环境:centos6u3

1、安装nginx

(1)上传nginx

nginx-1.14.0.tar.gz。可以从nginx官网下载http://nginx.org/en/download.html

(2)解压

tar zxvf nginx-1.14.0.tar.gz

(3)安装依赖包:

yum install gcc gcc-c++ glibc automake pcre zlip zlib-devel openssl-devel pcre-devel wget lrzsz

(4)配置账号:

groupadd www

useradd -s /sbin/nologin -g www -M www

(5)编译、安装

cd nginx-1.14.

./configure --prefix=/usr/local/nginx --user=www --group=www --with-http_ssl_module --with-http_stub_status_module --with-http_realip_module --with-http_auth_request_module

make

make install

(6)配置service
vim /etc/init.d/nginx

#!/bin/bash

# nginx Startup script for the Nginx HTTP Server

# it is v.0.0. version.

# chkconfig: -

# description: Nginx is a high-performance web and proxy server.

#              It has a lot of features, but it's not for everyone.

# processname: nginx

# pidfile: /var/run/nginx.pid

# config: /usr/local/nginx/conf/nginx.conf

nginxd=/usr/local/nginx/sbin/nginx

nginx_config=/usr/local/nginx/conf/nginx.conf

nginx_pid=/var/run/nginx.pid

RETVAL=

prog="nginx"

# Source function library.

. /etc/rc.d/init.d/functions

# Source networking configuration.

. /etc/sysconfig/network

# Check that networking is up.

[ ${NETWORKING} = "no" ] && exit

[ -x $nginxd ] || exit

# Start nginx daemons functions.

start() {

if [ -e $nginx_pid ];then

   echo "nginx already running...."

   exit

fi

   echo -n $"Starting $prog: "

   daemon $nginxd -c ${nginx_config}

   RETVAL=$?

   echo

   [ $RETVAL =  ] && touch /var/lock/subsys/nginx

   return $RETVAL

}

# Stop nginx daemons functions.

stop() {

        echo -n $"Stopping $prog: "

        killproc $nginxd

        RETVAL=$?

        echo

        [ $RETVAL =  ] && rm -f /var/lock/subsys/nginx /var/run/nginx.pid

}

# reload nginx service functions.

reload() {

    echo -n $"Reloading $prog: "

    #kill -HUP `cat ${nginx_pid}`

    killproc $nginxd -HUP

    RETVAL=$?

    echo

}

# See how we were called.

case "$1" in

start)

        start

        ;;

stop)

        stop

        ;;

reload)

        reload

        ;;

restart)

        stop

        start

        ;;

status)

        status $prog

        RETVAL=$?

        ;;

*)

        echo $"Usage: $prog {start|stop|restart|reload|status|help}"

        exit

esac

exit $RETVAL

2、配置反向代理

vim /usr/local/nginx/conf/nginx.conf

#user  nobody;

worker_processes  ;

#error_log  logs/error.log;

#error_log  logs/error.log  notice;

#error_log  logs/error.log  info;

#pid        logs/nginx.pid;

events {

    worker_connections  ;

}

http {

    include       mime.types;

    default_type  application/octet-stream;

    #log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '

    #                  '$status $body_bytes_sent "$http_referer" '

    #                  '"$http_user_agent" "$http_x_forwarded_for"';

    #access_log  logs/access.log  main;

    sendfile        on;

    #tcp_nopush     on;

    #keepalive_timeout  ;

    keepalive_timeout  ;

    #gzip  on;

    server {

        listen       ;

        server_name  localhost;

        #charset koi8-r;

        #access_log  logs/host.access.log  main;

        location / {

            root   html;

            index  index.html index.htm;

        }

        location /public/ {

            proxy_pass http://ip:port/;

            proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;

            proxy_max_temp_file_size ;

            proxy_connect_timeout      ;

            proxy_send_timeout         ;

            proxy_read_timeout         ;

            proxy_buffer_size          64m;

            proxy_buffers               64m;

            proxy_busy_buffers_size    64m;

            proxy_temp_file_write_size 64m;

