实验·搭建nginx网站

news/2024/5/20 13:01:09/文章来源:https://blog.csdn.net/weixin_47153668/article/details/107883303

实验·搭建nginx网站

实验环境

CentOS 7.6

nginx源码包 nginx-1.12.2.tar

实验步骤===>开启nginx统计模块并可以正常访问

#创建用户nginx

[root@localhost opt]# useradd -M -s /sbin/nologin nginx

#安装环境

[root@localhost opt]# yum -y install gcc gcc-c++ pcre pcre-devel zlib-devel

#解压源码包

[root@localhost opt]# tar zxvf nginx-1.12.2.tar.gz

#编译安装

[root@localhost opt]# cd nginx-1.12.2/
[root@localhost nginx-1.12.2]# ./configure \
> --prefix=/usr/local/nginx \
> --user=nginx \
> --group=nginx \
> --with-http_stub_status_module
[root@localhost nginx-1.12.2]# make && make install

#建立软链接方便管理

[root@localhost nginx-1.12.2]# ln -s /usr/local/nginx/sbin/* /usr/local/sbin/

#将nginx添加为系统服务

[root@localhost nginx-1.12.2]# vim /etc/init.d/nginx
#!/bin/bash
#chkconfig:- 99 20
#description:Nginx Service Control Script
PROG="/usr/local/nginx/sbin/nginx"
PIDF="/usr/local/nginx/logs/nginx.pid"
case "$1" instart)$PROG;;stop)kill -s QUIT $(cat $PIDF);;restart)$0 stop$0 start;;reload)kill -s HUP $(cat $PIDF);;*)echo "Usage:$0{start|stop|restart|reload}"exit 1
esac
exit 0
[root@localhost nginx-1.12.2]# cd /etc/init.d/
[root@localhost init.d]# chmod +x nginx
[root@localhost init.d]# chkconfig --add nginx

#启用统计模块

[root@localhost init.d]# vim /usr/local/nginx/conf/nginx.conf
......location /status {							===>location下面添加以下统计模块stub_status on;access_log off;}

#开启nginx并验证状态

[root@localhost init.d]# service nginx start
[root@localhost init.d]# netstat -antp | grep nginx 
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      22659/nginx: master

实验结果

在浏览器上输入"20.0.0.10/status"

实验步骤===>基于域名访问网站

#安装DNS

[root@localhost init.d]# yum -y install bind

#修改主配置文件

[root@localhost init.d]# vim /etc/named.conf
listen-on port 53 { any; };
......
allow-query     { any; };

#修改区域配置文件

[root@localhost init.d]# vim /etc/named.rfc1912.zones 
zone "test.com" IN {type master;file "test.com.zone";allow-update { none; };
};
zone "bin.com" IN {type master;file "bin.com.zone";allow-update { none; };
};

#修改区域数据配置文件

[root@localhost init.d]# cd /var/named/
[root@localhost named]# cp -p named.localhost test.com.zone
[root@localhost named]# vim test.com.zone 
......
www     IN      A       20.0.0.10			===>正向解析
[root@localhost named]# cp -p test.com.zone bin.com.zone

实验结果

在浏览器分别输入"www.test.com"或者"www.bin.com"

实验步骤===>授权限制

#修改配置文件

[root@localhost html]# vim /usr/local/nginx/conf/nginx.conf
......server {listen 80;server_name www.test.com;location / {auth_basic "secret";auth_basic_user_file /usr/local/nginx/passwd.db;root /var/www/html/test; index index.html index.php;}        }        server {listen 80; server_name www.bin.com; location / {deny 20.0.0.101;allow all;root /var/www/html/bin;index index.html index.php;}        }

#创建密码

[root@localhost html]# htpasswd -c /usr/local/nginx/passwd.db jerry
New password: 
Re-type new password: 
Adding password for user jerry
[root@localhost html]# chown nginx /usr/local/nginx/passwd.db 
[root@localhost html]# chmod 400 /usr/local/nginx/passwd.db

#关闭核心防护,关闭防火墙,开启服务

[root@localhost html]# service nginx restart
[root@localhost html]# setenforce 0
[root@localhost html]# systemctl stop firewalld
[root@localhost html]# systemctl restart named