配置LNMP完成安装,并把PHP也解析完成,但是Nginx启动使用的是一个可执行文件:/usr/local/nginx/sbin/nginx 来启动,非常不方便,要给Nginx写一个启动脚本,同Apache,虽然Apache的启动脚本没有放到/etc/init.d目录下,但Apache有个非常方便的启动、重启、停止脚本,即:“apachectl”,而Nginx没有这样的工具,
我们需要手动制作一个启动脚本,如下:
[root@LnmpLinux ~]# vim /etc/init.d/nginx
#!/bin/bash
# chkconfig: - 30 21
# description: http service.
# Source Function Library
. /etc/init.d/functions
# Nginx Settings
NGINX_SBIN="/usr/local/nginx/sbin/nginx"
NGINX_CONF="/usr/local/nginx/conf/nginx.conf"
NGINX_PID="/usr/local/nginx/logs/nginx.pid"
RETVAL=0
prog="Nginx"
start() {
echo -n $"Starting $prog: "
mkdir -p /dev/shm/nginx_temp
daemon $NGINX_SBIN -c $NGINX_CONF
RETVAL=$?
echo
return $RETVAL
}
stop() {
echo -n $"Stopping $prog: "
killproc -p $NGINX_PID $NGINX_SBIN -TERM
rm -rf /dev/shm/nginx_temp
RETVAL=$?
echo
return $RETVAL
}
reload(){
echo -n $"Reloading $prog: "
killproc -p $NGINX_PID $NGINX_SBIN -HUP
RETVAL=$?
echo
return $RETVAL
}
restart(){
stop
start
}
configtest(){
$NGINX_SBIN -c $NGINX_CONF -t
return 0
}
case "$1" in
start)
start
;;
stop)
stop
;;
reload)
reload
;;
restart)
restart
;;
configtest)
configtest
;;
*)
echo $"Usage: $0 {start|stop|reload|restart|configtest}"
RETVAL=1
esac
exit $RETVAL
给启动脚本授权
[root@LnmpLinux ~]# chmod 755 /etc/init.d/nginx
加入启动进程并设为开机启动
[root@LnmpLinux ~]# chkconfig --add nginx
[root@LnmpLinux ~]# chkconfig nginx on
[root@LnmpLinux ~]# service nginx start
编辑完启动脚本后,我们来看他的配置文件,自带的配置文件很乱, 我们给他整理一下
[root@LnmpLinux ~]# > /usr/local/nginx/conf/nginx.conf
[root@LnmpLinux ~]# vim /usr/local/nginx/conf/nginx.conf
将一下内容粘贴到nginx.conf里面,
并在最后一行写入 include vhosts/*.conf;
user nobody nobody;
worker_processes 2;
error_log /usr/local/nginx/logs/nginx_error.log crit;
pid /usr/local/nginx/logs/nginx.pid;
worker_rlimit_nofile 51200;
events
{
use epoll;
worker_connections 6000;
}
http
{
include mime.types;
default_type application/octet-stream;
server_names_hash_bucket_size 3526;
server_names_hash_max_size 4096;
log_format combined_realip '$remote_addr $http_x_forwarded_for [$time_local]'
'$host "$request_uri" $status'
'"$http_referer" "$http_user_agent"';
sendfile on;
tcp_nopush on;
keepalive_timeout 30;
client_header_timeout 3m;
client_body_timeout 3m;
send_timeout 3m;
connection_pool_size 256;
client_header_buffer_size 1k;
large_client_header_buffers 8 4k;
request_pool_size 4k;
output_buffers 4 32k;
postpone_output 1460;
client_max_body_size 10m;
client_body_buffer_size 256k;
client_body_temp_path /usr/local/nginx/client_body_temp;
proxy_temp_path /usr/local/nginx/proxy_temp;
fastcgi_temp_path /usr/local/nginx/fastcgi_temp;
fastcgi_intercept_errors on;
tcp_nodelay on;
gzip on;
gzip_min_length 1k;
gzip_buffers 4 8k;
gzip_comp_level 5;
gzip_http_version 1.1;
gzip_types text/plain application/x-javascript text/css text/htm application/xml;
include vhosts/*.conf;
}
:wq
保存退出
进入conf目录下
[root@LnmpLinux ~]# cd /usr/local/nginx/conf/
创建vhosts目录
[root@LnmpLinux conf]# mkdir vhosts
进入vhosts目录
[root@LnmpLinux conf]# cd vhosts
[root@LnmpLinux vhosts]# vim default.conf
将“server部分”粘贴进去
server
{
listen 80;
server_name localhost;
index index.html index.htm index.php;
root /usr/local/nginx/html;
location ~ \.php$ {
include fastcgi_params;
fastcgi_pass unix:/tmp/php-fcgi.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /usr/local/nginx/html$fastcgi_script_name;
}
}
改动一:
在listen 80 后面加上default_server,
即:listen 80 default_server;
(解释:不管主机解析成什么样的域名,全都走这个默认虚拟主机。)
改动二:
将root /usr/local/nginx/html;改成/tmp/1233(这个1233目录根据公司情况自定义);并在下一行写入deny all;
即:root /tmp/1233;
deny all;
(解释:为了限制,我们应该把第一个默认虚拟主机搞成403。)
改动三:删除下面关于php解析的一整段(用不着了)。
改动完成,如下所示:
server
{
listen 80 default_server;
server_name localhost;
index index.html index.htm index.php;
root /tmp/1233;
deny all;
}
创建有关于上述改动中的“目录”
[root@LnmpLinux vhosts]# mkdir /tmp/1233
检查有无错误
[root@LnmpLinux vhosts]# /usr/local/nginx/sbin/nginx -t
重加载
[root@LnmpLinux vhosts]# /etc/init.d/nginx reload
实验:
[root@LnmpLinux vhosts]# curl -x127.0.0.1:80 www.777.com
<html>
<head><title>403 Forbidden</title></head>
<body bgcolor="white">
<center><h1>403 Forbidden</h1></center>
<hr><center>nginx/1.6.3</center>
</body>
</html>
说明:不管什么域名,只要指向过来访问,都是403
本文转自 听丶飞鸟说 51CTO博客,原文链接:http://blog.51cto.com/286577399/1683378