本文索引:
- 配置nginx虚拟主机
- nginx用户认证
- 针对目录
- 针对文件
- 域名重定向
配置nginx虚拟主机
修改nginx主配置文件
[root@localhost nginx-1.12.2]# vim /usr/local/nginx/conf/nginx.conf
删除原有的server语句块,替换为下面的代码
include vhost/*.conf;
创建并修改虚拟主机配置文件(默认虚拟主机)
[root@localhost nginx-1.12.2]# cd /usr/local/nginx/conf [root@localhost conf]# mkdir vhost [root@localhost conf]# cd vhost/ [root@localhost vhost]# vim aaa.com.conf server { # 指定监听80端口,并将该虚拟主机设置为默认虚拟主机 listen 80 default_server; # 设置服务器的名称 server_name aaa.com; # 设置服务器默认网页 index index.html index.htm index.php; # 设置服务器的根目录 root /data/www/default; }
创建默认虚拟主机的根目录及默认页面
[root@localhost vhost]# mkdir -p /data/www/default [root@localhost vhost]# cd /data/www/default/
[root@localhost default]# vim index.html aaa.com
检测代码并重启服务
[root@localhost default]# /usr/local/nginx/sbin/nginx -t nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful [root@localhost default]# /usr/local/nginx/sbin/nginx -s reload
效果测试
[root@localhost default]# curl -x 127.0.0.1:80 aaa.com aaa.com
由于是默认的虚拟主机,任何域名都可以显示默认网页信息
[root@localhost default]# curl -x 127.0.0.1:80 bbb.com aaa.com
nginx用户认证
nginx中一个虚拟主机对于一个配置文件
创建新的虚拟主机配置文件
[root@localhost default]# vim /usr/local/nginx/conf/vhost/test.com.conf server { # 这个不是默认虚拟主机,default_server不需要配置 listen 80; server_name test.com; index index.html index.htm index.php; root /data/www/test.com; # 添加下列代码 location / { auth_basic "Auth"; auth_basic_user_file /usr/local/nginx/conf/htpasswd; } }
创建test.com相关目录和文件
[root@localhost default]# mkdir /data/www/test.com [root@localhost default]# vim /data/www/test.com/index.html test.com
创建密码文件 由于用户认证密码文件需要使用apache的htpasswd命令生成,安装httpd,并创建用户
[root@localhost default]# yum install -y httpd [root@localhost default]# htpasswd -c /usr/local/nginx/conf/htpasswd test New password: Re-type new password: Adding password for user test
重启服务
[root@localhost default]# /usr/local/nginx/sbin/nginx -t nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful [root@localhost default]# /usr/local/nginx/sbin/nginx -s reload
测试效果
普通访问
[root@localhost default]# curl -x 127.0.0.1:80 test.com -I HTTP/1.1 401 Unauthorized Server: nginx/1.12.2 Date: Sun, 31 Dec 2017 06:55:24 GMT Content-Type: text/html Content-Length: 195 Connection: keep-alive WWW-Authenticate: Basic realm="Auth"
指定用户访问
[root@localhost default]# curl -x 127.0.0.1:80 -utest:1 test.com -I HTTP/1.1 200 OK Server: nginx/1.12.2 Date: Sun, 31 Dec 2017 06:55:33 GMT Content-Type: text/html Content-Length: 8 Last-Modified: Sun, 31 Dec 2017 06:17:09 GMT Connection: keep-alive ETag: "5a4880e5-8" Accept-Ranges: bytes [root@localhost default]# curl -x 127.0.0.1:80 -utest:1 test.com test.com
针对虚拟主机下的某个目录进行认证
修改代码 针对某个目录进行的认证,只需对上述的代码进行简单修改即可;
[root@localhost default]# vim /usr/local/nginx/conf/vhost/test.com.conf server { listen 80; server_name test.com; index index.html index.htm index.php; root /data/www/test.com; # 修改location即可,其他都不变 location /admin/ { auth_basic "Auth"; auth_basic_user_file /usr/local/nginx/conf/htpasswd; } }
重启服务
[root@localhost default]# /usr/local/nginx/sbin/nginx -t nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful [root@localhost default]# /usr/local/nginx/sbin/nginx -s reload
验证
test.com可以访问
[root@localhost default]# curl -x 127.0.0.1:80 test.com test.com
test.com下的admin目录需要用户认证
[root@localhost default]# curl -x 127.0.0.1:80 test.com/admin/
401 Authorization Required 401 Authorization Required
nginx/1.12.2
针对虚拟主机下的某个文件(访问的URL)进行认证
*( 修改虚拟主机配置文件(使用~匹配文件)
[root@localhost default]# vim /usr/local/nginx/conf/vhost/test.com.conf
server
{
listen 80;
server_name test.com;
index index.html index.htm index.php;
root /data/www/test.com;
# 修改location即可,其他都不变,这里匹配admin.php只是对简单的表示
# 可以使用更复杂的正则来显示精准的文件认证
location ~ admin.php
{
auth_basic "Auth";
auth_basic_user_file /usr/local/nginx/conf/htpasswd;
}
}
重启服务
[root@localhost default]# /usr/local/nginx/sbin/nginx -t nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful [root@localhost default]# /usr/local/nginx/sbin/nginx -s reload
验证
[root@localhost default]# curl -x 127.0.0.1:80 test.com/admin.php
401 Authorization Required 401 Authorization Required
nginx/1.12.2
域名重定向
修改虚拟主机配置文件
[root@localhost default]# vim /usr/local/nginx/conf/vhost/test.com.conf server { listen 80; # nginx可以配置多个主机名,apache只能使用ServerAlias来指定别名 server_name test.com test2.com; index index.html index.htm index.php; root /data/www/test.com; # 在多个域名 # 判断host是否为test.com if ($host != 'test.com') { rewrite ^/(.*)$ http://test.com/$1 permanent; } }
重启服务
[root@localhost default]# /usr/local/nginx/sbin/nginx -t nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful [root@localhost default]# /usr/local/nginx/sbin/nginx -s reload
验证
[root@localhost default]# curl -x 127.0.0.1:80 test2.com/index.html
301 Moved Permanently 301 Moved Permanently
nginx/1.12.2 [root@localhost default]# curl -x 127.0.0.1:80 test2.com/admin/index.html301 Moved Permanently 301 Moved Permanently
nginx/1.12.2 [root@localhost default]# curl -x 127.0.0.1:80 test3.com/index.html aaa.com