Nginx设置
为何修改Nginx用户与组?
-
Nginx运行时进程需要有用户与组的支持,以实现对网站文件读取时进行访问控制
-
Nginx默认使用 nobody用户账号与组账号,一般也要进行修改
-
修改的方法
编译安装时指定用户与组
修改配置文件时指定用户与组
开启和关闭Nginx
[root@localhost nginx]# cd /usr/local/nginx/
[root@localhost sbin]# nginx 开启nginx
[root@localhost sbin]# killall -s QUIT nginx 关闭进程
查看端口是否开启
[root@localhost nginx]# netstat -ntap | grep 80 查看监听地址
[root@localhost nginx]# yum install -y elinks 检查
[root@localhost sbin]# elinks http://localhost 查看是否开启
安装Nginx服务
[root@localhost ~]# tar zxvf nginx-1.12.2.tar.gz
[root@localhost ~]#cd /opt
[root@localhost opt]# yum install -y gcc gcc-c++ pcre-devel zlib-devel
[root@localhost opt]# useradd -M -s /sbin/nologin nginx 创建用户,组
[root@localhost nginx-1.12.2]# ./configure \ 启动脚本
--prefix=/usr/local/nginx \ 配置安装路径
--user=nginx \ 指定用户
--group=nginx \ 指定组
--with-http_stub_status_module 开启统计模块
make && make install
[root@localhost nginx]# cd /usr/local/nginx/
[root@localhost nginx]# ln -s /usr/local/nginx/sbin/nginx /usr/local/sbin/ 创建软链接让系统可以识别
[root@localhost sbin]# nginx 开启nginx
开启访问状态统计
[root@localhost nginx]# vim /usr/local/nginx/conf/nginx.conf
server_name www.kgc.com;
47 location /status { 状态统计
48 stub_status on; 功能开
49 access_log off ; 访问日志关闭
50
51 }
配置named服务
[root@localhost conf]# yum -y install bind
options {
listen-on port 53 { any; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
recursing-file "/var/named/data/named.recursing";
secroots-file "/var/named/data/named.secroots";
allow-query { any; };
zone "kgc.com" IN {
type master;
file "kgc.com.zone";
allow-update { none; };
};
[root@localhost named]# cp -p named.localhost kgc.com.zone
[root@localhost named]# vim kgc.com.zone
www IN A 192.168.136.10
开启服务
[root@localhost nginx]# iptables -F
[root@localhost nginx]# setenforce 0
[root@localhost nginx]# systemctl stop firewalld
[root@localhost conf] systemctl restart namde
[root@localhost conf]#systemctl nginx restart
授权的访问控制
修改Ngnix配置
[root@localhost nginx]# vim /usr/local/nginx/conf/nginx.conf
43 location / {
44 auth_basic "secret";
45 auth_basic_user_file /user/local/nginx/passwd.db;
设置用户名和密码
[root@localhost nginx]# yum -y install httpd-tools
[root@localhost nginx]# htpasswd -c /usr/local/nginx/passwd.db zhang
New password:
Re-type new password:
Adding password for user zhang
[root@localhost nginx]# cd /usr/local/nginx/
[root@localhost nginx]# nginx
[root@localhost nginx]# iptables -F
[root@localhost nginx]# setenforce 0
[root@localhost nginx]# systemctl stop firewalld
[root@localhost nginx]# iptables -F
[root@localhost nginx]# setenforce 0
[root@localhost nginx]# systemctl stop firewalld
`