nginx + php + https 配置用例
来源:互联网 发布:沈阳淘车网络骗局 编辑:程序博客网 时间:2024/05/22 18:56
# 启动服务的用户和组
user lighttpd lighttpd;
# 开多少进程
worker_processes 2;
# 错误日志
error_log /data/log/nginx/nginx_error/nginx_error.log crit;
# pid
pid /var/run/nginx.pid;
#Specifies the value for maximum file descriptors that can be opened by this process.
worker_rlimit_nofile 51200;
events
{
use epoll;
worker_connections 51200;
}
http
{
# 开两 php-cgi 服务,端口连接方式速度快,socket方式稳定
# 使用 lighttpd 的 spawn-fcgi 起的fast-cgi
# weight 是设置权重
upstream phpfastcgi {
server unix:/tmp/php-fastcgi0.sock weight=1;
server unix:/tmp/php-fastcgi1.sock weight=1;
# server 127.0.0.1:8000 weight=1;
# server 127.0.0.1:8001 weight=1;
}
# mime 类型 和 默认 header-type
include mime.types;
default_type application/octet-stream;
# 默认 header-charset
charset utf-8;
# 一些限制
server_names_hash_bucket_size 128;
client_header_buffer_size 32k;
large_client_header_buffers 4 32k;
client_max_body_size 8m;
# sendfile 应该是 lighttpd 的 sendfile 是一个意思
sendfile on;
tcp_nopush on;
keepalive_timeout 60;
tcp_nodelay on;
# fastcgi 配置
fastcgi_connect_timeout 300;
fastcgi_send_timeout 300;
fastcgi_read_timeout 300;
fastcgi_buffer_size 64k;
fastcgi_buffers 4 64k;
fastcgi_busy_buffers_size 128k;
fastcgi_temp_file_write_size 128k;
# 开启gzip
gzip on;
gzip_min_length 1k;
gzip_buffers 4 16k;
gzip_http_version 1.0;
gzip_comp_level 2;
gzip_types text/plain application/x-javascript text/css application/xml;
gzip_vary on;
#limit_zone crawler $binary_remote_addr 10m;
# 定义日志格式
log_format access '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" $http_x_forwarded_for';
# 定义一个虚拟机
server
{
# 监听端口
listen 80;
# 虚拟机名
server_name klpt-test.domain.com;
# 如打开的是一个目录,默认的搜索文件的顺序
index index.html index.htm index.php;
# 虚拟机指向的路径
root /data/www/klpt-test.domain.com/webroot;
# 如果访问的路径不存在,那么rewrite给根目录的 index.php,路径以参数url来传递
location / {
index index.html index.php;
if (-f $request_filename) {
break;
}
if (!-f $request_filename) {
rewrite ^/(.+)$ /index.php?url=$1 last;
break;
}
}
# 配置PHP
location ~ \.php$ {
fastcgi_pass phpfastcgi;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /data/www/klpt-test.domain.com/webroot$fastcgi_script_name;
include fastcgi_params;
}
# 图片缓存 30 天
location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$ {
expires 30d;
}
# js 和 css 缓存 1 小时
location ~ .*\.(js|css)$ {
expires 1h;
}
}
server
{
# 定义的虚拟机监听端口是 443
listen 443;
server_name klpt.domain.com;
index index.html index.htm index.php;
root /data/www/klpt.domain.com/webroot;
# 开启 ssl 服务
# 命令 openssl req -new -x509 -nodes -out klpt-sqladmin.crt -keyout klpt-sqladmin.key
ssl on;
ssl_certificate /data/etc/nginx7/conf/klpt-sqladmin.crt;
ssl_certificate_key /data/etc/nginx7/conf/klpt-sqladmin.key;
ssl_session_timeout 5m;
ssl_protocols SSLv2 SSLv3 TLSv1;
ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
ssl_prefer_server_ciphers on;
#limit_conn crawler 20;
# 如果访问的路径不存在,那么rewrite给根目录的 index.php,路径以参数url来传递
location / {
index index.html index.php;
if (-f $request_filename) {
break;
}
if (!-f $request_filename) {
rewrite ^/(.+)$ /index.php?url=$1 last;
break;
}
}
# php config
location ~ \.php$ {
fastcgi_pass phpfastcgi;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /data/www/klpt.domain.com/webroot$fastcgi_script_name;
