nginx专题
正向代理服务器:局域网内的主机通过一个正向代理服务器访问外网服务器,并将外网服务器上的结果返回给局域网内的主机; 反向代理服务器:来自Internet上的请求通过反向代理服务器来访问局域网内的服务器,并将从局域网服务器得到的结果返回给Internet上请求连接的客户端;
The way nginx and its modules work is determined in the configuration file.
By default, the configuration file is named nginx.conf and placed in the directory /usr/local/nginx/conf, /etc/nginx, or /usr/local/etc/nginx.
Starting, Stopping, and Reloading Configuration
To start nginx, run the executable file. Once nginx is started, it can be controlled by invoking the executable with the -s parameter. Use the following syntax:
nginx -s signal
Where signal may be one of the following:
stop — fast shutdown
quit — graceful shutdown
reload — reloading the configuration file
reopen — reopening the log files
For example, to stop nginx processes with waiting for the worker processes to finish serving current requests, the following command can be executed:
nginx -s quit
This command should be executed under the same user that started nginx.
Changes made in the configuration file will not be applied until the command to reload configuration is sent to nginx or it is restarted. To reload configuration, execute:
nginx -s reload
Once the master process receives the signal to reload configuration, it checks the syntax validity of the new configuration file and tries to apply the configuration provided in it. If this is a success, the master process starts new worker processes and sends messages to old worker processes, requesting them to shut down. Otherwise, the master process rolls back the changes and continues to work with the old configuration. Old worker processes, receiving a command to shut down, stop accepting new connections and continue to service current requests until all such requests are serviced. After that, the old worker processes exit.
A signal may also be sent to nginx processes with the help of Unix tools such as the kill utility. In this case a signal is sent directly to a process with a given process ID. The process ID of the nginx master process is written, by default, to the nginx.pid in the directory /usr/local/nginx/logs or /var/run. For example, if the master process ID is 1628, to send the QUIT signal resulting in nginx’s graceful shutdown, execute:
kill -s QUIT 1628
For getting the list of all running nginx processes, the ps utility may be used, for example, in the following way:
ps -ax | grep nginx
For more information on sending signals to nginx, see Controlling nginx.
http://nginx.org/en/docs/beginners_guide.html
rewrite通过正则表达式的使用来改变URI,可以同时存在一个或者多个指令,按照顺序依次对URL进行匹配和处理(使用break可以依次处理,其它不可以)。
rewrite语法:rewrite regex replacement [falg];regex用于匹配URI的正则表达式。使用括号“()”标记想要截取的内容。
flag由以下几个选项:last,break,redirect,permanent
说明:
rewrite接收到的URI不包含host地址。因此regex不可能匹配到URI的host地址
例如URL: http://myweb.com/source?arg1=value1&arg2=value2
rewrite指令接收到的URI为"/source“,不包含"?arg1=value1&arg2=value2"
replace,匹配成功后用于替换URI中被截取内容的字符串。默认情况下,如果该字符串是由”http://"或者"https://"开头的,则不会继续向下对URI进行其它处理,而直接将重写后的URI返回给客户端。
rewrite模块接收到的URI不包含URL中的请求信息(queryString),如果我们希望将这些指令传给重写后的URI,需要怎么做呢?
Nginx全局变量$request_uri可以帮忙,
rewrite myweb.com http://example.com$request_uri? permanent;
几个名词解析:
$request_uri This variable is equal to the *original* request URI as received from the client including the args.
It cannot be modified. Look at $uri for the post-rewrite/altered URI. Does not include host name.
Example: "/foo/bar.php?arg=baz" 这个变量等于从客户端发送来的原生请求URI,包括参数。它不可以进行修改。$uri变量反映的是重写后/改变的URI。不包括主机名。
例如:"/foo/bar.php?arg=baz" $uri This variable is the current request URI, without any arguments (see argsforthose).
This variable will reflect any modification sdonesofarbyinternalredirectsortheindexmodule.
Note this maybe different from args for those).
This variable will reflect any modificationsdones ofarbyinternalredirectsortheindexmodule.
