4、基于授权的的访问控制:
a)生成用户密码认证文件
yum install -y httpd-tools htpasswd -c /usr/local/nginx/passwd.db zhangsan chown nginx /usr/local/nginx/passwd.db chmod 400 /usr/local/nginx/passwd.db
b)修改主配置文件相对应目录,添加认证配置项
vim /usr/local/nginx/conf/nginx.conf ...... server { location / { ...... ##添加认证配置## auth_basic "secret"; auth_basic_user_file /usr/local/nginx/passwd.db; } }
c)重启服务,访问测试
nginx -t systemctl restart nginx 浏览器访问 http://20.0.0.20或www.lvbu.com
5、基于客户端的访问控制:
访问控制规则如下:
deny IP/IP 段:拒绝某个 IP 或 IP 段的客户端访问。
allow IP/IP 段:允许某个 IP 或 IP 段的客户端访问。
规则从上往下执行,如匹配则停止,不再往下匹配。
vim /usr/local/nginx/conf/nginx.conf ...... server { location / { ...... ##添加控制规则## deny 20.0.0.100; #拒绝访问的客户端 IP allow all; #允许其它IP客户端访问 } } systemctl restart nginx
6、基于域名的Nginx虚拟主机:
a)为虚拟主机提供域名解析
echo "20.0.0.14 www.lvbu.com www.accp.com" >> /etc/hosts
b)为虚拟主机准备网页文档
mkdir -p /var/www/html/lvbu mkdir -p /var/www/html/accp echo "<h1>www.lvbu.com</h1>" > /var/www/html/lvbu/index.html echo "<h1>www.accp.com</h1>" > /var/www/html/accp/index.html
c)修改Nginx的配置文件
vim /usr/local/nginx/conf/nginx.conf ...... http { ...... server { listen 80; server_name www.lvbu.com; #设置域名www.lvbu.com charset utf-8; access_log logs/www.lvbu.access.log; location / { root /var/www/html/lvbu; #设置www.lvbu.com 的工作目录 index index.html index.php; } error_page 500 502 503 504 /50x.html; location = 50x.html{ root html; } } server { listen 80; server_name www.caocao.com; #设置域名www.caocao.com charset utf-8; access_log logs/www.caocao.access.log; location / { root /var/www/html/caocao; index index.html index.php; } error_page 500 502 503 504 /50x.html; location = 50x.html{ root html; } } }
7、基于IP的Nginx的虚拟主机:
ifconfig ens33:0 20.0.0.21 netmask 255.255.255.0 vim /usr/local/nginx/conf/nginx.conf ...... http { ...... server { listen 20.0.0.20:80; #设置监听地址 server_name www.lvbu.com; charset utf-8; access_log logs/www.lvbu.access.log; location / { root /var/www/html/lvbu; index index.html index.php; } error_page 500 502 503 504 /50x.html; location = 50x.html{ root html; } } server { listen 20.0.0.20:80; #设置监听地址 server_name www.caocao.com; charset utf-8; access_log logs/www.caocao.access.log; location / { root /var/www/html/caocao; index index.html index.php; } error_page 500 502 503 504 /50x.html; location = 50x.html{ root html; } } } systemctl restart nginx
8、基于端口的Nginx的虚拟主机:
vim /usr/local/nginx/conf/nginx.conf ...... http { ...... server { listen 20.0.0.17:666; #设置监听 666 端口 server_name www.lvbu.com; charset utf-8; access_log logs/www.lvbu.access.log; location / { root /var/www/html/lvbu; index index.html index.php; } error_page 500 502 503 504 /50x.html; location = 50x.html{ root html; } } server { listen 20.0.0.21:888; #设置监听 888 端口 server_name www.accp.com; charset utf-8; access_log logs/www.caocao.access.log; location / { root /var/www/html/accp; index index.html index.php; } error_page 500 502 503 504 /50x.html; location = 50x.html{ root html; } } }<br><br><br><br>systemctl restart nginx
