如果您想了解Ubuntu14.04+nginx+php+mysql+phpmyadmin环境搭建，详细操作和ubuntu搭建nginx服务器教程的知识，那么本篇文章将是您的不二之选。我们将深入剖析Ub

如果您想了解Ubuntu 14.04 + nginx + php + mysql + phpmyadmin环境搭建，详细操作和ubuntu搭建nginx服务器教程的知识，那么本篇文章将是您的不二之选。我们将深入剖析Ubuntu 14.04 + nginx + php + mysql + phpmyadmin环境搭建，详细操作的各个方面，并为您解答ubuntu搭建nginx服务器教程的疑在这篇文章中，我们将为您介绍Ubuntu 14.04 + nginx + php + mysql + phpmyadmin环境搭建，详细操作的相关知识，同时也会详细的解释ubuntu搭建nginx服务器教程的运用方法，并给出实际的案例分析，希望能帮助到您！

• Ubuntu 14.04 + nginx + php + mysql + phpmyadmin环境搭建，详细操作（ubuntu搭建nginx服务器教程）
• 12.13 Nginx 防盗链 12.14 Nginx 访问控制 12.15 Nginx 解析 php 相关配置 12.16 Nginx 代理
• 6 月 11 日任务 Nginx 防盗链、Nginx 访问控制、Nginx 解析 php 相关配置、Nginx 代理
• install nginx on ubuntu install ubuntu usb install ubuntu 14.04 ubuntu install jd
• Linux Nginx安装以及可能出现错误 linux nginx php mysql linux nginx 301跳转 1 nginx 安

Ubuntu 14.04 + nginx + php + mysql + phpmyadmin环境搭建，详细操作（ubuntu搭建nginx服务器教程）

版本：Ubuntu 14.04             nginx-1.12.2               mysql-5.6             php-5.6

1、安装nginx-1.12.2

1）依赖安装

sudo apt-get install openssl libssl-dev

sudo apt-get install libpcre3 libpcre3-dev

sudo apt-get install zlib1g-dev

2）添加用户

sudo useradd www

3）下载http://nginx.org/download/nginx-1.12.2.tar.gz 并解压

进入nginx-1.12.2所在目录，比如/home/cky

cd /home/cky

解压

tar xzf nginx-1.12.2.tar.gz

4）进入相应目录并编译

cd  nginx-1.12.2


./configure \

--prefix=/usr/local/nginx \

--user=www \

--group=www \

--with-http_stub_status_module \

--with-http_ssl_module

5）安装

sudo make install

6）复制nginx到bin目录下，方便使用

sudo cp /usr/local/nginx/sbin/nginx  /usr/bin/

7）启动

sudo nginx

8）其他常用操作

关闭nginx

sudo ginx -s stop

重读nginx配置文件

sudo nginx -s reload

9）测试，浏览器输入http://127.0.0.1弹出Welcome to nginx!即表示安装成功

2、安装php-fpm

sudo add-apt-repository  ppa:ondrej/php
sudo apt-get -y update

sudo  apt-get  install  php5.6-fpm

 其他扩展

sudo   apt-get   install  php5.6-curl
sudo   apt-get   install  php5.6-xml

3、修改nginx配置文件以支持 PHP

#打开配置文件  

sudo  vi  /usr/local/nginx/conf/nginx.conf

按键盘a进入编辑模式

更改内容1，第43行左右

location / {

            root   html;

            index  index.html index.htm;

        }

更改为：

location / {

            root   /www/wwwroot;
            index  index.html index.htm index.php;
　　　　　　　if (!-e $request_filename){
               #地址作为将参数rewrite到index.php上。tp框架接收s参数为controller和action，不少框架都利用这种方式来实现伪pathinfo模式（pathinfo为php功能，nginx并不支持）
               rewrite ^/(.*)$ /index.php?s=$1 last;
               break;
           }
        }

#上面的正则能解决不带xx.php的，这条正则是为了rewrite url中带index.php/admin/admin/login这种，思路是一样的，将index.php后的字符串当成参>数
location ~ /.*\.php/ {
           rewrite ^(.*?/?)(.*\.php)(.*)$ /$2?s=$3 last;
           break;
        }

