实验·搭建nginx网站
实验环境
CentOS 7.6
nginx源码包 nginx-1.12.2.tar
实验步骤===>开启nginx统计模块并可以正常访问
#创建用户nginx
[root@localhost opt]# useradd -M -s /sbin/nologin nginx
#安装环境
[root@localhost opt]# yum -y install gcc gcc-c++ pcre pcre-devel zlib-devel
#解压源码包
[root@localhost opt]# tar zxvf nginx-1.12.2.tar.gz
#编译安装
[root@localhost opt]# cd nginx-1.12.2/
[root@localhost nginx-1.12.2]# ./configure \
> --prefix=/usr/local/nginx \
> --user=nginx \
> --group=nginx \
> --with-http_stub_status_module
[root@localhost nginx-1.12.2]# make && make install
#建立软链接方便管理
[root@localhost nginx-1.12.2]# ln -s /usr/local/nginx/sbin/* /usr/local/sbin/
#将nginx添加为系统服务
[root@localhost nginx-1.12.2]# vim /etc/init.d/nginx
#!/bin/bash
#chkconfig:- 99 20
#description:Nginx Service Control Script
PROG="/usr/local/nginx/sbin/nginx"
PIDF="/usr/local/nginx/logs/nginx.pid"
case "$1" instart)$PROG;;stop)kill -s QUIT $(cat $PIDF);;restart)$0 stop$0 start;;reload)kill -s HUP $(cat $PIDF);;*)echo "Usage:$0{start|stop|restart|reload}"exit 1
esac
exit 0
[root@localhost nginx-1.12.2]# cd /etc/init.d/
[root@localhost init.d]# chmod +x nginx
[root@localhost init.d]# chkconfig --add nginx
#启用统计模块
[root@localhost init.d]# vim /usr/local/nginx/conf/nginx.conf
......location /status { ===>location下面添加以下统计模块stub_status on;access_log off;}
#开启nginx并验证状态
[root@localhost init.d]# service nginx start
[root@localhost init.d]# netstat -antp | grep nginx
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 22659/nginx: master
实验结果
在浏览器上输入"20.0.0.10/status"
实验步骤===>基于域名访问网站
#安装DNS
[root@localhost init.d]# yum -y install bind
#修改主配置文件
[root@localhost init.d]# vim /etc/named.conf
listen-on port 53 { any; };
......
allow-query { any; };
#修改区域配置文件
[root@localhost init.d]# vim /etc/named.rfc1912.zones
zone "test.com" IN {type master;file "test.com.zone";allow-update { none; };
};
zone "bin.com" IN {type master;file "bin.com.zone";allow-update { none; };
};
#修改区域数据配置文件
[root@localhost init.d]# cd /var/named/
[root@localhost named]# cp -p named.localhost test.com.zone
[root@localhost named]# vim test.com.zone
......
www IN A 20.0.0.10 ===>正向解析
[root@localhost named]# cp -p test.com.zone bin.com.zone
实验结果
在浏览器分别输入"www.test.com"或者"www.bin.com"
实验步骤===>授权限制
#修改配置文件
[root@localhost html]# vim /usr/local/nginx/conf/nginx.conf
......server {listen 80;server_name www.test.com;location / {auth_basic "secret";auth_basic_user_file /usr/local/nginx/passwd.db;root /var/www/html/test; index index.html index.php;} } server {listen 80; server_name www.bin.com; location / {deny 20.0.0.101;allow all;root /var/www/html/bin;index index.html index.php;} }
#创建密码
[root@localhost html]# htpasswd -c /usr/local/nginx/passwd.db jerry
New password:
Re-type new password:
Adding password for user jerry
[root@localhost html]# chown nginx /usr/local/nginx/passwd.db
[root@localhost html]# chmod 400 /usr/local/nginx/passwd.db
#关闭核心防护,关闭防火墙,开启服务
[root@localhost html]# service nginx restart
[root@localhost html]# setenforce 0
[root@localhost html]# systemctl stop firewalld
[root@localhost html]# systemctl restart named
实验结果
在Win10浏览器输入"www.test.com"
在Win10浏览器输入"www.bin.com"