环境:centos6u3

1、安装nginx

(1)上传nginx

nginx-1.14.0.tar.gz。可以从nginx官网下载http://nginx.org/en/download.html

(2)解压

tar zxvf nginx-1.14.0.tar.gz

(3)安装依赖包:

yum install gcc gcc-c++ glibc automake pcre zlip zlib-devel openssl-devel pcre-devel wget lrzsz

(4)配置账号:

groupadd www

useradd -s /sbin/nologin -g www -M www

(5)编译、安装

cd nginx-1.14.

./configure --prefix=/usr/local/nginx --user=www --group=www --with-http_ssl_module --with-http_stub_status_module --with-http_realip_module --with-http_auth_request_module

make

make install

(6)配置service
vim /etc/init.d/nginx

#!/bin/bash

# nginx Startup script for the Nginx HTTP Server

# it is v.0.0. version.

# chkconfig: -

# description: Nginx is a high-performance web and proxy server.

#              It has a lot of features, but it's not for everyone.

# processname: nginx

# pidfile: /var/run/nginx.pid

# config: /usr/local/nginx/conf/nginx.conf

nginxd=/usr/local/nginx/sbin/nginx

nginx_config=/usr/local/nginx/conf/nginx.conf

nginx_pid=/var/run/nginx.pid

RETVAL=

prog="nginx"

# Source function library.

. /etc/rc.d/init.d/functions

# Source networking configuration.

. /etc/sysconfig/network

# Check that networking is up.

[ ${NETWORKING} = "no" ] && exit

[ -x $nginxd ] || exit

# Start nginx daemons functions.

start() {

if [ -e $nginx_pid ];then

   echo "nginx already running...."

   exit

fi

   echo -n $"Starting $prog: "

   daemon $nginxd -c ${nginx_config}

   RETVAL=$?

   echo

   [ $RETVAL =  ] && touch /var/lock/subsys/nginx

   return $RETVAL

}

# Stop nginx daemons functions.

stop() {

        echo -n $"Stopping $prog: "

        killproc $nginxd

        RETVAL=$?

        echo

        [ $RETVAL =  ] && rm -f /var/lock/subsys/nginx /var/run/nginx.pid

}

# reload nginx service functions.

reload() {

    echo -n $"Reloading $prog: "

    #kill -HUP `cat ${nginx_pid}`

    killproc $nginxd -HUP

    RETVAL=$?

    echo

}

# See how we were called.

case "$1" in

start)

        start

        ;;

stop)

        stop

        ;;

reload)

        reload

        ;;

restart)

        stop

        start

        ;;

status)

        status $prog

        RETVAL=$?

        ;;

*)

        echo $"Usage: $prog {start|stop|restart|reload|status|help}"

        exit

esac

exit $RETVAL

2、配置反向代理

vim /usr/local/nginx/conf/nginx.conf

#user  nobody;

worker_processes  ;

#error_log  logs/error.log;

#error_log  logs/error.log  notice;

#error_log  logs/error.log  info;

#pid        logs/nginx.pid;

events {

    worker_connections  ;

}

http {

    include       mime.types;

    default_type  application/octet-stream;

    #log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '

    #                  '$status $body_bytes_sent "$http_referer" '

    #                  '"$http_user_agent" "$http_x_forwarded_for"';

    #access_log  logs/access.log  main;

    sendfile        on;

    #tcp_nopush     on;

    #keepalive_timeout  ;

    keepalive_timeout  ;

    #gzip  on;

    server {

        listen       ;

        server_name  localhost;

        #charset koi8-r;

        #access_log  logs/host.access.log  main;

        location / {

            root   html;

            index  index.html index.htm;

        }

        location /public/ {

            proxy_pass http://ip:port/;

            proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;

            proxy_max_temp_file_size ;

            proxy_connect_timeout      ;

            proxy_send_timeout         ;

            proxy_read_timeout         ;

            proxy_buffer_size          64m;

            proxy_buffers               64m;

            proxy_busy_buffers_size    64m;

            proxy_temp_file_write_size 64m;