Notethismaybedifferentfromrequest_uri, as $request_uri is what was originally sent by the browser before any such modifications.
Does not include the protocol or host name. Example: /foo/bar.html 这个变量指当前的请求URI,不包括任何参数(见args)。这个变量反映任何内部重定向或index模块所做的修改。
注意,这和args)。这个变量反映任何内部重定向或index模块所做的修改。注意,这和request_uri不同,因$request_uri是浏览器发起的不做任何修改的原生URI。
不包括协议及主机名。例如:"/foo/bar.html" $document_uri The same as $uri. 同$uri.
处理query_string
(1)什么是query_string:
http://i.cnblogs.com/EditPosts.aspx?opt=1
上面链接中的?后面的opt=1就是query_string,即url中?后面的都是
(2)nginx中如何获取到上面的值。本例以query_string有一个key为例,多个就是多个正则引用$1,$2的区别而已
nginx中全局变量$args和$query_string中存放的数据就是请求的url中带的query_string
如何获取query_string中key对应的value呢,以上面的链接为例,就是key:opt 对应的value: 1
方法1:下面使用了permanent,因为使用last没有生效。那个大神给看看是什么原因
last没有生效的原因是:
last,终止继续在本location块中处理接收到的URI,并将此处重写的URI作为一个新的URI,使用各location块进行处理。
last标志将重写后的URI重新在server块中执行,为重写后的URI提供了转入到其它location块的机会
看到这时,是不是有的小伙伴已经发现一个bug,下面的是不是就死循环了:
location /myweb/{
rewrite ^(/myweb/.*)/media/(.*)\..*$ myweb/$1/mp3/$2.mp3 last;
}
的确会出现死循环,
因为使用last,相当于一个新请求进来,再重新走一遍location。重写后的URI会被该location块重新匹配到
Nginx服务器遇到这种情况,会尝试10次循环之后返回错误状态代码500
rewrite中与last容易混淆的几个用来设置rewrite对URI处理行为的flag,也简单介绍一下:
break,将此处重写的URI作为一个新的URI,在本块中继续进行处理。该标志将重写后的地址在当前的location块中执行,不会将新的URI转向到其他location块
redirect,将重写后的URI返回给客户端,状态代码为302,指明是临时重定向URI,主要用在replacement变量不是以"http://"或"https://"开头的情况下
permanent,将重写后的URI返回给客户端,状态代码301,指明是永久重定向URI,
location /EditPosts.aspx {
if ($args ~ opt=(\d+)){
set $opt $1; #将截取到的opt对应的值$1赋值给变量$opt(变量必须以$开头,并且不能与nginx预设的全局变量同名)以备后用。
rewrite /(.*)\.aspx /$1/$opt? permanent; #最后的?很关键,表示正则结束,不然rewrite后的url会变成/EditPosts/1?opt=1
}
}
在正则表达式中可以,可以使用小括号对变量值进行截取,在花括号中使用$1...$9引用截取的值(注意,$后面的数字从1开始的哦)
方法2:
location /EditPosts.aspx {
if ($args ~ opt=(\d+)){
rewrite /(\w*)\.aspx /$1/$arg_opt? permanent; #即$arg_query_string中key代表的字符串
}
}
log_format及nginx的部分预设全局变量的值:
log_format main '$remote_addr - $remote_user [$time_local] "$uri" - "$request_uri" -"$request" -"$status" "$http_referer" "$http_user_agent" ' ' "$http_x_forwarded_for" "$request_time" ' '[$cookie_customerID_cookie_flag] [$args]' ; 127.0.0.1 - - [11/Jul/2016:17:11:56 +0800] "/bbs/index.html" - "/bbs/" -"GET /bbs/ HTTP/1.1" -"200" "-" "Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/45.0.2454.85 Safari/537.36" "-" "0.000" [-] [-] 127.0.0.1 - - [11/Jul/2016:17:11:57 +0800] "/vender/AdminLTE/AdminLTE.min.css" - "/vender/AdminLTE/AdminLTE.min.css" -"GET /vender/AdminLTE/AdminLTE.min.css HTTP/1.1" -"200" "http://localhost/bbs/" "Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/45.0.2454.85 Safari/537.36" "-" "0.000" [-] [-] 127.0.0.1 - - [11/Jul/2016:17:11:57 +0800] "/vender/bootstrap_v3.3.5/css/bootstrap.min.css" - "/vender/bootstrap_v3.3.5/css/bootstrap.min.css" -"GET /vender/bootstrap_v3.3.5/css/bootstrap.min.css HTTP/1.1" -"200" "http://localhost/bbs/" "Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/45.0.2454.85 Safari/537.36" "-" "0.000" [-] [-]
粘一个匹配过程:
location / {
root D:/workspace/webapp;
index index.html index.htm;
}
location /api {
