More
2024-08-01(0)
2024-07-31(0)
2024-07-30(0)
2024-07-29(0)
2024-07-28(0)
2024-07-27(0)
2024-07-26(0)
2024-07-25(0)
2024-07-24(0)
2024-07-23(0)

Code World

© 2018 codetd.com