1000字范文 > nginx反向代理结合apache和php的配置示例

nginx反向代理结合apache和php的配置示例

时间：2022-02-26 18:37:33

1.前端nginx主配置文件# cat nginx.confworker_processes 8;#pid logs/nginx.pid;pid /data/www/logs/nginx.pid;worker_rlimit_nofile 65535;events {use epoll; worker_connections 10240;accept_mutex off;}http {include mime.types;default_type application/octet-stream;#set_real_ip_from 0.0.0.0/0;#real_ip_headerX-Forwarded-For;#proxy_set_header Host $host; #proxy_set_header X-Real-IP $remote_addr; #proxy_set_header X-Forwarded-For $http_x_forwarded_for; #proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_headers_hash_max_size 51200;proxy_headers_hash_bucket_size6400;ssl_session_cache shared:SSL:200m;ssl_session_timeout 15m;lua_package_path "/usr/local/nginx/conf/ngx_lua_waf/?.lua";lua_shared_dict limit 10m;init_by_lua_file /usr/local/nginx/conf/ngx_lua_waf/init.lua; access_by_lua_file /usr/local/nginx/conf/ngx_lua_waf/waf.lua; log_format main '$remote_addr - - [$time_local] - - "$request" $status $body_bytes_sent "$http_referer" "$http_user_agent" "$http_cookie" "$request_body" "$http_user_agent" $request_time '; log_format error '$remote_addr - - [$time_local] - - "$request" $status $body_bytes_sent "$http_referer" "$http_user_agent" $request_time '; sendfile on;tcp_nodelay on;keepalive_timeout 90;#----for upload fileclient_max_body_size 8M;client_body_buffer_size 2M;#--- for resolve 400 errorclient_header_buffer_size 64k;large_client_header_buffers 4 64k;proxy_connect_timeout 90s;proxy_read_timeout 90s;proxy_send_timeout 90s; proxy_buffer_size 16k;proxy_buffers 4 32k;proxy_busy_buffers_size 64k;proxy_temp_file_write_size 64k;proxy_ignore_client_abort on; proxy_intercept_errors on;gzip on;gzip_vary off;gzip_min_length 1k;gzip_buffers4 16k;gzip_http_version 1.0;gzip_comp_level 5;gzip_disable"MSIE [1-6]\.";gzip_types text/plain text/css text/javascript application/javascript application/x-javascript text/xml application/xml application/wasm;ssi on;ssi_silent_errors on;#ssi_types text/shtml;expires 60d;server_names_hash_bucket_size 20480;#if_modified_since before;#limit_req_zone $binary_remote_addr zone=all_zone:10m rate=3r/s;#limit_req zone=all_zone burst=2 nodelay;# apache和php部分upstream php_pool{ip_hash;server 192.168.254.122:8080 max_fails=0 fail_timeout=30s weight=1;server 192.168.254.123:8080 max_fails=0 fail_timeout=30s weight=1;check interval=3000 rise=2 fall=5 timeout=1000 type=tcp port=8080;check_keepalive_requests 100;# check_http_send "HEAD / HTTP/1.1\r\nConnection: keep-alive\r\n\r\n";check_http_expect_alive http_2xx http_3xx; }# nginx和fastcgi部分upstream www_servers{ip_hash;server 192.168.254.1:80 max_fails=0 fail_timeout=30s weight=1;server 192.168.254.2:80 max_fails=0 fail_timeout=30s weight=1;check interval=3000 rise=2 fall=5 timeout=1000 type=tcp port=80;check_keepalive_requests 100;# check_http_send "HEAD / HTTP/1.1\r\nConnection: keep-alive\r\n\r\n";check_http_expect_alive http_2xx http_3xx; } include vhost.d/*.conf;server {listen 80 default_server;server_name localhost;#charset koi8-r;#access_log logs/host.access.log main;location / {root /data/www/html;index index.html index.htm;}error_page 500 502 503 504 /50x.html;location = /50x.html {root html;}location /status {stub_status on;access_log off;}}}nginx前端的虚拟主机配置[root@web01:/usr/local/nginx/conf/vhost.d]# more .conf server {listen 80;server_name ori- www.;access_log/data/www/logs/nginx_log/access/_access.log main ;error_log /data/www/logs/nginx_log/error/_error.log ;root /data/www/vhosts//httpdocs ;index index.html index.shtml index.php ;include rewrite.d/.conf ;error_page 404 403 /404.html; rewrite ^/(.*)$ /$1 permanent; #跳转到Httpslocation ~ \.php$ {proxy_pass http://php_pool;include proxy_params;expires -1;}location / {include proxy_params;if (!-d $request_filename){set $flag 1$flag;}if (!-f $request_filename){set $flag 2$flag;}if ($flag = "21"){proxy_pass http://php_pool;expires -1; }}}server {listen 443;ssl on;ssl_certificate cert/chinasoft_com.crt;ssl_certificate_keycert/chinasoft_com.key;ssl_dhparamcert/dh_2048.pem;ssl_session_timeout15m;ssl_protocols TLSv1 TLSv1.1 TLSv1.2;ssl_ciphers"ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:!AES128-GCM-SHA256:!AES256-GCM-SHA384:!AES128-SHA256:!AES256-SHA256:!AES128-SHA:!AES256-SHA:AES:!CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA";ssl_prefer_server_ciphers on;#ssl_stapling on;#ssl_stapling_verify on;server_nameori-;access_log/data/www/logs/nginx_log/access/_access.log main ;error_log /data/www/logs/nginx_log/error/_error.log ;root /data/www/vhosts//httpdocs ;index index.html index.shtml index.php ;include rewrite.d/.conf ;error_page 404 403 /404.html;if ($http_user_agent ~ Ezooms) {return 403;}location ^~ /servers/ {include proxy_params;proxy_http_version 1.1;proxy_pass http://www_servers;expires -1;}location ~ \.php$ {proxy_pass http://php_pool;expires -1;include proxy_params;}}2.当后端是apache+php时的apache配置部分[root@web01:/usr/local/nginx/conf/vhost.d]# more /usr/local/httpd-2.2.26/conf/vhost.d/.conf <VirtualHost *:8080>ServerName