        }

        location /user/checkauth {

            proxy_pass http://ip:port/user/checkbotpageauth;

            proxy_pass_request_body off;

            proxy_set_header Content-Length "";

            proxy_set_header X-Original-URI $request_uri;

        }

        location /url/ {

            proxy_pass http://ip:port/url/;

            proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;

            proxy_max_temp_file_size ;

            proxy_connect_timeout      ;

            proxy_send_timeout         ;

            proxy_read_timeout         ;

            proxy_buffer_size          256m;

            proxy_buffers               256m;

            proxy_busy_buffers_size    256m;

            proxy_temp_file_write_size 256m;

            auth_request /user/checkauth;

        }

        #error_page                /.html;

        # redirect server error pages to the static page /50x.html

        #

        error_page        /50x.html;

        location = /50x.html {

            root   html;

        }

        # proxy the PHP scripts to Apache listening on 127.0.0.1:

        #

        #location ~ \.php$ {

        #    proxy_pass   http://127.0.0.1;

        #}

        # pass the PHP scripts to FastCGI server listening on 127.0.0.1:

        #

        #location ~ \.php$ {

        #    root           html;

        #    fastcgi_pass   127.0.0.1:;

        #    fastcgi_index  index.php;

        #    fastcgi_param  SCRIPT_FILENAME  /scripts$fastcgi_script_name;

        #    include        fastcgi_params;

        #}

        # deny access to .htaccess files, if Apache's document root

        # concurs with nginx's one

        #

        #location ~ /\.ht {

        #    deny  all;

        #}

    }

    # another virtual host using mix of IP-, name-, and port-based configuration

    #

    #server {

    #    listen       ;

    #    listen       somename:;

    #    server_name  somename  alias  another.alias;

    #    location / {

    #        root   html;

    #        index  index.html index.htm;

    #    }

    #}

    # HTTPS server

    #

    #server {

    #    listen        ssl;

    #    server_name  localhost;

    #    ssl_certificate      cert.pem;

    #    ssl_certificate_key  cert.key;

    #    ssl_session_cache    shared:SSL:1m;

    #    ssl_session_timeout  5m;

    #    ssl_ciphers  HIGH:!aNULL:!MD5;

    #    ssl_prefer_server_ciphers  on;

    #    location / {

    #        root   html;

    #        index  index.html index.htm;

    #    }

    #}

}

注意,其中ip、port需要替换为具体ip、端口,/public、/url、/user/checkauth等为示例地址,需要根据具体情况修改。/user/checkauth接口,通过session判断是否有权限,没有权限返回http code 403,有权限返回200

3、主页自动跳转

vim /usr/local/nginx/html/index.html

<html>

<head>

<title>欢迎</title>

<meta http-equiv="refresh" content="0;url=/public/">

</head>

<body>

<h1>正在跳转。。。</h1>

</body>

</html>

4、启动nginx

service nginx start

使用nginx配置带有权限验证的反向代理的更多相关文章

  1. debian+nginx配置初探--php环境、反向代理和负载均衡

    配置nginx的PHP环境 安装nginx sudo apt-get install nginx 安装nginx就可以通过下面地址来访问了:http://localhost/ 安装php sudo a ...

  2. NETCore使用带有权限验证的Swagger

    原文:NETCore使用带有权限验证的Swagger 文章目录 Swagger 什么是Swagger NuGet安装 Startup注册Swagger 设置默认首页打开Swagger 为接口添加注释 ...

  3. nginx配置https双向验证(ca机构证书+自签证书)

    nginx配置https双向验证 服务端验证(ca机构证书) 客户端验证(服务器自签证书) 本文用的阿里云签发的免费证书实验,下载nginx安装ssl,文件夹有两个文件 这两个文件用于做服务器http ...