proxy_pass http://localhsot:9090/api;
}
location /topic/view {
rewrite /topic/view/(.*) /topic/#/$1 permanent;
}
location ~ /topic/module/\d+ {
if ($args ~ type=(\d+)){
#set $type $1;
#rewrite /topic/module/(\d+) /hello/#/$1?cid=$type? permanent;
rewrite /topic/module/(\d+) /hello/#/$1?cid=$arg_type? permanent;
}
rewrite /topic/module/(\d+) /hello/#/$1 permanent;
}
2016/07/12 18:44:23 [debug] 3580#292: post event 0054E058
2016/07/12 18:44:23 [debug] 3580#292: delete posted event 0054E058
2016/07/12 18:44:23 [debug] 3580#292: accept on 0.0.0.0:80, ready: 0
2016/07/12 18:44:23 [debug] 3580#292: malloc: 00512E08:256
2016/07/12 18:44:23 [debug] 3580#292: *89 accept: 127.0.0.1:49491 fd:400
2016/07/12 18:44:23 [debug] 3580#292: *89 event timer add: 400: 60000:3736476011
2016/07/12 18:44:23 [debug] 3580#292: *89 reusable connection: 1
2016/07/12 18:44:23 [debug] 3580#292: *89 select add event fd:400 ev:0
2016/07/12 18:44:23 [debug] 3580#292: *89 post event 0054E0A8
2016/07/12 18:44:23 [debug] 3580#292: *89 delete posted event 0054E0A8
2016/07/12 18:44:23 [debug] 3580#292: *89 http wait request handler
2016/07/12 18:44:23 [debug] 3580#292: *89 malloc: 005211A0:1024
2016/07/12 18:44:23 [debug] 3580#292: *89 WSARecv: fd:400 rc:0 444 of 1024
2016/07/12 18:44:23 [debug] 3580#292: *89 reusable connection: 0
2016/07/12 18:44:23 [debug] 3580#292: *89 malloc: 00518010:4096
2016/07/12 18:44:23 [debug] 3580#292: *89 http process request line
2016/07/12 18:44:23 [debug] 3580#292: *89 http request line: "GET /topic/module/7?channel=3 HTTP/1.1"
2016/07/12 18:44:23 [debug] 3580#292: *89 http uri: "/topic/module/7"
2016/07/12 18:44:23 [debug] 3580#292: *89 http args: "channel=3"
2016/07/12 18:44:23 [debug] 3580#292: *89 http exten: ""
2016/07/12 18:44:23 [debug] 3580#292: *89 http process request header line
2016/07/12 18:44:23 [debug] 3580#292: *89 http header: "Host: localhost"
2016/07/12 18:44:23 [debug] 3580#292: *89 http header: "Connection: keep-alive"
2016/07/12 18:44:23 [debug] 3580#292: *89 http header: "Upgrade-Insecure-Requests: 1"
2016/07/12 18:44:23 [debug] 3580#292: *89 http header: "User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.106 Safari/537.36"
2016/07/12 18:44:23 [debug] 3580#292: *89 http header: "Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8"
2016/07/12 18:44:23 [debug] 3580#292: *89 http header: "Accept-Encoding: gzip, deflate, sdch"
2016/07/12 18:44:23 [debug] 3580#292: *89 http header: "Accept-Language: zh-CN,zh;q=0.8"
2016/07/12 18:44:23 [debug] 3580#292: *89 http header: "Cookie: JSESSIONID=608D2B53198A02DE2B977D976A6DE026"
2016/07/12 18:44:23 [debug] 3580#292: *89 http header done
2016/07/12 18:44:23 [debug] 3580#292: *89 event timer del: 400: 3736476011
2016/07/12 18:44:23 [debug] 3580#292: *89 generic phase: 0
2016/07/12 18:44:23 [debug] 3580#292: *89 rewrite phase: 1
2016/07/12 18:44:23 [debug] 3580#292: *89 test location: "/"
2016/07/12 18:44:23 [debug] 3580#292: *89 test location: "api"
2016/07/12 18:44:23 [debug] 3580#292: *89 test location: "topic/view"
