我们在搭建网站时,为了方便管理,常常会选用 PHP+MySQL 这种架构,Web 引擎可选择 Apache 或是 Nginx。今天杜老师说一下,选择 Nginx 时,主配置文件和站点配置文件如何改写!
Nginx 主配置文件
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47
| user www www; worker_processes auto; error_log /www/wwwlogs/nginx_error.log crit; pid /www/server/nginx/logs/nginx.pid; worker_rlimit_nofile 51200; events { use epoll; worker_connections 51200; multi_accept on; } http { include mime.types; include proxy.conf; default_type application/octet-stream; server_names_hash_bucket_size 512; client_header_buffer_size 32k; large_client_header_buffers 4 32k; client_max_body_size 50m; sendfile on; tcp_nopush on; keepalive_timeout 60; tcp_nodelay on; fastcgi_connect_timeout 300; fastcgi_send_timeout 300; fastcgi_read_timeout 300; fastcgi_buffer_size 64k; fastcgi_buffers 4 64k; fastcgi_busy_buffers_size 128k; fastcgi_temp_file_write_size 256k; fastcgi_intercept_errors on; gzip on; gzip_min_length 1k; gzip_buffers 4 16k; gzip_http_version 1.1; gzip_comp_level 2; gzip_types text/plain application/javascript application/x-javascript text/javascript text/css application/xml; gzip_vary on; gzip_proxied expired no-cache no-store private auth; gzip_disable "MSIE [1-6]\."; limit_conn_zone $binary_remote_addr zone=perip:10m; limit_conn_zone $server_name zone=perserver:10m; server_tokens off; access_log off; include /www/server/panel/vhost/nginx/*.conf; }
|
注意:以上为 Nginx 主配置文件参考,这里假设已安装相关的模块。日志目录为/www/wwwlogs/,Nginx 安装目录/www/server/nginx/,站点信息配置文件目录为/www/server/panel/vhost/nginx/。
站点配置文件
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46
| server { listen 80; listen 443 ssl http2; server_name 7bu.top www.7bu.top; index index.php index.html index.htm default.php default.htm default.html; root /www/wwwroot/7bu.top/public; if ($server_port !~ 443){ rewrite ^(/.*)$ https://$host$1 permanent; } ssl_certificate /www/server/panel/vhost/cert/7bu.top/fullchain.pem; ssl_certificate_key /www/server/panel/vhost/cert/7bu.top/privkey.pem; ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3; ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE; ssl_prefer_server_ciphers on; ssl_session_cache shared:SSL:10m; ssl_session_timeout 10m; error_page 497 https://$host$request_uri; if ($host ~ '^www.7bu.top'){ return 301 http://7bu.top$request_uri; } include /www/server/panel/vhost/open_basedir/nginx/7bu.top.conf; include enable-php-73.conf; include /www/server/panel/vhost/rewrite/7bu.top.conf; location ~ ^/(\.user.ini|\.htaccess|\.git|\.svn|\.project|LICENSE|README.md) { return 404; } location ~ \.well-known{ allow all; } location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$ { expires 30d; error_log off; access_log /dev/null; } location ~ .*\.(js|css)?$ { expires 12h; error_log off; access_log /dev/null; } access_log /www/wwwlogs/7bu.top.log; error_log /www/wwwlogs/7bu.top.error.log; }
|
注意:以去不图床的配置文件为例,可自定义项分别是:监听端口、站点域名、网站目录、端口转发、证书信息、强制跳转、地址重写、文件缓存、文件屏蔽等等。