1. 支持目录索引:
    location / {
     autoindex on;
     autoindex_localtime on;
    }
  2. 支持php:
    location ~ \.php$ {
     fastcgi_pass 127.0.0.1:9000;
     fastcgi_index index.php;
     fastcgi_param SCRIPT_FILENAME /usr/local/nginx/html$fastcgi_script_name;
     include fastcgi_params;
    }
  3. 开启pathinfo:
    location ~ \.php(.*)$ {
     fastcgi_pass 127.0.0.1:9000;
     fastcgi_index index.php;
     fastcgi_param PATH_INFO $1;
     fastcgi_param SCRIPT_FILENAME /usr/local/nginx/html$fastcgi_script_name;
     include fastcgi_params;
    }
  4. 解决跨域:
    location / {
     add_header 'Access-Control-Allow-Origin' '*';
    }
  5. rewirte功能:
    location / {
     if (!-f $request_filename) {
         rewrite /(.*)$ /index.php/$1;
     }
     if (!-d $request_filename) {
         rewrite /(.*)$ /index.php/$1;
     }
    }
    if (!-e $request_filename) {
     rewrite  ^(.*)$  /index.php?s=/$1  last;
     break;
    }
  6. 配置虚拟主机:
    server {
     listen 80;
     server_name www.test.com test.com;
     location / {
         root /usr/local/nginx/html/test;
         index index.php;
     }
    }
  7. 防盗链:
    location ~ .*\.(gif|jpg|jpeg|bmp|png)$ {
     valid_referer *.test.com;
     if ($invalid_referer) {
         rewrite ^/ http://www.test.com/404.png;
     }
    }
  8. 动静分离:
    location ~* ^.+.(js|css|htm|html|gif|jpg|jpeg|png|bmp|swf|ioc|rar|zip|txt|flv|mid|doc|ppt|pdf|xls|mp3|wma)$ {
     #  静态站点
    }
    location ~* ^.+.(?![js|css|htm|html|gif|jpg|jpeg|png|bmp|swf|ioc|rar|zip|txt|flv|mid|doc|ppt|pdf|xls|mp3|wma])$ {
     #  动态站点
    }
  9. 反向代理:
    server {
     listen       80;
     server_name  doc.job520.net;
     location / {
         proxy_pass http://127.0.0.1:8080;
     }
    }
  10. 代理websocket:
    upstream test_websocket_proxy {
    server xx.xx.xx.xx:xx;
    server xx.xx.xx.xx:xx;
    }
    ...
    proxy_pass http://test_websocket_proxy;
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "upgrade";
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header Host $host;
  11. 支持react-router:
    try_files $uri /index.html;
  12. 使用gzip压缩:
    gzip on;
    gzip_min_length 1k;
    gzip_comp_level 2;
    gzip_types text/plain application/javascript application/x-javascript text/css application/xml text/javascript application/x-httpd-php image/jpeg image/gif image/png font/ttf font/otf image/svg+xml;
    gzip_vary on;
    gzip_disable "MSIE [1-6]\.";
    location ~* ^.+\.(ico|gif|jpg|jpeg|png)$ { 
    access_log   off; 
    expires      1h;
    }
    location ~* ^.+\.(css|js|txt|xml|swf|wav)$ {
    access_log   off;
    expires      1h;
    }
    location ~* ^.+\.(html|htm)$ {
    expires      1h;
    }
    location ~* ^.+\.(eot|ttf|otf|woff|svg)$ {
    access_log   off;
    expires max;
    }
  13. 白名单设置:
    allow  xx.xx.xx.xx/xx;
    deny  all;
  14. 限制上传文件大小:
    client_max_body_size 8M;
    client_body_buffer_size 128k;
  15. 防止跨目录(限制php只能在指定目录下运行):
    fastcgi_param PHP_VALUE "open_basedir=$document_root";
  16. 限制同一用户请求频率:
    http{
    #定义一个名为allips的limit_req_zone用来存储session,大小是10M内存,每秒的请求为20个
    limit_req_zone $binary_remote_addr zone=allips:10m rate=20r/s;
    server{
        location / {
            limit_req zone=allips burst=5 nodelay;
        }
    }
    }
  17. ssl证书相关:
    server {
        listen 80;
        server_name job520.net www.job520.net;
        return 301 https://www.job520.net$request_uri;
    }
    server {
        listen       443 ssl;
        server_name  www.job520.net;
        ssl_certificate 2479286_www.job520.net.pem;
        ssl_certificate_key 2479286_www.job520.net.key;
        ssl_session_timeout 5m;
        ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
        ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;
        ssl_prefer_server_ciphers on;
        location / {
            root   html/www;
            index  index.php index.html index.htm;
        }
        location ~ \.php$ {
            root html/www;
            fastcgi_pass    127.0.0.1:9000;
            fastcgi_index   index.php;
            fastcgi_param  SCRIPT_FILENAME  /usr/local/nginx/html/www/$fastcgi_script_name;
            include        fastcgi_params;
        }
        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   html;
        }
    }
  18. 直播相关:
    1. 配置:
      rtmp {                #RTMP服务
      server {
       listen 1935;  #//服务端口
       chunk_size 4096;   #//数据传输块的大小
       application vod {  # 点播
           play /opt/video/vod; #//视频文件存放位置。
       }
       application live {  # 直播+回播
           live on;
           hls on; #这个参数把直播服务器改造成实时回放服务器。
           wait_key on; #对视频切片进行保护,这样就不会产生马赛克了。
           hls_path /opt/video/hls; #切片视频文件存放位置。
           hls_fragment 10s;     #每个视频切片的时长。
           hls_playlist_length 60s;  #总共可以回看的事件,这里设置的是1分钟。
           hls_continuous on; #连续模式。
           hls_cleanup on;    #对多余的切片进行删除。
           hls_nested on;     #嵌套模式。
           on_publish http://path/to/access.php  # 将访问控制权限移交给 php 文件进行处理
       }
      }
      }
      http {
      server {
       listen       80;
       server_name  www.rtmp.com;
       root         /usr/local/nginx/html/rtmp;
       location / {     #第二处添加的location字段。
           rtmp_stat all;
           rtmp_stat_stylesheet stat.xsl;
       }
       location /stat.xsl { #第二处添加的location字段。
           root /etc/nginx-rtmp-module/;
       }
       location /live {  #这里也是需要添加的字段。
           types {
               application/vnd.apple.mpegurl m3u8;
               video/mp2t ts;
           }
           alias /opt/video/hls;
           expires -1;
           add_header Cache-Control no-cache;
       }
      }
      }
    2. 访问地址:
      1. 点播:
        rtmp://www.rtmp.com/vod/video-name
      2. 直播:
        rtmp://www.rtmp.com/live
      3. 回播:
        http://www.rtmp.com/live/stream-name
文档更新时间: 2020-08-07 18:49   作者:lee