更改内容2，第65行左右

        #location ~ \.php$ {

        #    root           html;

        #    fastcgi_pass   127.0.0.1:9000;

        #    fastcgi_index  index.php;

        #    fastcgi_param  SCRIPT_FILENAME  /scripts$fastcgi_script_name;

        #    include        fastcgi_params;

        #}

更改为：

location ~ \.php$ {

            root           /www/wwwroot/;

            fastcgi_pass   127.0.0.1:9000;

            fastcgi_index  index.php;

            fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;

            include        fastcgi_params;

        }

按ESC键退了插入模式，并保存退出

:wq

4、修改php配置文件

1）修改php5-fpm属组与监听端口，在 PHP 5.4 之后，php5-fpm并不是监听 9000 端口

sudo vi /etc/php/5.6/fpm/pool.d/www.conf

php5-fpm属组：

;user = www-data

;group = www-data

改为

user = www

group = www

更改监听端口：

;listen = /var/run/php5.6-fpm.sock

改为

listen = 127.0.0.1:9000

2）配置php-fpm

sudo  vi  /etc/php/5.6/fpm/php.ini

768行，将

;cgi.fix_pathinfo=1

改为(还要去掉分号)

cgi.fix_pathinfo=0

保存退出

5、安装mysql数据库

1）安装 mysql-client-core-5.6

sudo apt-get install mysql-client-core-5.6

2）安装 mysql-client-5.6

sudo apt-get install mysql-client-5.6

3）安装 mysql-server-5.6

sudo apt-get install mysql-server-5.6

安装过程中要设置root用户的密码

 4）mysql相关操作

查看mysql进程是否运行

ps -ef | grep mysql

查看msyql 监听端口

netstat -tap | grep mysql

msyql服务停止

sudo service mysql stop

Mysql 服务启动

sudo service mysql start

Mysql 服务重启

sudo service mysql restart

5）设置Mysql 服务远程访问

sudo vi /etc/mysql/my.cnf

47行改为

#bind-address           = 127.0.0.1

重启msyql

sudo service mysql restart

修改访问权限

进入mysql,输入如下命令，输入密码，进入mysql命令行

mysql -u root -p

授权root用户访问权限，并刷新权限，此处的root可用其它MySQL用户替换，pwd部分需替换为该用户对应的密码

grant all privileges on *.* to root@"%" identified by "pwd" with grant option;


flush privileges;

exit;

重启mysql服务

sudo service mysql restart

6、数据库中存储中文时出现乱码

1）进入mysql命令行，查看mysql 服务端编码

status

发现是latin1的编码方式非utf8，需要修改为 utf8编码方式

2）退出mysql命令行并修改配置文件

sudo vi /etc/mysql/my.cnf

在[client]下追加

default-character-set = utf8 

在[mysqld]下追加

character-set-server = utf8

修改后如下

[mysqld]

#

# * Basic Settings

#

user            = mysql

pid-file        = /var/run/mysqld/mysqld.pid

socket          = /var/run/mysqld/mysqld.sock

port            = 3306

basedir         = /usr

datadir         = /var/lib/mysql

tmpdir          = /tmp

lc-messages-dir = /usr/share/mysql

character-set-server = utf8

skip-external-locking

在[mysql]下追加

default-character-set = utf8

保存退出，重启mysql服务器

sudo service mysql restart

再次查看mysql服务端的编码方式

进入mysql的命令行再次输入：

status

 确认latin1等的编码已改为utf8

 7、安装phpmyadmin

1）安装mysqli扩展

sudo  apt-get  install php5.6-mysql

将phpmyadmin安装下载，并解压到/usr/local/phpmyadmin/目录

2）在解压文件中复制config.sample.inc.php为config.inc.php，按服务器中mysql的情形进行配置；

3）创建存放log的文件，路径

sudo touch /var/log/phpmyadmin-nginx.log

4）在nginx的安装目录/usr/local/nginx/conf目录下，创建nginx集成phpmyadmin的配置文件phpmyadmin.conf：

server {
    listen 888;
    server_name  localhost;
    access_log   /var/log/phpmyadmin-nginx.log; 
    set          $php_upstream ''127.0.0.1:9000'';

    location / {
        root     /usr/local/phpmyadmin;
        index    index.php;
    }

    location ~ \.php$ {
        root           /usr/local/phpmyadmin;
        fastcgi_pass   $php_upstream;
        fastcgi_index  index.php;
        fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
        include        fastcgi_params;
    }

    location ~ /\.ht {
        deny  all;
    }
}

5）在nginx的配置文件/usr/local/nginx/conf/nginx.conf中包含phpmyadmin的配置文件:

include /usr/local/nginx/conf/phpmyadmin.conf;

