1.三个参数
a)$http_referer:记录此次请求是从哪个链接访问过来的:
是直接访问,还是从其他网站跳转过来的.
例如:访问:http://www.etiantian.com/,其页面首页是index.html
<h1>www-10.0.0.8:80</h1>
<a href="www.qingfeng.com" target="_blank"><img src="123.jpg""></a>
点击a标签,在www.qingfeng.com(10.0.0.7)上观察日志,可得:此次请求是从www.etiantian.com而来.
- 10.0.0.1 - - [25/Dec/2018:03:44:43 +0800] GET / HTTP/1.1200 16 http://www.etiantian.com/
"Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:64.0) Gecko/20100101 Firefox/64.0"
b)$http_x_forwarded_for和$remote_addr
nginx作为web服务器,想要记录客户端真实IP,需要在自身配置文件中设置此参数:
$http_x_forwarded_for,同时也必须在前端代理服务器的配置文件中添加:
proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header REMOTE-HOST $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
日志格式中添加$http_x_forwarded_for $remote_addr,如: log_format main '$http_x_forwarded_for $remote_addr $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_cookie" $host $request_time';
此时web服务器的日志中$http_x_forwarded_for就是客户端真实IP,$remote_addr是代理服务器IP,
而代理服务器上的$http_x_forwarded_for为空,$remote_addr为客户端IP,所以可得:
$remote_addr是直接访问服务器的IP.
2.nginx日志切割
mkdir /server/scripts cat /server/scripts/cut_nginx_log.sh #!/bin/bash cd /application/nginx/logs/ /bin/mv www_access.log www_access_$(date +%F).log # 让进程释放日志文件 /application/nginx/sbin/nginx -s reload crontab -e 59 23 * * * /bin/sh /server/scripts/cut_nginx_log.sh
3.location匹配规则
语法规则:location [=|~|~*|^~] /uri/ { … },优先级:
第一名:"location =/{...}" 精确匹配/
第二名:"location ^~ /images/{...}" 匹配常规字符串,不做正则匹配检查
第三名:"location ~*\.(gif|jpg|jpeg)${...}" 正则匹配
第四名:"location /document/{...}" 匹配常规字符串,如果有正则就优先匹配正则
第五名:"location /{...}" 所有location都不能匹配后的默认匹配
cat www.conf server { listen 80; server_name www.etiantian.com etiantian.com; access_log logs/www_access.log main; location / { return 401; } location = / { return 402; } location /document/ { return 403; } location ^~ /images/ { return 404; } location ~* \.(gif|jpg|jpeg)$ { return 500; } } # = 等号--优先级最高 curl -s -o /dev/null -I -w "%{http_code}\n" http://www.etiantian.com 402 # / 通用匹配--任何请求都会匹配到 curl -s -o /dev/null -I -w "%{http_code}\n" http://www.etiantian.com/index.html 401 # 下面的例子说明了--优先匹配正则这一规则 curl -s -o /dev/null -I -w "%{http_code}\n" http://www.etiantian.com/document/1.jpg 500 curl -s -o /dev/null -I -w "%{http_code}\n" http://www.etiantian.com/document/index.html 403