淘宝:tengine与nginx安装一样。
nginx安装及tomcat配置:http://www.cnblogs.com/huangjingzhou/articles/2153405.html
相关配置解释: 来源:http://www.oschina.net/code/snippet_12_175
user nobody; worker_processes 2; #error_log logs/error.log; #error_log logs/error.log notice; #error_log logs/error.log info; #pid logs/nginx.pid; events { use epoll; worker_connections 4096; } http { include mime.types; default_type application/octet-stream; server_tokens off; sendfile on; #tcp_nopush on; keepalive_timeout 65; limit_conn_zone $binary_remote_addr zone=perip:10m; #访问连接数数量控制 include gzip.conf; server { listen 80; server_name localhost; location / { #禁止ip访问 deny all; } location ~ ^/NginxStatus { #开启nginx运行状态 stub_status on; access_log off; allow 127.0.0.1; #允许指定ip访问 allow 219.136.242.37; allow 192.168.2.0/24; deny all; } } server { listen 80; server_name www.oschina.net m.oschina.net my.oschina.net; log_format oschina_log '$remote_addr - $remote_user [$time_local] $request ' '"$status" $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; access_log logs/oschina.log; location ~ ^/NginxStatus { stub_status on; access_log off; auth_basic "valid-user"; #需要用户名和密码认证才能查看 auth_basic_user_file /opt/ngx/conf/oschina_pw; #认证地址 } location ~ ^/mrtg { auth_basic "valid-user"; auth_basic_user_file /opt/ngx/conf/oschina_pw; access_log off; root /opt/mrtg; } location ~ ^/awstats/ { root /data/oschina/webapp; access_log off; error_log off; auth_basic "valid-user"; auth_basic_user_file /opt/ngx/conf/oschina_pw; } location ~ ^/(WEB-INF)/ { #禁止访问 deny all; } location ~ ^/uploads/ { #防盗链设置 root /data/oschina/webapp; expires 24h; valid_referers none blocked *.google.com *.qq.com *.oschina.net *.csdn.net *.gzv8.com; if ($invalid_referer){ rewrite ^/ http://www.oschina.net/img/logo.gif; } } location ~ \.(htm|html|gif|jpg|jpeg|png|ico|rar|css|js|zip|txt|flv|swf|doc|ppt|xls|pdf)$ { #区分大小写匹配后缀 root /data/oschina/webapp; #资料文件存方路径 access_log off; expires 24h; } location / { #地址跳转 proxy_pass http://localhost:9081; include proxy.conf; } error_page 502 503 /502.html; #错误页 error_page 404 /404.html; error_page 403 /403.html; } }
如何封杀IP?
1.新建个配置文件:deny_block_ip.conf
#拒绝单个ip #deny 192.168.1.15; #允许某个ip # allow 192.168.1.15; #拒绝所有 # deny all; #允许所有 # allow all; #拒绝某个区间 #deny 192.168.1.0/25;
根据需求,写入相应的ip策略.
2.deny_block_ip.conf 加入到nginx.conf
include deny_block_ip.conf;
3.重启nginx
/usr/local/nginx/sbin/nginx -s reload
nginx如何对请求的次数进行控制?
http://storysky.blog.51cto.com/628458/642970/
http://andrewyu.blog.51cto.com/1604432/595778
请求策略正则解释
http://www.blogjava.net/chenlb/archive/2010/02/03/311772.html
相关操作:
检查修改的配置是否正确:/usr/local/nginx/sbin/nginx -t
下面表示配置正确:
the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok the configuration file /usr/local/nginx/conf/nginx.conf was tested successfully
重新加载配置:
kill -HUP `cat /usr/local/nginx/nginx.pid`
或者重新启动:
/usr/local/nginx/sbin/nginx -s reload