Nginx uses the ngx_http_accesskey_module module to implement anti-leech
There is a file sharing system, using the nginx platform to directly open the directory function, you can freely browse and select files to download. At the same time open ftp, you can upload files to share with everyone. All this can be achieved It is not difficult, but after a period of time, I found that the traffic of the sharing system was high, and after analyzing the logs, I found that it was a link from Thunder from all over the world. After that, I filtered out the agent of Thunder, but the effect was not good. Wrong, but the ensuing problem is: we usually use Xunlei, which has no effect on small files, but for files that are uploaded to G at every turn, it is a severe test for the download function of the browser. Now, using the ngx_http_accesskey_module module and cooperating with php, a file sharing system that can prevent downloading tools and my link sharing function has been revived~ the For nginx compilation configuration, please refer to http://wiki.nginx.org/NginxHttpAccessKeyModule Let me share about my configuration: nginx: location /downloads { # autoindex on; # autoindex_localtime on; # autoindex_exact_size off; accesskey on; accesskey_hashmethod md5; accesskey_arg “key”; accesskey_signature…
Basic configuration and optimization of nginx
Nignx configuration file content #running user user www-data; #Start the process, usually set to twice the number of cpu worker_processes 4; #Global error log and PID file error_log /var/log/nginx/error.log; pid /var/run/nginx.pid; #Working mode and connection limit events { use epoll; #epoll is a way of multiplexing IO (I/O Multiplexing), but it is only used for kernels above linux2.6, which can greatly improve the performance of nginx worker_connections 1024;#The maximum number of concurrent connections for a single background worker process } #Set up the http server, use its reverse proxy function to provide load balancing support http { #Set the mime type, which is defined by the mime.type file include mime.types; default_type application/octet-stream; #Set log format access_log /usr/local/nginx/logs/access.log; The #sendfile directive specifies whether nginx calls the sendfile function (zero copy mode) to output files. For common applications, #Must be set to on, if it is used for downloading and other applications with heavy disk IO load, it can be set to off to balance the disk and network I/O processing speed and reduce the system uptime. sendfile on; #tcp_nopush on; #Connection timeout #keepalive_timeout 0; keepalive_timeout 65; tcp_nodelay on; #fastcgi fasccgi_connect_timeout 300; fastcgi_send_timeout 300; fastcgi_read_timeout 300; fastcgi_buffer_size 64k; fastcgi_buffers 4 64k; fastcgi_busy_buffers_size…
Apache and nginx prohibit access to specified files or directories
Have you tested that after Apache makes the directory prohibited from browsing, the txt file under the directory can still display the contents inside. For example: http://www.server110.com/linux/ This visit will report a 403 error, but if there are many txt under test, when you visit this txt; For example: http://www.server110.com/linux/a.txt, at this time all the content in a.txt will be exposed to the outside (sometimes this txt is a very confidential file), so it will not be safe. Similarly: I also have this problem after Nginx configuration, thanks to the help of NetSeek for the solution of this problem under Apache. The following is the way to limit this kind of things about Apache and Nginx: Apache configuration prohibits access 1. Forbid access to certain files/directories Add Files option to control, such as not allowing access to files with .inc extensions, and protecting php class libraries: Order allow, deny Deny from all Prohibit access to certain specified directories: (can be used for regular matching) Order allow, deny Deny from all Prohibit by file matching, such as prohibiting all access to pictures: Order allow, deny Deny from all Forbidden access for relative URL paths: Order allow, deny Deny from all Prohibit…
20 practical tips for Nginx web server
Nginx is a lightweight, high-performance web server/reverse proxy and email proxy (IMAP/POP3) that runs on UNIX, GNU/Linux, BSD variants, MAC OS X, Solaris, and Microsoft on Windows. According to Netcraft survey data, 6% of domain names on the Internet use Nginx Web server. Nginx is one of the servers that solve the C10K problem. Unlike traditional servers, Nginx does not rely on threads to process requests. Instead, it uses a more scalable event-driven (asynchronous) architecture. Nginx is used on many high traffic websites such as WordPress, Hulu, Github and SourceForge. The main purpose of this article is to introduce how to improve the security of Nginx web server running on Linux or UNIX-like operating system. Nginx default configuration file and default port ◆ /usr/local/nginx/conf/ – Nginx server configuration directory, /usr/local/nginx/conf/nginx.conf is the main configuration file ◆ /usr/local/nginx/html/ – default document location ◆ /usr/local/nginx/logs/ – default log file location ◆ Nginx HTTP default port: TCP 80 ◆ Nginx HTTPS default port: TCP 443 You can use the following command to test whether the configuration of Nginx is correct: # /usr/local/nginx/sbin/nginx -t Example output: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok configuration file /usr/local/nginx/conf/nginx.conf test is successful To make the modified configuration…
Installation and use of nginx in linux system