        }

        location /user/checkauth {

            proxy_pass http://ip:port/user/checkbotpageauth;

            proxy_pass_request_body off;

            proxy_set_header Content-Length "";

            proxy_set_header X-Original-URI $request_uri;

        }

        location /url/ {

            proxy_pass http://ip:port/url/;

            proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;

            proxy_max_temp_file_size ;

            proxy_connect_timeout      ;

            proxy_send_timeout         ;

            proxy_read_timeout         ;

            proxy_buffer_size          256m;

            proxy_buffers               256m;

            proxy_busy_buffers_size    256m;

            proxy_temp_file_write_size 256m;

            auth_request /user/checkauth;

        }

        #error_page                /.html;

        # redirect server error pages to the static page /50x.html

        #

        error_page        /50x.html;

        location = /50x.html {

            root   html;

        }

        # proxy the PHP scripts to Apache listening on 127.0.0.1:

        #

        #location ~ \.php$ {

        #    proxy_pass   http://127.0.0.1;

        #}

        # pass the PHP scripts to FastCGI server listening on 127.0.0.1:

        #

        #location ~ \.php$ {

        #    root           html;

        #    fastcgi_pass   127.0.0.1:;

        #    fastcgi_index  index.php;

        #    fastcgi_param  SCRIPT_FILENAME  /scripts$fastcgi_script_name;

        #    include        fastcgi_params;

        #}

        # deny access to .htaccess files, if Apache's document root

        # concurs with nginx's one

        #

        #location ~ /\.ht {

        #    deny  all;

        #}

    }

    # another virtual host using mix of IP-, name-, and port-based configuration

    #

    #server {

    #    listen       ;

    #    listen       somename:;

    #    server_name  somename  alias  another.alias;

    #    location / {

    #        root   html;

    #        index  index.html index.htm;

    #    }

    #}

    # HTTPS server

    #

    #server {

    #    listen        ssl;

    #    server_name  localhost;

    #    ssl_certificate      cert.pem;

    #    ssl_certificate_key  cert.key;

    #    ssl_session_cache    shared:SSL:1m;

    #    ssl_session_timeout  5m;

    #    ssl_ciphers  HIGH:!aNULL:!MD5;

    #    ssl_prefer_server_ciphers  on;

    #    location / {

    #        root   html;

    #        index  index.html index.htm;

    #    }

    #}

}

注意,其中ip、port需要替换为具体ip、端口,/public、/url、/user/checkauth等为示例地址,需要根据具体情况修改。/user/checkauth接口,通过session判断是否有权限,没有权限返回http code 403,有权限返回200

3、主页自动跳转

vim /usr/local/nginx/html/index.html

<html>

<head>

<title>欢迎</title>

<meta http-equiv="refresh" content="0;url=/public/">

</head>

<body>

<h1>正在跳转。。。</h1>

</body>

</html>

4、启动nginx

service nginx start

使用nginx配置带有权限验证的反向代理的更多相关文章

  1. debian+nginx配置初探--php环境、反向代理和负载均衡

    配置nginx的PHP环境 安装nginx sudo apt-get install nginx 安装nginx就可以通过下面地址来访问了:http://localhost/ 安装php sudo a ...

  2. NETCore使用带有权限验证的Swagger

    原文:NETCore使用带有权限验证的Swagger 文章目录 Swagger 什么是Swagger NuGet安装 Startup注册Swagger 设置默认首页打开Swagger 为接口添加注释 ...

  3. nginx配置https双向验证(ca机构证书+自签证书)

    nginx配置https双向验证 服务端验证(ca机构证书) 客户端验证(服务器自签证书) 本文用的阿里云签发的免费证书实验,下载nginx安装ssl,文件夹有两个文件 这两个文件用于做服务器http ...

  4. Nginx二级域名及多Server反向代理配置

    Nginx强大的正则表达式支持,可以使server_name的配置变得很灵活,如果你要做多用户博客,那么每个用户拥有自己的二级域名也就很容易实现了. 注:nginx反向代理同一ip多个域名,给head ...