2016/07/12 18:44:23 [debug] 3580#292: *89 test location: ~ "/topic/module/\d+"
2016/07/12 18:44:23 [debug] 3580#292: *89 using configuration "/topic/module/\d+"
2016/07/12 18:44:23 [debug] 3580#292: *89 http cl:-1 max:1048576
2016/07/12 18:44:23 [debug] 3580#292: *89 rewrite phase: 3
2016/07/12 18:44:23 [debug] 3580#292: *89 http script var
2016/07/12 18:44:23 [debug] 3580#292: *89 http script var: "channel=3"
2016/07/12 18:44:23 [debug] 3580#292: *89 http script regex: "channel=(\d+)"
2016/07/12 18:44:23 [notice] 3580#292: *89 "channel=(\d+)" matches "channel=3", client: 127.0.0.1, server: localhost, request: "GET /topic/module/7?channel=3 HTTP/1.1", host: "localhost"
2016/07/12 18:44:23 [debug] 3580#292: *89 http script if
2016/07/12 18:44:23 [debug] 3580#292: *89 http script regex: "/topic/module/(\d+)"
2016/07/12 18:44:23 [notice] 3580#292: *89 "/topic/module/(\d+)" matches "/topic/module/7", client: 127.0.0.1, server: localhost, request: "GET /topic/module/7?channel=3 HTTP/1.1", host: "localhost"
2016/07/12 18:44:23 [debug] 3580#292: *89 http script copy: "/bbs/#/"
2016/07/12 18:44:23 [debug] 3580#292: *89 http script capture: "7"
2016/07/12 18:44:23 [debug] 3580#292: *89 http script copy: "?cid="
2016/07/12 18:44:23 [debug] 3580#292: *89 http script var: "3"
2016/07/12 18:44:23 [debug] 3580#292: *89 http script regex end
2016/07/12 18:44:23 [notice] 3580#292: *89 rewritten redirect: "/bbs/#/7?cid=3", client: 127.0.0.1, server: localhost, request: "GET /topic/module/7?channel=3 HTTP/1.1", host: "localhost"
2016/07/12 18:44:23 [debug] 3580#292: *89 http finalize request: 301, "/topic/module/7?channel=3" a:1, c:1
2016/07/12 18:44:23 [debug] 3580#292: *89 http special response: 301, "/topic/module/7?channel=3"
2016/07/12 18:44:23 [debug] 3580#292: *89 http set discard body
2016/07/12 18:44:23 [debug] 3580#292: *89 HTTP/1.1 301 Moved Permanently
Server: nginx/1.10.1
Date: Tue, 12 Jul 2016 10:44:23 GMT
Content-Type: text/html
Content-Length: 185
Location: http://localhost/bbs/#/7?cid=3
Connection: keep-alive
2016/07/12 18:44:23 [debug] 3580#292: *89 write new buf t:1 f:0 0051896C, pos 0051896C, size: 205 file: 0, size: 0
2016/07/12 18:44:23 [debug] 3580#292: *89 http write filter: l:0 f:0 s:205
2016/07/12 18:44:23 [debug] 3580#292: *89 http output filter "/topic/module/7?channel=3"
2016/07/12 18:44:23 [debug] 3580#292: *89 http copy filter: "/topic/module/7?channel=3"
2016/07/12 18:44:23 [debug] 3580#292: *89 http postpone filter "/topic/module/7?channel=3" 00518B04
2016/07/12 18:44:23 [debug] 3580#292: *89 write old buf t:1 f:0 0051896C, pos 0051896C, size: 205 file: 0, size: 0
2016/07/12 18:44:23 [debug] 3580#292: *89 write new buf t:0 f:0 00000000, pos 00EC39D8, size: 132 file: 0, size: 0
2016/07/12 18:44:23 [debug] 3580#292: *89 write new buf t:0 f:0 00000000, pos 00EC3780, size: 53 file: 0, size: 0
2016/07/12 18:44:23 [debug] 3580#292: *89 http write filter: l:1 f:0 s:390
2016/07/12 18:44:23 [debug] 3580#292: *89 http write filter limit 0
2016/07/12 18:44:23 [debug] 3580#292: *89 WSASend: fd:400, s:390