# apache配置别名，相当于多个域名都可以访问进来ServerAlias

ServerAlias drfone.chinaosft-UseCanonicalName OffServerAdmin "admin@"DocumentRoot /data/www/vhosts//httpdocsDirectoryIndex index.html index.shtml index.phpCustomLog "|/usr/local/apache2/bin/rotatelogs -l /data/www/logs/apache_log/access/_access.log.%Y-%m-%d 86400" combinedErrorLog "|/usr/local/apache2/bin/rotatelogs -l /data/www/logs/apache_log/error/_error.log.%Y-%m-%d 86400"<IfModule mod_ssl.c>SSLEngine off</IfModule><Directory /data/www/vhosts//httpdocs/><IfModule sapi_apache2.c>php_admin_flag engine onphp_admin_flag safe_mode onphp_admin_value open_basedir ".:/data/www/vhosts/:/tmp"</IfModule><IfModule mod_php5.c>php_admin_flag engine onphp_admin_flag safe_mode onphp_admin_value open_basedir ".:/data/www/vhosts/:/tmp"</IfModule>Options -ExecCGI FollowSymLinks +IncludesAllowOverride All</Directory>Alias /servers "/data/www/vhosts/www_servers"<Directory "/data/www/vhosts/www_servers/">Options -ExecCGI FollowSymLinks +IncludesAllowOverride All</Directory>ErrorDocument 404 /404.html</VirtualHost>3.当后端为nginx+php+fastcgi时[root@ws_cbs_frontend_web01:/usr/local/nginx/conf/vhost.d]# more ../other_domain.d/.conf server {listen 80;server_name ori-;access_log/data/www/logs/nginx_log/access/_access.log main ;error_log /data/www/logs/nginx_log/error/_error.log ;root /data/www/vhosts/www_servers ;index index.html index.shtml index.php ;include rewrite.d/.conf ;error_page 404 403 /404.html; set_real_ip_from 192.168.0.0/16;set_real_ip_from 10.10.18.0/24;#set_real_ip_from 0.0.0.0/0;real_ip_headerX-Real-IP;location / {try_files $uri $uri/ /index.php?$query_string;}location ~ \.php$ {fastcgi_pass unix:/tmp/php-cgi.sock;fastcgi_index index.php;fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;include fastcgi_params;}}server {listen 443;server_name ori-;access_log/data/www/logs/nginx_log/access/_access.log main ;error_log /data/www/logs/nginx_log/error/_error.log ;root /data/www/vhosts/www_servers ;index index.html index.shtml index.php ;include rewrite.d/.conf ;error_page 404 403 /404.html;ssl on;ssl_certificate cert/chinasoft_com.crt;ssl_certificate_keycert/chinasoft_com.key;ssl_dhparam cert/dh_2048.pem;ssl_session_timeout15m;ssl_protocols TLSv1 TLSv1.1 TLSv1.2;ssl_ciphers"ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:!AES128-GCM-SHA256:!AES256-GCM-SHA384:!AES128-SHA256:!AES256-SHA256:!AES128-SHA:!AES256-SHA:AES:!CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA";set_real_ip_from 192.168.0.0/16;set_real_ip_from 10.10.18.0/24;#set_real_ip_from 0.0.0.0/0;real_ip_headerX-Real-IP;location / {try_files $uri $uri/ /index.php?$query_string;}location ~ \.php$ {fastcgi_pass unix:/tmp/php-cgi.sock;fastcgi_index index.php;fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;include fastcgi_params;}}

apache启用ssi功能

# more .htaccess

RewriteOptions inherit

RewriteEngine on

Options +IncludesNoExec

</IfModule>

AddType text/html .shtml .html .htm

AddOutputFilter INCLUDES .shtml .html .htm

本内容不代表本网观点和政治立场，如有侵犯你的权益请联系我们处理。

网友评论

网友评论仅供其表达个人看法，并不表明网站立场。