  5. nginx配置ssl双向验证 nginx https ssl证书配置

    1.安装nginx 参考<nginx安装>:http://www.ttlsa.com/nginx/nginx-install-on-linux/ 如果你想在单IP/服务器上配置多个http ...

  6. nginx的https和http共存反向代理配置

    一.设置http反向代理: upstream ly.com { server ; server ; } upstream home.ly.com { server ; server ; } 对应增加: ...

  7. Nginx配置访问权限

    基于IP配置Nginx的访问权限 Nginx配置通过两种途径支持基本访问权限的控制,其中一种是由HTTP标准模块ngx_http_access_module支持的,通过IP来判断客户端是否拥有对Ngi ...

  8. nginx -stream(tcp连接)反向代理配置 实现代理mysql以及文件上传

    原文链接:https://blog.csdn.net/Activity_Time/article/details/95767390 1. stream模块安装 nginx默认安装的时候无法加载流str ...

  9. aProxy: 带认证授权和权限控制的反向代理

    前段时间很多数据库因为没有做好权限控制暴露在外网被删然后遭勒索的事件,而类似的有些内网的web服务也会被开放到公网并且没有做任何权限控制的,这样也会有一定的风险.所以就决定写篇文章简单介绍一个小工具. ...

随机推荐

  1. pytest-2:allure 的安装、使用

    版本对应: python3.4==>allure-pytest2.7.0 python3.6==>allure0pytest2.8.6 环境安装: 1.先安装好对应的python,准备好p ...

  2. 【Spring AOP】AOP核心概念(二)

    1. 横切关注点 对哪些方法进行拦截,拦截后怎么处理,这些关注点称之为横切关注点. 2. 切面(aspect)-- 本质上仅仅是一个类 类是对物体特征的抽象,切面就是对横切关注点的抽象. 3. 连接点 ...

  3. React、Vue、Angular对比 ---- 介绍及优缺点

    React 起源于 Facebook 的内部项目,用来架设 Instagram 的网站, 并于 2013年 5 月开源.React 拥有较高的性能,代码逻辑非常简单,越来越多的人已开始关注和使用它.它 ...

  4. ionic4 组件调用的坑

    我们再开发过程中很多模块做成组件,那么调用的时候则需把module.ts中的引入去掉,如下红色框框:

  5. NOIP模拟赛 拓展

    题目描述 Description \(φ\) 函数是数论中非常常用的函数.对于正整数 \(x\) ,\(φ(x)\) 表示不超过 \(x\) 的所有正整数与 \(x\) 互质的个数. 现在我们对它进行 ...

  6. 对象查询语言(OQL)的应用实例

    一.绪论 两个多星期前,我的导师布置了一道作业,就是利用对象查询语言(OQL)对常规的SQL需求进行求解.而对于我一个在面向对象数据库方面,经验可谓无足轻重的新手来说,确实难以下手.不用说,我肯定在拿 ...

  7. Ubuntu 16.04 + OpenCV 自定义环境变量 pkg-config / PKG_CONFIG_PATH

    0. 前言 今天在执行一段脚本的时候,爆出错误: Package opencv was not found in the pkg-config search path. Perhaps you sho ...

  8. LeetCode 752:打开转盘锁 Open the Lock

    题目: 你有一个带有四个圆形拨轮的转盘锁.每个拨轮都有10个数字: '0', '1', '2', '3', '4', '5', '6', '7', '8', '9' .每个拨轮可以自由旋转:例如把 ' ...

  9. 明解C语言 入门篇 第十二章答案

    练习12-1 /* 用表示学生的结构体来显示高尾的信息 */ #include <stdio.h> #define NAME_LEN 64 /* 姓名的字符数 */ /*=== 表示学生的 ...

  10. git Filename too long

    # 全局 git config --global core.longpaths true # 当前仓库 git config core.longpaths true