2016/07/12 18:44:23 [debug] 3580#292: *89 http write filter 00000000
2016/07/12 18:44:23 [debug] 3580#292: *89 http copy filter: 0 "/topic/module/7?channel=3"
2016/07/12 18:44:23 [debug] 3580#292: *89 http finalize request: 0, "/topic/module/7?channel=3" a:1, c:1
2016/07/12 18:44:23 [debug] 3580#292: *89 set http keepalive handler
2016/07/12 18:44:23 [debug] 3580#292: *89 http close request
2016/07/12 18:44:23 [debug] 3580#292: *89 http log handler
2016/07/12 18:44:23 [debug] 3580#292: *89 free: 00518010, unused: 1022
2016/07/12 18:44:23 [debug] 3580#292: *89 free: 005211A0
2016/07/12 18:44:23 [debug] 3580#292: *89 hc free: 00000000 0
2016/07/12 18:44:23 [debug] 3580#292: *89 hc busy: 00000000 0
2016/07/12 18:44:23 [debug] 3580#292: *89 tcp_nodelay
上面提到的问题解决了,原因是如下:
2016/07/12 20:13:28 [debug] 4044#3764: *15 http process request line
2016/07/12 20:13:28 [debug] 4044#3764: *15 http request line: "GET /topic/module/7?channel=3 HTTP/1.1"
2016/07/12 20:13:28 [debug] 4044#3764: *15 http uri: "/topic/module/7"
2016/07/12 20:13:28 [debug] 4044#3764: *15 http args: "channel=3"
2016/07/12 20:13:28 [debug] 4044#3764: *15 http exten: ""
2016/07/12 20:13:28 [debug] 4044#3764: *15 http process request header line
2016/07/12 20:13:28 [debug] 4044#3764: *15 http header: "Host: localhost"
2016/07/12 20:13:28 [debug] 4044#3764: *15 http header: "Connection: keep-alive"
2016/07/12 20:13:28 [debug] 4044#3764: *15 http header: "Upgrade-Insecure-Requests: 1"
2016/07/12 20:13:28 [debug] 4044#3764: *15 http header: "User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.106 Safari/537.36"
2016/07/12 20:13:28 [debug] 4044#3764: *15 http header: "Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8"
2016/07/12 20:13:28 [debug] 4044#3764: *15 http header: "Accept-Encoding: gzip, deflate, sdch"
2016/07/12 20:13:28 [debug] 4044#3764: *15 http header: "Accept-Language: zh-CN,zh;q=0.8"
2016/07/12 20:13:28 [debug] 4044#3764: *15 http header done
2016/07/12 20:13:28 [debug] 4044#3764: *15 event timer del: 400: 3741821009
2016/07/12 20:13:28 [debug] 4044#3764: *15 generic phase: 0
2016/07/12 20:13:28 [debug] 4044#3764: *15 rewrite phase: 1
2016/07/12 20:13:28 [debug] 4044#3764: *15 test location: "/"
2016/07/12 20:13:28 [debug] 4044#3764: *15 test location: "api"
2016/07/12 20:13:28 [debug] 4044#3764: *15 test location: "topic/view"
2016/07/12 20:13:28 [debug] 4044#3764: *15 test location: ~ "/topic/module/\d+"
2016/07/12 20:13:28 [debug] 4044#3764: *15 using configuration "/topic/module/\d+"
2016/07/12 20:13:28 [debug] 4044#3764: *15 http cl:-1 max:1048576
2016/07/12 20:13:28 [debug] 4044#3764: *15 rewrite phase: 3
2016/07/12 20:13:28 [debug] 4044#3764: *15 http script var
2016/07/12 20:13:28 [debug] 4044#3764: *15 http script var: "channel=3"
2016/07/12 20:13:28 [debug] 4044#3764: *15 http script regex: "channel=(\d+)"
2016/07/12 20:13:28 [notice] 4044#3764: *15 "channel=(\d+)" matches "channel=3", client: 127.0.0.1, server: localhost, request: "GET /topic/module/7?channel=3 HTTP/1.1", host: "localhost"
