LNMP architecture virtual host configuration, user authentication and domain name redirection

November 26 mission
12.6 Nginx installation

https://my.oschina.net/u/3964535/blog/2933878 
12.7 default virtual host
12.8 Nginx user authentication
12.9 Nginx domain name redirection

 

Configure nginx virtual host

  • Modify nginx main configuration file
[root@localhost nginx-1.12.2]# vim /usr/local/nginx/conf/nginx.conf
# Delete the original server statement block and replace it with the following code

include vhost/*.conf;
  • Create and modify a virtual host profile (default virtual host)
[root@localhost nginx-1.12.2]# cd /usr/local/nginx/conf
[root@localhost conf]# mkdir vhost
[root@localhost conf]# cd vhost/
[root@localhost vhost]# vim aaa.com.conf
server
{
    # Specify listening port 80 and set the virtual host as the default virtual host
    listen 80 default_server;
    
    # Set the name of the server
    server_name aaa.com;
    
    # Set server default web page
    index index.html index.htm index.php;
    
    # Set the root of the server
    root /data/www/default;
}
  • Create the root directory and default page of the default virtual host
[root@localhost vhost]# mkdir -p /data/www/default
[root@localhost vhost]# cd /data/www/default/

[root@localhost default]# vim index.html
aaa.com
  • Detect code and restart service
[root@localhost default]# /usr/local/nginx/sbin/nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
[root@localhost default]# /usr/local/nginx/sbin/nginx -s reload
  • Effect test
[root@localhost default]# curl -x 127.0.0.1:80 aaa.com
aaa.com

# Because it is the default virtual host, any domain name can display the default web page information
[root@localhost default]# curl -x 127.0.0.1:80 bbb.com
aaa.com

nginx user authentication

A virtual host in nginx for a profile

  • Create a new virtual host profile
[root@localhost default]# vim /usr/local/nginx/conf/vhost/test.com.conf 
server
{
    # This is not the default virtual host. The default server does not need to be configured
    listen 80;
    server_name test.com;
    index index.html index.htm index.php;
    root /data/www/test.com;
    
    # Add the following code
    location /
        {
	    auth_basic "Auth";
	    auth_basic_user_file /usr/local/nginx/conf/htpasswd;
	}
}
  • Create test.com related directories and files
[root@localhost default]# mkdir /data/www/test.com
[root@localhost default]# vim /data/www/test.com/index.html
test.com
  • Create password file because user authentication password file needs to be generated by using apache's htpasswd command, install httpd, and create user
[root@localhost default]# yum install -y httpd
[root@localhost default]# htpasswd -c /usr/local/nginx/conf/htpasswd test
New password: 
Re-type new password: 
Adding password for user test
  • Restart service
[root@localhost default]# /usr/local/nginx/sbin/nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
[root@localhost default]# /usr/local/nginx/sbin/nginx -s reload
  • Testing effect
# General visit
[root@localhost default]# curl -x 127.0.0.1:80 test.com -I
HTTP/1.1 401 Unauthorized
Server: nginx/1.12.2
Date: Sun, 31 Dec 2017 06:55:24 GMT
Content-Type: text/html
Content-Length: 195
Connection: keep-alive
WWW-Authenticate: Basic realm="Auth"

# Specify user access
[root@localhost default]# curl -x 127.0.0.1:80 -utest:1 test.com -I 
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Sun, 31 Dec 2017 06:55:33 GMT
Content-Type: text/html
Content-Length: 8
Last-Modified: Sun, 31 Dec 2017 06:17:09 GMT
Connection: keep-alive
ETag: "5a4880e5-8"
Accept-Ranges: bytes
[root@localhost default]# curl -x 127.0.0.1:80 -utest:1 test.com 
test.com

Authenticate to a directory under the virtual host

  • To modify the code for a directory authentication, simply modify the above code;
[root@localhost default]# vim /usr/local/nginx/conf/vhost/test.com.conf 
server
{
    listen 80;
    server_name test.com;
    index index.html index.htm index.php;
    root /data/www/test.com;
    
    # Just modify the location, nothing else will change
    location /admin/
        {
	    auth_basic "Auth";
	    auth_basic_user_file /usr/local/nginx/conf/htpasswd;
	}
}
  • Restart service
[root@localhost default]# /usr/local/nginx/sbin/nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
[root@localhost default]# /usr/local/nginx/sbin/nginx -s reload
  • Verification
# test.com
[root@localhost default]# curl -x 127.0.0.1:80  test.com
test.com

# The admin directory under test.com needs user authentication
[root@localhost default]# curl -x 127.0.0.1:80  test.com/admin/
<html>
<head><title>401 Authorization Required</title></head>
<body bgcolor="white">
<center><h1>401 Authorization Required</h1></center>
<hr><center>nginx/1.12.2</center>
</body>
</html>

Authenticate a file (URL visited) under the virtual host

*(modify virtual host configuration file (use ~ matching file)

[root@localhost default]# vim /usr/local/nginx/conf/vhost/test.com.conf 
server
{
    listen 80;
    server_name test.com;
    index index.html index.htm index.php;
    root /data/www/test.com;
    
    # Just modify the location, and the rest will remain the same. Here, matching admin.php is just a simple representation
    # More complex regularization can be used to show accurate document authentication
    location ~ admin.php
        {
	    auth_basic "Auth";
	    auth_basic_user_file /usr/local/nginx/conf/htpasswd;
	}
}
  • Restart service
[root@localhost default]# /usr/local/nginx/sbin/nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
[root@localhost default]# /usr/local/nginx/sbin/nginx -s reload
  • Verification
[root@localhost default]# curl -x 127.0.0.1:80  test.com/admin.php<html>
<head><title>401 Authorization Required</title></head>
<body bgcolor="white">
<center><h1>401 Authorization Required</h1></center>
<hr><center>nginx/1.12.2</center>
</body>
</html>

Domain name redirection

  • Modify virtual host profile
[root@localhost default]# vim /usr/local/nginx/conf/vhost/test.com.conf
server
{
    listen 80;
    
    # nginx can configure multiple host names. apache can only use ServerAlias to specify aliases
    server_name test.com test2.com;
    index index.html index.htm index.php;
    root /data/www/test.com;
    
    # In multiple domain names
    # Judge whether host is test.com
    if ($host != 'test.com') {
	rewrite ^/(.*)$ http://test.com/$1 permanent;
    }
}
  • Restart service
[root@localhost default]# /usr/local/nginx/sbin/nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
[root@localhost default]# /usr/local/nginx/sbin/nginx -s reload
  • Verification
[root@localhost default]# curl -x 127.0.0.1:80 test2.com/index.html
<html>
<head><title>301 Moved Permanently</title></head>
<body bgcolor="white">
<center><h1>301 Moved Permanently</h1></center>
<hr><center>nginx/1.12.2</center>
</body>
</html>
[root@localhost default]# curl -x 127.0.0.1:80 test2.com/admin/index.html
<html>
<head><title>301 Moved Permanently</title></head>
<body bgcolor="white">
<center><h1>301 Moved Permanently</h1></center>
<hr><center>nginx/1.12.2</center>
</body>
</html>
[root@localhost default]# curl -x 127.0.0.1:80 test3.com/index.html
aaa.com

Keywords: Operation & Maintenance Nginx curl vim PHP

Added by monotoko on Wed, 04 Dec 2019 21:50:45 +0200

Popular Keywords

©2024 Programming VIP