# 开启 https ,需要此配置
fastcgi_param HTTPS on;
include fastcgi_params;
}
# 将静态文件缓存 30 天
location ~ .*\.(gif|jpg|jpeg|png|bmp|swf|js|css)$ {
expires 30d;
}
# log
access_log /data/log/nginx/nginx_access/nginx_klpt_access.log access;
}
# 静态服
server
{
listen 80;
server_name klpt-static.domain.com;
index index.html index.htm;
root /data/www/klpt-static.domain.com;
location ~ .*\.(gif|jpg|jpeg|png|bmp|swf|js|css)$ {
expires 30d;
}
}
server
{
listen 443;
server_name klpt-sqladmin.domain.com;
index index.html index.htm index.php;
root /data/www/klpt-sqladmin.domain.com;
ssl on;
ssl_certificate /data/etc/nginx7/conf/klpt-sqladmin.crt;
ssl_certificate_key /data/etc/nginx7/conf/klpt-sqladmin.key;
ssl_session_timeout 5m;
ssl_protocols SSLv2 SSLv3 TLSv1;
ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
ssl_prefer_server_ciphers on;
location ~ \.php$ {
fastcgi_pass phpfastcgi;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /data/www/klpt-sqladmin.domain.com$fastcgi_script_name;
# 开启 https ,需要此配置
fastcgi_param HTTPS on;
include fastcgi_params;
}
location ~ .*\.(gif|jpg|jpeg|png|bmp|swf|js|css)$ {
expires 30d;
}
access_log /data/log/nginx/nginx_access/nginx_sqladmin_access.log access;
}
}
user lighttpd lighttpd;
# 开多少进程
worker_processes 2;
# 错误日志
error_log /data/log/nginx/nginx_error/nginx_error.log crit;
# pid
pid /var/run/nginx.pid;
#Specifies the value for maximum file descriptors that can be opened by this process.
worker_rlimit_nofile 51200;
events
{
use epoll;
worker_connections 51200;
}
http
{
# 开两 php-cgi 服务,端口连接方式速度快,socket方式稳定
# 使用 lighttpd 的 spawn-fcgi 起的fast-cgi
# weight 是设置权重
upstream phpfastcgi {
server unix:/tmp/php-fastcgi0.sock weight=1;
server unix:/tmp/php-fastcgi1.sock weight=1;
# server 127.0.0.1:8000 weight=1;
# server 127.0.0.1:8001 weight=1;
}
# mime 类型 和 默认 header-type
include mime.types;
default_type application/octet-stream;
# 默认 header-charset
charset utf-8;
# 一些限制
server_names_hash_bucket_size 128;
client_header_buffer_size 32k;
large_client_header_buffers 4 32k;
client_max_body_size 8m;
# sendfile 应该是 lighttpd 的 sendfile 是一个意思
sendfile on;
tcp_nopush on;
keepalive_timeout 60;
tcp_nodelay on;
# fastcgi 配置
fastcgi_connect_timeout 300;
fastcgi_send_timeout 300;
fastcgi_read_timeout 300;
fastcgi_buffer_size 64k;
fastcgi_buffers 4 64k;
fastcgi_busy_buffers_size 128k;
fastcgi_temp_file_write_size 128k;
# 开启gzip
gzip on;
gzip_min_length 1k;
gzip_buffers 4 16k;
gzip_http_version 1.0;
gzip_comp_level 2;
gzip_types text/plain application/x-javascript text/css application/xml;
gzip_vary on;
#limit_zone crawler $binary_remote_addr 10m;
# 定义日志格式
log_format access '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" $http_x_forwarded_for';
# 定义一个虚拟机
server
{
# 监听端口
listen 80;
# 虚拟机名
server_name klpt-test.domain.com;
# 如打开的是一个目录,默认的搜索文件的顺序
index index.html index.htm index.php;
# 虚拟机指向的路径
root /data/www/klpt-test.domain.com/webroot;
# 如果访问的路径不存在,那么rewrite给根目录的 index.php,路径以参数url来传递
location / {
index index.html index.php;
if (-f $request_filename) {
break;
}
if (!-f $request_filename) {
rewrite ^/(.+)$ /index.php?url=$1 last;
break;
}
}