Preparation: # yum install gcc gcc-cpp gcc-c++ Install pcre (Let nginx support rewrite) # tar zxvf pcre-8.01.tar.gz # cd pcre-8.01/ # ./configure # make && make install Installation and activation # tar zxvf nginx-1.0.4.tar.gz # cd nginx-1.0.4 # ./configure –prefix=/usr/local/nginx –with-http_gzip_static_module –with-http_flv_module –http-proxy-temp-path=/var/tmp/nginx/proxy/ # make && make install start # /usr/local/nginx/sbin/nginx -c /usr/local/nginx/conf/nginx.conf stop # kill – QUIT Nginx main process number reboot # kill -HUP Nginx main process ID Common configuration If installed as above, the nginx configuration file is located at /local/usr/nginx/conf/nginx.conf. The configuration file structure of nginx.conf mainly consists of the following parts: …… envents { … } http { … server{ … } server{ … } … } Note: In the following configurations, the position of the modified content will be named with the name before the above curly braces. If the configuration content is modified in the server, it will be described as “what to look for in the server block, why to modify or what to add, etc.”. 1. Set the listening port, domain name and root directory In the server block of the configuration file, make corresponding settings. listen 80; server_name www.domain.com; root /var/www/domain.com; index index.php index.html index.htm Modify listen and server_name to…
CentOS system sets nginx to start automatically
Nginx is a powerful high-performance web and reverse proxy server. The following describes how to set up automatic startup after installation under linux. First, create the nginx file in the /etc/init.d/ directory of the Linux system, and use the following command: vi /etc/init.d/nginx Add the following command to the script: ***************************************************** ***************************************************** ******************************* #!/bin/bash # nginx Startup script for the Nginx HTTP Server # it is v.0.0.2 version. # chkconfig: -85 15 # description: Nginx is a high-performance web and proxy server. # It has a lot of features, but it’s not for everyone. # processname: nginx # pidfile: /var/run/nginx.pid # config: /usr/local/nginx/conf/nginx.conf nginxd=/usr/local/nginx/sbin/nginx nginx_cOnfig=/usr/local/nginx/conf/nginx.conf nginx_pid=/var/run/nginx.pid RETVAL=0 prog=”nginx” # Source function library. ./etc/rc.d/init.d/functions # Source networking configuration. ./etc/sysconfig/network # Check that networking is up. [ ${NETWORKING} = “no” ] && exit 0 [ -x $nginxd ] || exit 0 # Start nginx daemons functions. start() { if [ -e $nginx_pid ];then echo “nginx already running….” exit 1 fi echo -n $”Starting $prog: “ daemon $nginxd -c ${nginx_config} RETVAL=$? echo [ $RETVAL = 0 ] && touch /var/lock/subsys/nginx return $RETVAL } # Stop nginx daemons functions. stop() { echo -n $”Stopping $prog: “ killproc $nginxd RETVAL=$? echo [ $RETVAL = 0…
Configure nginx reverse proxy on linuxvps
What is a reverse proxy? A reverse proxy refers to a proxy server that accepts a connection request on the Internet, then forwards the request to a server on an internal (or other) network, and returns the result obtained from the server to the client requesting a connection on the Internet. How to do it: For example, I want to build a www.server110.com is used as a reverse proxy to access twitter. First, the domain name management at the domain name registrar is the domain name www .server110.com add A record to the IP of the VPS , and then modify the Nginx configuration file on the VPS, adding the following: server { listen 80; server_name www.server110.com; Location / { http://twitter.com/; Proxy_redirect off; $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } } After adding, execute first: /usr/local/nginx/sbin/nginx -t Check whether the configuration is normal, if it shows: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok configuration file /usr/local/nginx/conf/nginx.conf test is successful It is normal, otherwise modify the configuration according to the error prompt. Then execute kill -HUP `cat /usr/local/nginx/logs/nginx.pid` Make the configuration take effect, after the domain name resolution takes effect, you can pass www.server110.com visited twitter.
Install and configure Nginx and support php
Before introducing Linux Nginx to you in detail, let everyone know about Linux Nginx first, and then introduce Linux in a comprehensive way Nginx, I hope it is useful to everyone. Use Linux Nginx to build a high-performance web environment Linux Nginx (“engine x”) It is a high-performance HTTP and reverse proxy server, and also an IMAP/POP3/SMTP proxy server. Linux Nginx is powered by Developed by Igor Sysoev for the second most visited Rambler.ru site in Russia, where it has been running for more than two and a half years. Igor The source code is released under a BSD-like license. Linux Nginx surpasses Apache’s high performance and stability, making domestic use of Linux Nginx as a Web server There are also more and more websites on the server, including Sina Blog, Sina Podcast, NetEase News and other portal channels, Liujianfang, 56.com and other video sharing websites, Discuz! Official Forum, Shuimu Community and other well-known forums, Douban, YUPOO Emerging Web sites such as photo albums, domestic SNS, and Thunder Online 2.0 website. Experimental environment Centos4.5 pcre-7.8.tar.gz regular expression download address: ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/ nginx-0.7.26.tar download address: http://www.nginx.net/ php-5.2.6.tar.bz2 download address: http://www.php.net/releases/ php-5.2.6-fpm-0.5.9.diff.gz php-fpm is a FastCGI management patch for PHP, which can smoothly…
Configure nginx to support PHP
Installing Nginx and php is not much to say here, after all, the online tutorials are already very comprehensive. Whether it is rpm, apt-get or downloading source code installation, just follow the steps, (PHP I use dpkg ?P php5-cgi and then apt-get install php5-cgi to install, the platform is Ubuntu) Here I want to talk about the php support mode, this part is a repost 1) Currently variousserversHTTP ServerSupport for PHP Total There are three: a. Through the built-in module of HTTPServer, For example, Apache‘s mod_php5, similar Apache’s built-in mod_perl can support perl; b. Realized by CGI, this is like the CGI of perl before, the disadvantage of this method is poor performance, because every time the server encounters these scripts, the script parser needs to be restarted to execute the script and then return the result to the server; On the one hand, it is not very secure; this aspect is almost rarely used. c. The latest one is called FastCGI. The so-called FastCGI is an improvement on CGI. It generally adopts a C/S structure. Generally, the script processor will start one or more daemon processes. Every time HTTPServer encounters a script, it will be directly delivered to the…
