nginx
Smooth upgrade
1. Get the compilation parameter - V of the old version
[root@localhost ~]# nginx -V nginx version: nginx/1.21.3 built by gcc 4.8.5 20150623 (Red Hat 4.8.5-44) (GCC) built with OpenSSL 1.0.2k-fips 26 Jan 2017 TLS SNI support enabled configure arguments: --prefix=/usr/local/nginx --user=nginx --group=nginx --with-debug --with-http_ssl_module --with-http_realip_module --with-http_image_filter_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_stub_status_module --http-log-path=/var/log/nginx/access.log --error-log-path=/var/log/nginx/error.log
2. Obtain software packages with new versions or functions
Download address github.com
[root@localhost ~]# cd /usr/src/ [root@localhost src]# ls debug echo-nginx-module-master.tar kernels nginx-1.21.3 [root@localhost src]# tar xf echo-nginx-module-master.tar [root@localhost src]# ls debug echo-nginx-module-master echo-nginx-module-master.tar kernels nginx-1.21.3
3. Compile software packages with new functions or versions
[root@localhost src]# cd nginx-1.21.3/ [root@nginx nginx-1.21.3]# ./configure --prefix=/usr/local/nginx --user=nginx --group=nginx --with-debug --with-http_ssl_module --with-http_realip_module --with-http_image_filter_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_stub_status_module --http-log-path=/var/log/nginx/access.log --error-log-path=/var/log/nginx/error.log --add-module=../echo-nginx-module-master [root@nginx nginx-1.21.3]# make
4. Back up old programs
[root@localhost nginx-1.21.3]# ll objs/nginx /usr/local/nginx/sbin/nginx -rwxr-xr-x. 1 root root 7069888 10 July 27-23:55 objs/nginx -rwxr-xr-x. 1 root root 6452216 10 June 25-16:25 /usr/local/nginx/sbin/nginx [root@localhost nginx-1.21.3]# cp /usr/local/nginx/sbin/nginx /opt/ [root@localhost nginx-1.21.3]# ls /opt/ mime.types nginx nginx.conf
5. Stop the old program and start it with the new program using the configuration file of the old program
[root@localhost nginx-1.21.3]# nginx -s stop;objs/nginx -c /usr/local/nginx/conf/nginx.conf [root@localhost nginx-1.21.3]# ps -ef|grep nginx root 62044 1487 0 00:00 pts/0 00:00:00 grep --color=auto nginx
6. Check the function. If there is no problem, replace the old program with the new program
[root@localhost nginx-1.21.3]# objs/nginx -t nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful [root@localhost nginx-1.21.3]# objs/nginx -s reload
7. Test
[root@localhost ~]# vim /usr/local/nginx/conf/nginx.conf
location / {
root html;
index index.html index.htm;
}
location /test {
echo "test";
}
[root@localhost nginx-1.21.3]# objs/nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
[root@localhost nginx-1.21.3]# objs/nginx -s reload
[root@localhost ~]# curl http://192.168.129.33/test
test
[root@localhost nginx-1.21.3]# \cp objs/nginx /usr/local/nginx/sbin/nginx
[root@localhost nginx-1.21.3]# ll objs/nginx /usr/local/nginx/sbin/nginx
-rwxr-xr-x. 1 root root 7069888 10 July 27-23:55 objs/nginx
-rwxr-xr-x. 1 root root 7069888 10 June 28 00:12 /usr/local/nginx/sbin/nginx
[root@localhost nginx-1.21.3]# objs/nginx -s stop;nginx
[root@localhost nginx-1.21.3]# ps -ef | grep nginx
root 48446 1 0 00:50 ? 00:00:00 nginx: master process nginx
nginx 48447 48446 0 00:50 ? 00:00:00 nginx: worker process
root 48938 1494 0 00:50 pts/0 00:00:00 grep --color=auto nginx
location configuration
The location section, which matches the URI requested by the client by specifying a pattern
//Function: it is allowed to match each defined location according to the URI requested by the user. When matching, the request will be processed by the configuration in the corresponding location configuration block, such as access control
//Syntax: location [modifier] pattern {...}
Description of common modifiers:
| Modifier | function |
|---|---|
| = | Exact match |
| ~ | Regular expression pattern matching, case sensitive |
| ~* | Regular expression pattern matching, case insensitive |
| ^~ | Prefix matching is similar to the behavior without modifier. It also starts with the specified module. The difference is that if the pattern matches, the search for other patterns will stop, and regular expressions are not supported |
| @ | Define named location sections. These sections cannot be accessed by clients and can only be accessed by internally generated requests, such as try_files or error_page et al |
No modifier means that it must start with the specified mode, such as:
[root@localhost local]# vim nginx/conf/nginx.conf
location / {
root html;
index index.html index.htm;
}
location /test {
echo "test";
}
[root@localhost ~]# nginx -s reload
Then the following can be matched correctly:
[root@localhost ~]# curl http://192.168.129.33/test
test
[root@localhost ~]# curl http://192.168.129.33/test/
test
[root@localhost ~]# curl http://192.168.129.33/test?test
test
=: indicates that it must exactly match the specified pattern, such as:
[root@localhost ~]# vim /usr/local/nginx/conf/nginx.conf
......