2016/07/12 20:13:28 [debug] 4044#3764: *15 http script if
2016/07/12 20:13:28 [debug] 4044#3764: *15 http script regex: "/topic/module/(\d+)"
2016/07/12 20:13:28 [notice] 4044#3764: *15 "/topic/module/(\d+)" matches "/topic/module/7", client: 127.0.0.1, server: localhost, request: "GET /topic/module/7?channel=3 HTTP/1.1", host: "localhost"
2016/07/12 20:13:28 [debug] 4044#3764: *15 http script copy: "/bbs/#/"
2016/07/12 20:13:28 [debug] 4044#3764: *15 http script capture: "7"
2016/07/12 20:13:28 [debug] 4044#3764: *15 http script args
2016/07/12 20:13:28 [debug] 4044#3764: *15 http script copy: "cid="
2016/07/12 20:13:28 [debug] 4044#3764: *15 http script var: "3"
2016/07/12 20:13:28 [debug] 4044#3764: *15 http script regex end
2016/07/12 20:13:28 [notice] 4044#3764: *15 rewritten data: "/bbs/#/7", args: "cid=3", client: 127.0.0.1, server: localhost, request: "GET /topic/module/7?channel=3 HTTP/1.1", host: "localhost"
2016/07/12 20:13:28 [debug] 4044#3764: *15 post rewrite phase: 4
2016/07/12 20:13:28 [debug] 4044#3764: *15 uri changes: 11
2016/07/12 20:13:28 [debug] 4044#3764: *15 test location: "/"
2016/07/12 20:13:28 [debug] 4044#3764: *15 test location: "api"
2016/07/12 20:13:28 [debug] 4044#3764: *15 test location: "topic/view"
2016/07/12 20:13:28 [debug] 4044#3764: *15 test location: ~ "/topic/module/\d+"
2016/07/12 20:13:28 [debug] 4044#3764: *15 using configuration "/"
2016/07/12 20:13:28 [debug] 4044#3764: *15 http cl:-1 max:1048576
2016/07/12 20:13:28 [debug] 4044#3764: *15 rewrite phase: 3
2016/07/12 20:13:28 [debug] 4044#3764: *15 post rewrite phase: 4
2016/07/12 20:13:28 [debug] 4044#3764: *15 generic phase: 5
2016/07/12 20:13:28 [debug] 4044#3764: *15 generic phase: 6
2016/07/12 20:13:28 [debug] 4044#3764: *15 generic phase: 7
2016/07/12 20:13:28 [debug] 4044#3764: *15 access phase: 8
2016/07/12 20:13:28 [debug] 4044#3764: *15 access phase: 9
2016/07/12 20:13:28 [debug] 4044#3764: *15 access phase: 10
2016/07/12 20:13:28 [debug] 4044#3764: *15 post access phase: 11
2016/07/12 20:13:28 [debug] 4044#3764: *15 content phase: 12
2016/07/12 20:13:28 [debug] 4044#3764: *15 content phase: 13
2016/07/12 20:13:28 [debug] 4044#3764: *15 content phase: 14
2016/07/12 20:13:28 [debug] 4044#3764: *15 content phase: 15
2016/07/12 20:13:28 [debug] 4044#3764: *15 content phase: 16
2016/07/12 20:13:28 [debug] 4044#3764: *15 content phase: 17
2016/07/12 20:13:28 [debug] 4044#3764: *15 http filename: "D:/workspace/webapp/bbs/#/7"
2016/07/12 20:13:28 [debug] 4044#3764: *15 add cleanup: 00DF8948
2016/07/12 20:13:28 [error] 4044#3764: *15 CreateFile() "D:/workspace/webapp/bbs/#/7" failed (3: The system cannot find the path specified), client: 127.0.0.1, server: localhost, request: "GET /topic/module/7?channel=3 HTTP/1.1", host: "localhost"
2016/07/12 20:13:28 [debug] 4044#3764: *15 http finalize request: 404, "/bbs/#/7?cid=3" a:1, c:1
2016/07/12 20:13:28 [debug] 4044#3764: *15 http special response: 404, "/bbs/#/7?cid=3"
2016/07/12 20:13:28 [debug] 4044#3764: *15 internal redirect: "/404.html?"
