1. Nginx multi-Server priority

When starting to process an http request, nginx takes out the Host variable in the header header and matches each server_name in nginx.conf to determine which server will handle the request. However, how nginx configures multiple identical server_names can lead to priority access conflicts in server_name.

1.1 Prepare the configuration file for nginx

[root@web01 conf.d]# cat server1.conf 
server {
    listen 80;
    server_name localhost test1.com;

    location / {
        root /code/test1;
        index index.html;
    }
}
[root@web01 conf.d]# cat server2.conf 
server {
    listen 80;
    server_name localhost test2.com;

    location / {
        root /code/test2;
        index index.html;
    }
}
[root@web01 conf.d]# cat server3.conf 
server {
    listen 80;
    server_name localhost test3.com;

    location / {
        root /code/test3;
        index index.html;
    }
}
[root@web01 conf.d]#

1.2 Prepare site catalogue

[root@web01 conf.d]# mkdir /code/test{1..3}
[root@web01 conf.d]# echo test1 > /code/test1/index.html
[root@web01 conf.d]# echo test2 > /code/test2/index.html
[root@web01 conf.d]# echo test3 > /code/test3/index.html

1.3 Check for grammar prompt conflicts, ignore and restart

[root@web01 conf.d]# nginx -t
nginx: [warn] conflicting server name "localhost" on 0.0.0.0:80, ignored
nginx: [warn] conflicting server name "localhost" on 0.0.0.0:80, ignored
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
[root@web01 conf.d]# nginx -s reload
nginx: [warn] conflicting server name "localhost" on 0.0.0.0:80, ignored
nginx: [warn] conflicting server name "localhost" on 0.0.0.0:80, ignored
[root@web01 conf.d]#

1.4 Browser Access Test

# Normal test based on domain name access

#Access based on ip
#1. User's first visit reads the server 1.conf configuration and returns the result
[root@lb01 ~]# curl 10.0.0.5
test1

#2. Modify server1.conf to server4.conf to restart nginx at this time
[root@lb01 conf.d]# mv server1.conf server4.conf
[root@lb01 conf.d]# nginx -s reload

#3. Read the server 2.conf configuration to return the result when accessing again
[root@lb01 conf.d]# curl 10.0.0.5
test2

Summary of 1.5 Multiple Server_name Priorities

When you start processing an HTTP request, Nginx reads the host in the header and matches the server_name in each server to decide which server tag to use to complete processing the request. It is possible that a Host matches the server_name in multiple servers, depending on the matching priority. To select the server that is actually processed. The results of priority matching are as follows:

Note: When multiple identical server_name s occur, the priority of configuration file sorting will be invoked, so it is recommended to configure the same port, different domain names, so that there will be no domain name access conflict.

2. Nginx prohibits direct IP access

When a user visits your website by visiting IP or unknown domain name, you want to prohibit display of any valid content, you can return 500 to him. At present, many computer rooms in China require the website to close the empty hosts to prevent the unregistered domain name from pointing to the site causing trouble.

2.1 Nginx Prohibits IP Access

[root@lb01 conf.d]# cat server4.conf 
server {
    listen 80 default_server;           #Default priority return;
    server_name _;                      #Empty host header or IP;
    return 500;                         #Return 500 errors directly.
}

2.2 Drainage mode will access IP directly jump to host domain name

[root@lb01 conf.d]# cat server4.conf 
server {
    listen 80 default_server;
    server_name _;
    return 302 http://test1.com;
}

Nginx contains the file Include

If the configuration is written in the main configuration file of nginx.conf, the main configuration file of nginx.conf will become very large and the readability will be very poor. Later maintenance becomes troublesome. Suppose you want to shut down a site quickly now, what should you do? 1. If it is written in nginx.conf, manual annotation is needed. 2. If it is included, the annotation include can be completed by modifying the extension of the configuration file. The purpose of the annotation include is to simplify the main configuration file and make it easy for human to read.

Configuration for online use of inlcude/etc/nginx/online/*.conf#

/ etc/nginx/offline # Reserve configuration, not enabled (next time in mobile to online)

Nginx path root and alias

The main difference between root and alias path matching is how nginx interprets uri after location, which enables them to map requests to server files in different ways. alias is the definition of a directory alias, and root is the definition of the top directory.

The result of root processing is: root path + location path alias processing result is: using alias defined path

When users access http://image.com/picture/1.jpg with root, Nginx actually looks for 1.jpg files in the / code/picture/directory.