  4. Nginx二级域名及多Server反向代理配置

    Nginx强大的正则表达式支持,可以使server_name的配置变得很灵活,如果你要做多用户博客,那么每个用户拥有自己的二级域名也就很容易实现了. 注:nginx反向代理同一ip多个域名,给head ...

  5. nginx配置ssl双向验证 nginx https ssl证书配置

    1.安装nginx 参考<nginx安装>:http://www.ttlsa.com/nginx/nginx-install-on-linux/ 如果你想在单IP/服务器上配置多个http ...

  6. nginx的https和http共存反向代理配置

    一.设置http反向代理: upstream ly.com { server ; server ; } upstream home.ly.com { server ; server ; } 对应增加: ...

  7. Nginx配置访问权限

    基于IP配置Nginx的访问权限 Nginx配置通过两种途径支持基本访问权限的控制,其中一种是由HTTP标准模块ngx_http_access_module支持的,通过IP来判断客户端是否拥有对Ngi ...

  8. nginx -stream(tcp连接)反向代理配置 实现代理mysql以及文件上传

    原文链接:https://blog.csdn.net/Activity_Time/article/details/95767390 1. stream模块安装 nginx默认安装的时候无法加载流str ...

  9. aProxy: 带认证授权和权限控制的反向代理

    前段时间很多数据库因为没有做好权限控制暴露在外网被删然后遭勒索的事件,而类似的有些内网的web服务也会被开放到公网并且没有做任何权限控制的,这样也会有一定的风险.所以就决定写篇文章简单介绍一个小工具. ...

随机推荐

  1. MongoDB Shell基本操作(五)

    官网文档:https://docs.mongodb.com/ 1. 创建数据库 #如果数据库不存在,则创建数据库,否则切换到指定数据库 use DATABASE_NAME 示例: use runoob ...

  2. CF1146D Frog Jumping

    CF1146D Frog Jumping 洛谷评测传送门 题目描述 A frog is initially at position 00 on the number line. The frog ha ...

  3. 团队Git现场编程实战

    团队Git现场编程实战 一.组员职责分工 组员 分工 贡献度 卢欢(组长) 前后端接口设计 8% 严喜 寻找相关资料 8% 张火标 设计并描述界面原型 8% 钟璐英 编写随笔 8% 周华 填写完善文档 ...

  4. 编译安装nmap

    官方编译文档 参考 安装对应的库,并编译安装.

  5. Phoenix |安装配置| 命令行操作| 与hbase的映射| spark对其读写

    Phoenix Phoenix是HBase的开源SQL皮肤.可以使用标准JDBC API代替HBase客户端API来创建表,插入数据和查询HBase数据. 1.特点 1) 容易集成:如Spark,Hi ...

  6. x1

    //程序功能: //要求客户从键盘输入一个整数,判断其是奇是偶 #include <stdio.h> int main(){ int x; printf("输入一个整数:\n&q ...

  7. JAVA基础系列:ThreadLocal

    1. 思路 什么是ThreadLocal?ThreadLocal类顾名思义可以理解为线程本地变量.也就是说如果定义了一个ThreadLocal,每个线程往这个ThreadLocal中读写是线程隔离,互 ...

  8. springboot2 中Druid和ibatis(baomidou) 遇到org.apache.ibatis.binding.BindingException: Invalid bound statement (not found): com.iflytek.pandaai.service.multi.mapper.TanancyMapper

    调用mapper中任何方法都会出现类似的错误 org.apache.ibatis.binding.BindingException: Invalid bound statement (not foun ...

  9. 使用 jQuery.AutoComplete 让文本框自动完成

    直接贴代码了. @section headSection { <script type="text/javascript"> $(document).ready(fun ...

  10. Netty中的ChannelFuture和ChannelPromise

    在Netty使用ChannelFuture和ChannelPromise进行异步操作的处理 这是官方给出的ChannelFutur描述 * | Completed successfully | * + ...