报错:
2017/02/16 11:36:39 [emerg] 4008#0: bind() to 0.0.0.0:80 failed (13: Permission denied)
2017/02/16 11:36:57 [error] 4013#0: *2 "/home/ec2-user/nginx/html/index.html" is forbidden (13: Permission denied), client: 196.1.1.200, server: localhost, request: "GET / HTTP/1.1", host: "196.1.1.100"
2017/02/16 11:36:58 [error] 4013#0: *2 "/home/ec2-user/nginx/html/index.html" is forbidden (13: Permission denied), client: 196.1.1.200, server: localhost, request: "GET / HTTP/1.1", host: "196.1.1.100"
2017/02/16 11:37:02 [error] 4013#0: *2 "/home/ec2-user/nginx/html/index.html" is forbidden (13: Permission denied), client: 196.1.1.200, server: localhost, request: "GET / HTTP/1.1", host: "196.1.1.100"
2017/02/16 11:40:16 [emerg] 4031#0: bind() to 0.0.0.0:80 failed (13: Permission denied)
2017/02/16 11:40:43 [error] 4037#0: *1 "/home/ec2-user/nginx/html/index.html" is forbidden (13: Permission denied), client: 196.1.1.200, server: localhost, request: "GET / HTTP/1.1", host: "196.1.1.100"
2017/02/16 11:40:44 [error] 4037#0: *1 "/home/ec2-user/nginx/html/index.html" is forbidden (13: Permission denied), client: 196.1.1.200, server: localhost, request: "GET / HTTP/1.1", host: "196.1.1.100"
2017/02/16 11:40:45 [error] 4037#0: *1 "/home/ec2-user/nginx/html/index.html" is forbidden (13: Permission denied), client: 196.1.1.200, server: localhost, request: "GET / HTTP/1.1", host: "196.1.1.100"
2017/02/16 11:43:11 [error] 4037#0: *2 "/home/ec2-user/nginx/html/index.html" is forbidden (13: Permission denied), client: 196.1.1.200, server: localhost, request: "GET / HTTP/1.1", host: "196.1.1.100"
解决办法:
One permission requirement that is often overlooked is a user needs x permissions in every parent directory of a file to access that file. Check the permissions on /, /home, /home/demo, etc. for www-data x access. My guess is that /home is probably 770 and www-data can't chdir through it to get to any subdir. If it is, try chmod o+x /home (or whatever dir is denying the request).