location / {
root html;
index index.html index.htm;
}
location /test { #Match all under / test
echo "test";
}
location =/test {
echo "111";
}
[root@localhost ~]# nginx -s reload
Then the following can be matched correctly:
[root@localhost ~]# curl http://192.168.129.33/test
111
The following cannot be matched:
[root@localhost ~]# curl http://192.168.129.33/test/
test
[root@localhost ~]# curl http://192.168.129.33/test/hh
test
[root@localhost ~]# curl http://192.168.129.33/testtest
test
~: indicates that the specified regular expression should be case sensitive, such as:
[root@localhost ~]# vim /usr/local/nginx/conf/nginx.conf
......
location / {
root html;
index index.html index.htm;
}
location /test {
echo "test";
}
location ~ ^/test$ {
echo "Case";
}
[root@localhost ~]# nginx -s reload
Then the following can be matched correctly:
[root@localhost ~]# curl http://192.168.129.33/test
Case
The following cannot be matched:
[root@localhost ~]# curl http://192.168.129.33/test/
test
[root@localhost ~]# curl http://192.168.129.33/testkllk
test
~*: indicates that the specified regular expression is not case sensitive, such as:
[root@localhost ~]# vim /usr/local/nginx/conf/nginx.conf
......
location ~ ^/test$ {
echo "Case";
}
[root@localhost ~]# nginx -s reload
Then the following can be matched correctly:
[root@localhost ~]# curl http://192.168.129.33/test
Case insensitive
[root@localhost ~]# curl http://192.168.129.33/TEST
Case insensitive
[root@localhost ~]# curl http://192.168.129.33/TEst
Case insensitive
The following cannot be matched:
[root@localhost ~]# curl http://192.168.129.33/TEst/
<html>
<head><title>404 Not Found</title></head>
<body>
<center><h1>404 Not Found</h1></center>
<hr><center>nginx/1.21.3</center>
</body>
</html>
[root@localhost ~]# curl http://192.168.129.33/testas
<html>
<head><title>404 Not Found</title></head>
<body>
<center><h1>404 Not Found</h1></center>
<hr><center>nginx/1.21.3</center>
</body>
</html>
~: similar to the behavior without modifier, it also starts with the specified pattern. The difference is that if the pattern matches, it stops searching for other patterns
[root@localhost ~]# vim /usr/local/nginx/conf/nginx.conf
......
location / {
root html;
index index.html index.htm;
}
location /test {
echo "nothing";
}
location ~ ^/test$ {
echo "Case sensitive";
}
location ~* ^/test$ {
echo "Case insensitive";
}
[root@localhost ~]# nginx -s reload
Then the following can be matched correctly:
[root@localhost ~]# curl http://192.168.129.33/test
Case sensitive
[root@localhost ~]# curl http://192.168.129.33/tesT
Case insensitive
[root@localhost ~]# curl http://192.168.129.33/test/
nothing
[root@localhost ~]# curl http://192.168.129.33/test/asda
nothing
[root@localhost ~]# curl http://192.168.129.33/testasda
nothing
Search order and priority: from high to low
- Exact match with = is preferred
- Regular expressions follow the order they are defined in the configuration file
- With the ^ ~ modifier, the beginning matches
- With the ~ or ~ * modifier, if the regular expression matches the URI
- Exact match without modifier
The priority order is as follows:
( location = route ) --> ( location ^~ route ) --> ( location ~ regular ) --> ( location ~* regular ) --> ( locatio
access control
For location segment
allow: set which host or hosts are allowed to access, and wrap between multiple parameters
deny: set which host or hosts are forbidden to access, and wrap between multiple parameters
Example:
allow 192.168.1.1/32 ; allow 192.168.2.1/32 ; deny all;
Example:
[root@localhost ~]# mkdir /usr/local/nginx/html/test -p [root@localhost ~]# cat > /usr/local/nginx/html/test/index.html >>EOF <html> <head> <title>test page</title> </head> <body> <a href="http://www.baidu.com">baidu</a> </body> </html> EOF [root@localhost ~]# nginx -s reload
[root@localhost ~]# vim /usr/local/nginx/conf/nginx.conf
......
location / {
root html;
index index.html index.htm;
}
location /test {
deny 192.168.129.1; ## Blacklist (anyone can access it except yourself)
root html;
index index.html;
}
.....
[root@localhost ~]# curl http://192.168.129.33/test/index.html
<html>
<head>
<title>test page</title>
</head>
<body>
<a href="http://www.baidu.com">baidu</a>
</body>
</html>
[root@localhost ~]# vim /usr/local/nginx/conf/nginx.conf
......
location / {
root html;
index index.html index.htm;
}
location /test {
allow 192.168.129.1; #White list (no one can visit except yourself)
deny all;
root html;
index index.html;
}
.....
[root@localhost ~]# curl http://192.168.129.33/test/index.html
<html>
<head><title>403 Forbidden</title></head>
<body>
<center><h1>403 Forbidden</h1></center>
<hr><center>nginx/1.21.3</center>
</body>
</html>