# 配置PHP
location ~ \.php$ {
fastcgi_pass phpfastcgi;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /data/www/klpt-test.domain.com/webroot$fastcgi_script_name;
include fastcgi_params;
}
# 图片缓存 30 天
location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$ {
expires 30d;
}
# js 和 css 缓存 1 小时
location ~ .*\.(js|css)$ {
expires 1h;
}
}
server
{
# 定义的虚拟机监听端口是 443
listen 443;
server_name klpt.domain.com;
index index.html index.htm index.php;
root /data/www/klpt.domain.com/webroot;
# 开启 ssl 服务
# 命令 openssl req -new -x509 -nodes -out klpt-sqladmin.crt -keyout klpt-sqladmin.key
ssl on;
ssl_certificate /data/etc/nginx7/conf/klpt-sqladmin.crt;
ssl_certificate_key /data/etc/nginx7/conf/klpt-sqladmin.key;
ssl_session_timeout 5m;
ssl_protocols SSLv2 SSLv3 TLSv1;
ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
ssl_prefer_server_ciphers on;
#limit_conn crawler 20;
# 如果访问的路径不存在,那么rewrite给根目录的 index.php,路径以参数url来传递
location / {
index index.html index.php;
if (-f $request_filename) {
break;
}
if (!-f $request_filename) {
rewrite ^/(.+)$ /index.php?url=$1 last;
break;
}
}
# php config
location ~ \.php$ {
fastcgi_pass phpfastcgi;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /data/www/klpt.domain.com/webroot$fastcgi_script_name;
# 开启 https ,需要此配置
fastcgi_param HTTPS on;
include fastcgi_params;
}
# 将静态文件缓存 30 天
location ~ .*\.(gif|jpg|jpeg|png|bmp|swf|js|css)$ {
expires 30d;
}
# log
access_log /data/log/nginx/nginx_access/nginx_klpt_access.log access;
}
# 静态服
server
{
listen 80;
server_name klpt-static.domain.com;
index index.html index.htm;
root /data/www/klpt-static.domain.com;
location ~ .*\.(gif|jpg|jpeg|png|bmp|swf|js|css)$ {
expires 30d;
}
}
server
{
listen 443;
server_name klpt-sqladmin.domain.com;
index index.html index.htm index.php;
root /data/www/klpt-sqladmin.domain.com;
ssl on;
ssl_certificate /data/etc/nginx7/conf/klpt-sqladmin.crt;
ssl_certificate_key /data/etc/nginx7/conf/klpt-sqladmin.key;
ssl_session_timeout 5m;
ssl_protocols SSLv2 SSLv3 TLSv1;
ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
ssl_prefer_server_ciphers on;
location ~ \.php$ {
fastcgi_pass phpfastcgi;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /data/www/klpt-sqladmin.domain.com$fastcgi_script_name;
# 开启 https ,需要此配置
fastcgi_param HTTPS on;
include fastcgi_params;
}
location ~ .*\.(gif|jpg|jpeg|png|bmp|swf|js|css)$ {
expires 30d;
}
access_log /data/log/nginx/nginx_access/nginx_sqladmin_access.log access;
}
}
- nginx + php + https 配置用例
- nginx + php + https 配置用例
- nginx + php + https 配置用例
- nginx + php + https 配置用例
- Nginx+php+http/https服务器配置
- 给nginx配置https服务器并反向代理php
- nginx配置https之兼容php文件以及ThinkPHP
- 用Nginx配置https加密站点
- Nginx(12):nginx配置https
- nginx 配置https server
- nginx 配置https
- Nginx 配置 https 加密
- Nginx配置https服务器
- Ubuntu nginx 配置https
- nginx https配置
- nginx配置https
- nginx 配置https
- nginx 配置HTTPS服务器
- 轻量级调试器神器 - mimikatz
- [Linux驱动开发] USB驱动之usb_skel分析
- 根据SDH规范,一个2.5G可以承载多少个2M
- c++中virtual inheritance详解
- 给apk添加root权限
- nginx + php + https 配置用例
- Fckeditor漏洞利用总结
- CRC32 逆向算法的C语言实现
- 学破解 <一> PE格式之MS-DOS MZ header
- stl string常用函数
- 千呼万唤 HTML 5 (5) - 元素的通用属性
- nginx rewrite 参数和例子
- 函数指针
- 深入浅出linux内核源代码之双向链表list_head(上)