[root@lb01 conf.d]# cat image.conf 
server {
    listen 80;
    server_name image.com;

    location /picture {
        root /code;
    }
}

2 When using alias, when users access http://image.com/picture/1.jpg, Nginx actually looks for 1.jpg files in the / code/directory

[root@lb01 conf.d]# cat image.conf 
server {
    listen 80;
    server_name image.com;

    location /picture {
        alias /code;
    }
}

General configuration on line 3

server {
    listen 80;
    server_name image.oldboy.com;

    location / {
        root /code;
    }

    location ~* ^.*\.(png|jpg|gif)$ {
        alias /code/images/;
    }
}

Nginx try_file path matching

The try_file path of nginx matches, and Nginx checks the existence of files and directories sequentially (constructs a complete file path based on the parameters set by the root and alias instructions), and provides services with the first file found. Add a slash / after the element name to indicate that this is a directory. If neither file nor directory exists, Nginx performs an internal redirection and jumps to the URI defined by the last URI parameter of the command.

1 Nginx try_file configuration instance 1

#1. Configure nginx
[root@lb01 conf.d]# vim try.conf 
server {
    listen 80;
    server_name try.haoda.com;
    root /code;
    index index.html;

    location / {
        try_files $uri /404.html;
    }
}

#2. Create instance directories and files
[root@lb01 conf.d]# echo try11111 > /code/index.html 
[root@lb01 conf.d]# echo '404 404 404' > /code/404.html

#3. Try to visit try.haoda.com
[root@lb01 conf.d]# curl try.haoda.com
404 404 404
#Because we visited try.haoda.com and the $uri was the content we wrote after the domain name, it could not be found, so we returned the content after that, that is 404.html.

#4. Try to access try.haoda.com/index.html
[root@lb01 conf.d]# curl try.haoda.com/index.html
try11111
#Since try.haoda.com/index.html was accessed and $uri fetched index.html, the contents of / code/index.html were returned.

#5. Modify configuration
location / {
    try_files $uri $uri/ /404.html;
}

#6. Try to visit try.haoda.com again
[root@lb01 conf.d]# curl try.haoda.com
try11111
#We visited try.haoda.com, and $uri didn't write anything, so he visited empty/, which matches / code/index.html.

Give an example

location /images/ {
        try_files $uri $uri/ /404.html;
}

The user requests try.haoda.com/images/image1.gif, and Nginx first finds the file in the local directory by using this location. If the "image1.gif" file does not exist, Nginx looks for the "image1.gif/" directory, that is, "try.haoda.com/images/image1.gif/", and if none exists, redirects to "/404.html"

2 Nginx try_file configuration instance 2

#1. Configure nginx
[root@lb01 conf.d]# cat try.conf 
server {
    listen 80;
    server_name try.haoda.com;
    root /code;
    index index.html;

    location / {
        try_files $uri $uri/ @java;             #When both $uri and $uri / do not match, they are handled by java at the back end. The name can be customized, but it must be added@
    }

    location @java {
    proxy_pass http://172.16.1.8:8080;  Configure back-end tomcat
    }
}

#2. Configure back-end tomcat
[root@web02 ~]# cd /usr/share/tomcat/webapps/ROOT
[root@web02 ROOT]# echo 'i am tomcat' > index.html
[root@web02 ROOT]# systemctl start tomcat

#3. Move all the documents away
[root@lb01 code]# mv index.html index1.html /tmp/

#4. Test access
[root@lb01 code]# curl http://try.haoda.com/index.html
i am tomcat

Nginx resizes uploaded files

In the process of using nginx to upload files, it is usually necessary to set the thermal insulation size limit to avoid 413 Request Entity Too Large

nginx Upload File Size Restriction Configuration Syntax

Syntax:  client_max_body_size size;
Default: client_max_body_size 1m;
Context: http, server, location

An example of configuring nginx long-pass file size restriction

#It can also be put into the http layer, which takes effect globally.
server {
    listen 80;
    server_name _;
    client_max_body_size 200m;
}

Nginx gracefully displays error pages

error_page Error Log

1 The first configuration (jump network address)

#error_page is configured with a network address such as http
[root@lb01 conf.d]# cat error.conf 
server {
    listen       80;
    server_name  www.haoda.com;
    root /code;
    #error_page  404  http://www.baidu.com;

    location / {
        index index.html;
        error_page  404  http://www.baidu.com;
    }    
}

2. The second configuration (jump local address)

[root@lb01 conf.d]# cat error.conf 
server {
    listen 80;
    server_name error.haoda.com;
    root /code;

    location / {
        index index.html;
    }

    #error_page  403 404  /404.jpg;

    error_page 403 404 /404.html;
    location = /404.html {
        root /code;
        index index.html;   
    }
}