Today, I will share some learning videos with you. Click to watch!
- Take you into the ultimate features of the Java Virtual Machine JVM
- Sweep all questions about Redis, hang all interviewers who dare to ask Redis questions
A very powerful and friendly nginx is based on lua-nginx-module (openresty), providing WAF, control panel and dashboard
VeryNginx
VeryNginx is a very powerful and friendly nginx.
Chinese documentation
note
After v0.2, the input uri of the control panel was moved to /verynginx/index.html
description
VeryNginx is based on lua_nginx_module (openrestry). It implements advanced firewall (waf), access statistics and some other functions. It enhances the functionality of Nginx and provides a friendly web interface.
VeryNginx online demo
User / password: verynginx / verynginx
The full version of the configuration guide can be found at the VeryNginx Wiki.
Nginx running status analysis
- Requests per second
- Response time
- Net flow
- Tcp connectinn num
Custom action
VeryNginx supports custom operations and can perform many operations.
The custom operation consists of two parts, Matcher and Action. Matcher is used to test whether the request meets the rules, and Action is the logic you want to run.
The advantage of this design is that Matcher contains all selection rules, and can be reused, using rules to describe logic that may be very complex.
match
A Matcher is used to select a part of all requests, a Matcher can contain one or more conditions. The following conditions are currently supported:
- Client IP
- host
- User agent
- HATE
- Referral
- Request Args
When the request does not conflict with any conditions of the matcher, the request will be matched by Matcher
action
Each Action refers to a Matcher and will run on the request selected by Matcher
Now, we have these Action Trumpets
- Scheme Lock locks the scheme to http / https
- Redirect request
- URI Rewrite internally rewrites the request
- Browser verification uses set-cookies and javascript to verify that the client is a browser and blocks bot traffic. This action may block search engine spiders, so please enable it only when under attack.
- Frequency limit limits the maximum request time within a specified time period
- Filter Block has some requests, you can do WAF
Matcher can select requests through multiple conditions, so using Filter Action, we get a powerful waf. waf can filter requests with complex rules and return special status codes when blocking requests.
VeryNginx presets some simple filtering rules to prevent simple SQL injection, Git and SVN file leakage, directory traversal attacks and common scanning tools.
rear end
Each Backend refers to a Matcher and will process the request selected by Matcher
Now we have these Backend
- Proxy Pass proxy sends requests to other servers
- Static files use local files to process request files
Request statistics
VeryNginx can record URI requests, including these data for each URI:
- Count of all requests
- Request a count for each status code
- Total bytes
- Average bytes
- Total response time
- Average response time
installation
Install Nginx / OpenResty
VeryNginx is based on OpenResty, so you need to install it first. But don't worry, VeryNginx provides an automatically executed script.
python install.py install复制代码
Just run this command and openresty and verynginx will be installed automatically.
Want to use custom nginx?
VeryNginx can automatically install openresty, so you don't need to install nginx (openresty) manually.
But if you want to use your own compiled nginx, it doesn't matter. You can see some help
Use-own-nginx
usage
Edit nginx configuration file
The configuration file of VeryNginx is /opt/verynginx/openresty/nginx/conf/nginx.conf, this is a demo. It allows verynginx to run so that you can see the verynginx dashboard. If you want to do something very useful, you need to edit the file and add your own nginx configuration.
This configuration file adds three include commands to embed verynginx into the original nginx (openresty)
- Including /opt/verynginx/verynginx/nginx_conf/in_external.conf;
- include /opt/verynginx/verynginx/nginx_conf/in_http_block.conf;
- include /opt/verynginx/verynginx/nginx_conf/in_server_block.conf;
These include commands are placed outside a block to prevent the http internal configuration and the server configuration block. Remenber keeps these three lines when modifying it. If you add a new server configuration block or http configuration block, you also need to add the appropriate include line.
Start / stop / restart service
#Start Service/opt/verynginx/openresty/nginx/sbin/nginx#Stop Service/opt/verynginx/openresty/nginx/sbin/nginx -s stop#Restart Service/opt/verynginx/openresty/nginx/sbin/nginx -s reload复制代码
Configure VeryNginx on the dashboard
After the service starts, you can view the server status and perform configuration on the dashboard.
The address of the dashboard is http: // {{your_machine_address}} /verynginx/index.html.
The default user and password are verynginx / vernginx. You should now be able to complete all options.
The full version of the configuration guide can be found in the VeryNginx Wiki.
Troubleshooting
If you encounter any problems during installation / configuration / use, you can refer to the troubleshooting documentation.
Troubleshooting
prompt
- The new configuration will take effect immediately after saving. There is no need to restart or reload nginx.
- When saving the configuration, VeryNginx writes all the configuration to /opt/verynginx/verynginx/configs/config.json.
- If the chat in the status page is stuck, you can click the gear icon in the upper right corner to close the animation
- If you lock yourself out of VeryNginx by doing something stupid, you can always delete config.json to restore VeryNginx to its default value.
更新VeryNginx / OpenResty
Over time, VeryNginx will develop on its own and can also support newer versions of OpenResty. The new version of VeryNginx may support some new features or fix some old errors. If you want to update VeryNginx installed locally, just extract the latest code from github to the local, and then run the following command:
#Update VeryNginxpython install.py update verynginx#Update OpenRestypython install.py update openresty复制代码
install.py will keep the old config.json and nginx.conf during the update. This way you will not lose the configuration after the update.
Build VeryNginx docker Image
After cloning the code to the local file system, you can run the following command:
docker build -t verynginx .docker run verynginx复制代码
Then, you can navigate to your browser http: // {{your_docker_machine_address}} /verynginx/index.html
You can choose to run docker run -p xxxx: 80 verynginx to map container port 80 to the host's xxx port