admin
nginx.conf
load_module modules/ngx_http_js_module.so;
#user nobody;
worker_processes 1;
#error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
#pid logs/nginx.pid;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
#access_log logs/access.log main;
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 65;
# gzip on;
# Naxsi 引用核心规则
include /usr/local/nginx/conf/naxsi/naxsi_core.rules;
# 限制单IP并发访问数量
limit_conn_zone $binary_remote_addr zone=test1_conn:10m;
limit_req_zone $binary_remote_addr zone=test1_req:10m rate=15r/s;
# Njs 配置
js_path '/usr/local/nginx/conf/njs/';
js_import 'test.js';
js_import dreamer from auth.js;
server {
listen 80;
server_name localhost;
location / {
return 403;
# root html;
root /data/www/localhost;
index index.html index.htm;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
# ngtwewy
server {
listen 443 ssl;
server_name localhost;
fastcgi_param HTTPS on;
fastcgi_param HTTP_SCHEME https;
ssl_certificate /data/www/_ssl/server_ssl/server.crt;
ssl_certificate_key /data/www/_ssl/server_ssl/server.key;
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
location / {
return 403;
}
}
include /usr/local/nginx/conf/conf.d/*.conf;
}
一个虚拟主机的配置文件:
server {
listen 80;
server_name test.cn www.test.cn;
rewrite ^(.*)$ https://www.test.cn$1 permanent;
}
server {
listen 443;
server_name test.cn www.test.cn;
root /data/www/cn_test;
index index.php index.html index.htm;
charset utf-8;
access_log logs/cn_test.access.log;
error_log logs/cn_test.error.log;
# 跳转
if ($host != 'www.test.cn' ) {
rewrite ^/(.*)$ https://www.test.cn/$1 permanent;
}
# 限速
limit_conn test1_conn 10;
limit_req zone=test1_req burst=70;
# 开启 SSL
fastcgi_param HTTPS on;
fastcgi_param HTTP_SCHEME https;
ssl_certificate /data/www/_ssl/cn_test/cert.pem;
ssl_certificate_key /data/www/_ssl/cn_test/cert.key;
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
# Add trailing slash to */wp-admin requests.
rewrite /wp-admin$ $scheme://$host$uri/ permanent;
location / {
#LearningMode;
include /usr/local/nginx/conf/naxsi/ngtwewy-create.rules;
try_files $uri $uri/ /index.php?$args;
}
location /RequestDenied {
return 403;
}
# 不存在的文件不显示路由错误信息
location ~ .*\.(gif|jpg|jpeg|bmp|png|ico|txt|js|css|svg)$ {
root /data/www/cn_test;
}
location ~ \.php$ {
#LearningMode;
include /usr/local/nginx/conf/naxsi/ngtwewy-create.rules;
fastcgi_pass 127.0.0.1:9000;
fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
fastcgi_param PHP_VALUE "open_basedir=/data/www/cn_test/:/tmp/:/proc/";
include fastcgi_params;
}
location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt { access_log off; log_not_found off; }
}
修改时间 2023-12-07
声明:本站所有文章和图片,如无特殊说明,均为原创发布。商业转载请联系作者获得授权,非商业转载请注明出处。
真诚赞赏,手留余香
赞赏
