nginx生产环境配置
本帖最后由 zhangkai 于 2022-9-7 09:45 编辑user nginx nginx;
worker_processes8;
worker_rlimit_nofile 65535;
error_log /var/log/nginx/error.log error;
pid logs/nginx.pid;
events {
use epoll;
worker_connections65535;
multi_accept on;
}
http {
include mime.types;
default_typeapplication/octet-stream;
#log_formatmain'$remote_addr - $remote_user [$time_local] "$request" ' 定义日志内容格式
#'$status $body_bytes_sent "$http_referer" '
#'"$http_user_agent" "$http_x_forwarded_for"';
access_log/var/log/nginx/access.logmain;
log_formatmain'$remote_addr|$time_local|$request|$status|$body_bytes_sent|$bytes_sent|$http_referer|$http_user_agent|$request_time|$upstream_addr|$upstream_response_time|$upstream_status';
server_tokens off;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_requests 8192;
keepalive_timeout 300s 300s;
send_timeout 70s;
gzip on;
gzip_disable "msie6";
gzip_proxied any;
gzip_min_length 1k;
gzip_comp_level 6;
gzip_typestext/plain text/css text/xml text/javascriptapplication/json application/x-javascript application/xml application/xml+rss;
gzip_vary on;
upstream webgis.aidriving.com {
#server 172.1822.197.89:8601 weight=1 max_fails=3 down;
server 172.1228.197.93:9093 weight=2 max_fails=2 fail_timeout=2s;
server 172.1228.197.84:8080 weight=1 max_fails=2 fail_timeout=2s;
keepalive 768;
}
upstream deviceLogError {
server 172.18.197.90:19221;
}
#配置代理参数
#proxy_redirect off;
#proxy_set_header Host $host;
#proxy_set_header X-Real-IP $remote_addr;
#proxy_set_header X-Forwarded-For $http_x_forwarded_for;
client_max_body_size 20m;
client_body_buffer_size 10m;
proxy_connect_timeout 60;
proxy_send_timeout 600;
proxy_read_timeout 600;
#新增
proxy_buffer_size 64k;
proxy_buffers 4 32k;
proxy_busy_buffers_size 64k;
#防止非法域名跳转到后台
#server{
#listen 80 default_server;
#server_name _ ;
#location / {
#return 404;
#}
#error_page404 403 400 /connection.html;
#error_page 500 502 503 504/connection.html;
#location = /connection.html {
#root html;
#}
#}
server {
listen 80;
server_namewebgis.aidriving.com iov.sccs-info.com zm-tech-wxjs.3322.org adas.gpscx.com aimonitoring.rybsj.cn 39.108.81.202;
charset UTF-8;
access_loglogs/host.access.logmain;
location / {
#ndexindex.jsp;
proxy_pass http://xxxx;
#proxy_http_version 1.1;
#proxy_set_header Connection "";
#add_header Access-Control-Allow-Headers "Origin, X-Requested-With, Content-Type, Accept";
#add_header Access-Control-Allow-Origin *;
#add_header Access-Control-Allow-Methods 'GET, POST, OPTIONS';
#add_header Access-Control-Allow-Credentials true;
}
location ~ .*\.(css|js|png|bmp|gif|mp3|wma|mp4|swf)$ {
root html;
if (-f $request_filename){
expires 1d;
break;
}
}
#设备写日志
location ~* /deviceLogError/
{
proxy_pass http://deviceLogError;
}
#后台防止爬虫
location ~* /proxy/
{
proxy_pass http://120.78.185.165:8080;
}
# if ($http_user_agent ~* "Robot|bingbot|qihoobot|Baiduspider|Googlebot|Googlebot-Mobile|Googlebot-Image|Mediapartners-Google|Adsbot-Google|Feedfetcher-Google|Yahoo! Slurp|Yahoo! Slurp China|YoudaoBot|Sosospider|Sogou spider|Sogou web spider|YisouSpider|MSNBot|ia_archiver|Tomato Bot|MJ12bot|DotBot|JikeSpider|YandexBot|AhrefsBot|Wget|SafeDNSBot|SemrushBot") {
# return 404;
# }
#屏蔽特定的方法,除了get,post,head之外
#if ($request_method !~ ^(GET|POST|HEAD)$ ) {
# return 405;
#}
location ^~ /openApi {
proxy_pass http://172.18.5.108:8080;
}
location ^~/appImage
expires 30d;
}
#禁止非法访问脚本
location ~* \.(sh|php|php5|bat|bash|conf|cnf|bak|save|sql|mdb|svn|git|old)$ {
return 404;
}
#屏蔽几个目录和字段
location ~* /(tmp|manager)/
{
deny all;
}
error_page404 /error.html;
error_page 500 502 503 504/error.html;
location = /error.html {
root html;
}
}
include /data/nginx/conf/conf.d/*.conf;
cat
}
页:
[1]