阿西河

所有教程

公众号
🌙
阿西河前端的公众号

我的收藏

    最近访问  (文章)

      教程列表

      抓包专区
      测试专区

      nginx.conf 设置

      刚配置 gzip 压缩的

      路径:/etc/nginx/nginx.conf 内容如下:

      user  nginx;
      worker_processes  1;
      
      error_log  /var/log/nginx/error.log warn;
      pid        /var/run/nginx.pid;
      
      
      events {
          worker_connections  1024;
      }
      
      
      http {
          include       /etc/nginx/mime.types;
          default_type  application/octet-stream;
      
          log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                            '$status $body_bytes_sent "$http_referer" '
                            '"$http_user_agent" "$http_x_forwarded_for"';
      
          access_log  /var/log/nginx/access.log  main;
      
          sendfile        on;
          #tcp_nopush     on;
      
          keepalive_timeout  65;
      
          #gzip  on;
          gzip  on;   #开启gzip
          gzip_min_length 1k; #低于1kb的资源不压缩
          gzip_comp_level 8; #压缩级别【1-9】,越大压缩率越高,同时消耗cpu资源也越多,建议设置在4左右。
          gzip_types text/plain application/javascript application/x-javascript text/javascript text/xml text/css;  #需要压缩哪些响应类型的资源,多个空格隔开。不建议压缩图片,下面会讲为什么。
          gzip_disable "MSIE [1-6]\.";  #配置禁用gzip条件,支持正则。此处表示ie6及以下不启用gzip(因为ie低版本不支持)
          gzip_vary on;  #是否添加“Vary: Accept-Encoding”响应头
      
          include /etc/nginx/conf.d/*.conf;
      }
      

      文件 /etc/nginx/conf.d/default.conf 如下

      server {
          listen       80;
          server_name  localhost;
      
          #charset koi8-r;
          #access_log  /var/log/nginx/host.access.log  main;
      
          location / {
              root   /usr/share/nginx/html;
              index  index.html index.htm;
          }
      
          #error_page  404              /404.html;
      
          # redirect server error pages to the static page /50x.html
          #
          error_page   500 502 503 504  /50x.html;
          location = /50x.html {
              root   /usr/share/nginx/html;
          }
      
          # proxy the PHP scripts to Apache listening on 127.0.0.1:80
          #
          #location ~ \.php$ {
          #    proxy_pass   http://127.0.0.1;
          #}
      
          # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
          #
          #location ~ \.php$ {
          #    root           html;
          #    fastcgi_pass   127.0.0.1:9000;
          #    fastcgi_index  index.php;
          #    fastcgi_param  SCRIPT_FILENAME  /scripts$fastcgi_script_name;
          #    include        fastcgi_params;
          #}
      
          # deny access to .htaccess files, if Apache's document root
          # concurs with nginx's one
          #
          #location ~ /\.ht {
          #    deny  all;
          #}
      }
      

      www 重定向

      www 重定向到转向不带 www:

      server {
          server_name www.axihe.com;
          return 301 $scheme://axihe.com$request_uri;
      }
      

      不带 www 重定向到带 www:

      server {
          server_name axihe.com;
          return 301 $scheme://www.axihe.com$request_uri;
      }
      

      /etc/nginx/conf.d/default.conf文件如下

      server {
          listen       80;
          server_name axihe.com;
          return 301 $scheme://www.axihe.com$request_uri;
      
          #charset koi8-r;
          #access_log  /var/log/nginx/host.access.log  main;
      
          location / {
              root   /usr/share/nginx/axihe-web/dist;
              index  index.html index.htm;
          }
      
          #error_page  404              /404.html;
      
          # redirect server error pages to the static page /50x.html
          #
          error_page   500 502 503 504  /50x.html;
          location = /50x.html {
              root   /usr/share/nginx/html;
          }
      
          # proxy the PHP scripts to Apache listening on 127.0.0.1:80
          #
          #location ~ \.php$ {
          #    proxy_pass   http://127.0.0.1;
          #}
      
          # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
          #
          #location ~ \.php$ {
          #    root           html;
          #    fastcgi_pass   127.0.0.1:9000;
          #    fastcgi_index  index.php;
          #    fastcgi_param  SCRIPT_FILENAME  /scripts$fastcgi_script_name;
          #    include        fastcgi_params;
          #}
      
          # deny access to .htaccess files, if Apache's document root
          # concurs with nginx's one
          #
          #location ~ /\.ht {
          #    deny  all;
          #}
      }
      

      /etc/nginx/conf.d/www-axihe-com文件如下

      server {
        listen       80;
        server_name www.axihe.com;
        root /usr/share/nginx/axihe-web/dist;
        index index.html;
        location ~* ^.+\.(jpg|jpeg|gif|png|ico|css|js|pdf|txt){
          root /usr/share/nginx/axihe-web/dist;
        }
      }
      