EDIT: To easily display all the permissions on a path, you can use namei -om /path/to/check
Same here. On my install of CentOS 6, /home/user dirs are set to 700 by default.
http://stackoverflow.com/questions/6795350/nginx-403-forbidden-for-all-files
问题:
2017/10/27 17:16:17 [alert] 1347#0: *19916 socket() failed (24: Too many open files) while connecting to upstream, client: 120.132.18.132, server: _, request: "GET /admin/v1/evaluation/careers HTTP/1.1", upstream: "http://10.25.174.68:5000/admin/v1/evaluation/careers", host: "120.132.18.132", referrer: "http://1gepingguo.cn/swagger-ui.html"
2017/10/27 17:16:17 [crit] 1347#0: *19916 open() "/usr/share/nginx/html/50x.html" failed (24: Too many open files), client: 120.132.18.132, server: _, request: "GET /admin/v1/evaluation/careers HTTP/1.1", upstream: "http://10.25.174.68:5000/admin/v1/evaluation/careers", host: "120.132.18.132", referrer: "http://1gepingguo.cn/swagger-ui.html"
2017/10/27 17:21:30 [notice] 1373#0: signal process started
解决办法:
#nginx worker进程运行用户以及用户组
user nobody nobody;
#nginx worker数量
worker_processes 4;
#全局错误日志文件,日志输出级别有debug、info、notice、warn、error、crit(类似于Python中的logging)
error_log logs/error.log notice;
#指定主进程id的存储文件位置
pid logs/nginx.pid;
#指定一个nginx进程可以打开的最多文件描述符数目
worker_rlimit_nofile 65535; //增加此配置
#设定nginx的工作模式及连接数上限
events{
use epoll; #linux 服务器的优点所在
worker_connections 65536;#设定worker的最大连接数
}
http://inbank2012.blog.51cto.com/6302802/1097939
http://www.cnblogs.com/coder2012/p/4072387.html
location /public{
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://localhost:8080;
}
tomcat access log的日志记录:
[30/Nov/2017:10:21:24 +0800] [http-nio-9090-exec-1] 101.81.27.120 127.0.0.1 GET /public/css/mycss.css HTTP/1.0 304 (3 ms)
Nginx是可以做正向代理的,但是必须指定resolver(既DNS)。但是我没有搭建内网DNS,所以就把104又搭建成了一台反向代理来模拟正向代理。我认为正向、反向代理原理都是差不多的,取得的结果也应该差不多的
我们在客户机上打开浏览器访问http://xxxx.com,看到的结果是:
REMOTE_ADDR=192.168.1.105
HTTP_X_FORWARDED_FOR=192.168.1.101, 192.168.1.104, 192.168.1.105
HTTP_X_REAL_IP=192.168.1.104
106上的Nginx log是:
remote_addr=192.168.1.105:34780, http_x_forwarded_for=192.168.1.101, 192.168.1.104, proxy_add_x_forwarded_for=192.168.1.101, 192.168.1.104, 192.168.1.105
105上的Nginx log是:
remote_addr=192.168.1.104:60142, http_x_forwarded_for=192.168.1.101, proxy_add_x_forwarded_for=192.168.1.101, 192.168.1.104
104上的Nginx log是:
remote_addr=192.168.1.101:23470, http_x_forwarded_for=-, proxy_add_x_forwarded_for=192.168.1.101
结果描述:
REMOTE_ADDR还是反向代理105的IP地址
HTTP_X_FORWARDED_FOR记录了真实客户端IP和两台反向代理IP,以逗号分隔。
HTTP_X_REAL_IP变成了104
结论:
在默认配置情况下,如果要取得客户端真实IP地址的话,只有取HTTP_X_FORWARDED_FOR的第一个逗号前的IP地址最靠谱,其他的地址都有可能被重写。当然,如果连HTTP_X_FORWARDED_FOR都被重写的话就另当别论了
https://www.cnblogs.com/harryc/p/6361892.html
Nginx的https配置记录以及http强制跳转到https的方法梳理
server {
listen 80;
server_name dev.wangshibo.com;
index index.html index.php index.htm;
access_log /usr/local/nginx/logs/8080-access.log main;
error_log /usr/local/nginx/logs/8080-error.log;
return 301 https://$server_name$request_uri; //这是nginx最新支持的写法
location ~ / {
root /var/www/html/8080;
index index.html index.php index.htm;
}
}
https://www.cnblogs.com/kevingrace/p/6187072.html