      

      ssl setting

      server {
        listen       80;
        listen       443 ssl;      # 对 443 端口进行 SSL 加密
        server_name  www.axihe.com;
        root /usr/share/nginx/axihe-web/dist;
        index index.html;
        location ~* ^.+\.(jpg|jpeg|gif|png|ico|css|js|pdf|txt){
          root /usr/share/nginx/axihe-web/dist;
        }
      
        # 沃通生成的 SSL 证书的存放位置
        ssl_certificate           /etc/nginx/cert/1874900_www.axihe.com.pem;
        ssl_certificate_key       /etc/nginx/cert/1874900_www.axihe.com.key;
        # 其他 SSL 相关设置
        ssl_session_timeout       10m;
        ssl_protocols             TLSv1 TLSv1.1 TLSv1.2;
        ssl_ciphers               ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
        ssl_prefer_server_ciphers on;
      
        # 主域名和子域名都启用 HSTS,过期时间为两年
        add_header Strict-Transport-Security "max-age=63072000; includeSubdomains; preload";
      
        # 所有 HTTP 访问都永久重定向(301)到 HTTPS
        if ( $scheme = http ) {
          rewrite ^/(.*) https://$server_name/$1 permanent;
        }
      }
      

      增加谷歌分析

      /etc/nginx/conf.d/www-axihe-com文件如下

      server {
        listen       80;
        listen       443 ssl;      # 对 443 端口进行 SSL 加密
        server_name  www.axihe.com;
        # root /usr/share/nginx/axihe-web/dist;
        # index index.html;
      
        # google any start
        userid on;
        userid_name cid;
        userid_domain axihe.com;
        userid_path /;
        userid_expires max;
      
        location @ga {
          internal;
          resolver 8.8.8.8 [2001:4860:4860::8888];
      
          set $lang 'zh-cn';
          if ( $http_accept_language ~ en ) {
              set $lang 'en-us';
          }
      
          proxy_method GET;
          # UA-100341141-2
          proxy_pass https://ssl.google-analytics.com/collect?v=1&tid=UA-100341141-2&$uid_set$uid_got&t=pageview&dh=$host&dp=$uri&uip=$remote_addr&dr=$http_referer&z=$msec&ul=$lang;
          proxy_set_header User-Agent $http_user_agent;
          proxy_pass_request_headers off;
          proxy_pass_request_body off;
        }
        # google any end
      
        location / {
          root /usr/share/nginx/axihe-web/dist;
          index index.html;
          # 当匹配到此 location 时,这里会异步的调用 @ga
          if ($http_user_agent !~* "qihoobot|Baiduspider|Googlebot|Googlebot-Mobile|Googlebot-Image|Mediapartners-Google|Adsbot-Google|Feedfetcher-Google|Yahoo! Slurp|Yahoo! Slurp China|YoudaoBot|Sosospider|Sogou spider|Sogou web spider|MSNBot|ia_archiver|Tomato Bot|YiSou Spider") {
              post_action @ga;
          }
          # post_action @ga;
        }
      
        error_page  404              /404.html;
      
        # 沃通生成的 SSL 证书的存放位置
        ssl_certificate           /etc/nginx/cert/1874900_www.axihe.com.pem;
        ssl_certificate_key       /etc/nginx/cert/1874900_www.axihe.com.key;
        # 其他 SSL 相关设置
        ssl_session_timeout       10m;
        ssl_protocols             TLSv1 TLSv1.1 TLSv1.2;
        ssl_ciphers               ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
        ssl_prefer_server_ciphers on;
      
        # 主域名和子域名都启用 HSTS,过期时间为两年
        add_header Strict-Transport-Security "max-age=63072000; includeSubdomains; preload";
      
        # 所有 HTTP 访问都永久重定向(301)到 HTTPS
        if ( $scheme = http ) {
          rewrite ^/(.*) https://$server_name/$1 permanent;
        }
      }
      

      2020-07

      server {
        listen       443 ssl;      # 对 443 端口进行 SSL 加密
        server_name  www.axihe.com;
        # root /usr/share/nginx/axihe-web/dist;
        # index index.html;
      
        location / {
          root /usr/share/nginx/axihe-web/dist;
          index index.html;
        }
      
        error_page  404              /404.html;
      
        # 沃通生成的 SSL 证书的存放位置
        ssl_certificate           /etc/nginx/cert/3485712_www.axihe.com.pem;
        ssl_certificate_key       /etc/nginx/cert/3485712_www.axihe.com.key;
        # 其他 SSL 相关设置
        ssl_session_timeout       10m;
        ssl_protocols             TLSv1 TLSv1.1 TLSv1.2;
        ssl_ciphers               ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
        ssl_prefer_server_ciphers on;
      
        # 主域名和子域名都启用
        add_header Strict-Transport-Security "max-age=31536000; includeSubdomains; preload";
      
        # 所有 HTTP 访问都永久重定向(301)到 HTTPS
        if ( $scheme = http ) {
          rewrite ^/(.*) https://$server_name/$1 permanent;
        }
      }
      
      目录
      目录