6）重启nginx即可

7）访问http://127.0.0.1:888

12.13 Nginx 防盗链 12.14 Nginx 访问控制 12.15 Nginx 解析 php 相关配置 12.16 Nginx 代理

12.13 Nginx 防盗链

因为该配置也使用 location 板块，所以本节可结合日志管理（不记录和过期时间）一起配置：

[root@cham002 ~]# vim /usr/local/nginx/conf/vhost/test.com.conf 

location ~* ^.+\.(gif|jpg|png|swf|flv|rar|zip|doc|pdf|gz|bz2|jpeg|bmp|xls)$
{
    expires 7d;
    valid_referers none blocked server_names  *.test.com ;
#定义referer白名单
    if ($invalid_referer) {
        return 403;
#if函数的意思是：如果不是白名单内的域名，返回值：403
    }
    access_log off;
}

说明： “location ~* ^.+” 在此 0“ * ” 的作用是后面匹配的内容不区分大小写。

检测及测试

[root@cham002 ~]# /usr/local/nginx/sbin/nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
[root@cham002 ~]# /usr/local/nginx/sbin/nginx -s reload
[root@cham002 ~]# ls /data/wwwroot/test.com/
1.gif  2.js  admin  index.html
[root@cham002 ~]# curl -e "http://www.baidu.com/1.txt" -x127.0.0.1:80 -I test.com/1.gif
HTTP/1.1 403 Forbidden
Server: nginx/1.12.1
Date: Wed, 03 Jan 2018 13:54:39 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive

[root@cham002 ~]# curl -e "http://www.test.com/1.txt" -x127.0.0.1:80 -I test.com/1.gif
HTTP/1.1 200 OK
Server: nginx/1.12.1
Date: Wed, 03 Jan 2018 13:55:14 GMT
Content-Type: image/gif
Content-Length: 32
Last-Modified: Wed, 03 Jan 2018 13:34:18 GMT
Connection: keep-alive
ETag: "5a4cdbda-20"
Expires: Wed, 10 Jan 2018 13:55:14 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes

即，使用非白名单内的 referer 进行访问，被拒绝！！！

12.14 Nginx 访问控制

需求：访问 /admin/ 目录的请求，只允许几个指定 IP 通过，配置如下：

[root@cham002 ~]# vim /usr/local/nginx/conf/vhost/test.com.conf 
server
{
    listen 80;
    server_name test.com test2.com test3.com;
    index index.html index.htm index.php;
    root /data/wwwroot/test.com;
    if ($host != ''test.com'' ) {
        rewrite  ^/(.*)$  http://test.com/$1  permanent;
    }
   # location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
   # {
   #       expires      7d;
   #       access_log off;
   # }
location ~* ^.+\.(gif|jpg|png|swf|flv|rar|zip|doc|pdf|gz|bz2|jpeg|bmp|xls)$
{
    expires 7d;
    valid_referers none blocked server_names  *.test.com ;
    if ($invalid_referer) {
        return 403;
    }
    access_log off;
}


    location ~ .*\.(js|css)$
    {
          expires      12h;
          access_log off;
    }
    location /admin/
    {
       allow 127.0.0.1;
       allow 192.168.230.135;
       deny all;
#设置IP白名单
    }

    access_log /tmp/test.com.log cham;
}


[root@cham002 ~]# /usr/local/nginx/sbin/nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful

[root@cham002 ~]# /usr/local/nginx/sbin/nginx -s reload

测试 (针对目录的)

[root@cham002 ~]# curl -e "http://www.baidu.com/1.txt" -x127.0.0.1:80 -I test.com/admin/
HTTP/1.1 200 OK
Server: nginx/1.12.1
Date: Thu, 04 Jan 2018 07:59:16 GMT
Content-Type: text/html
Content-Length: 20
Last-Modified: Wed, 03 Jan 2018 08:50:53 GMT
Connection: keep-alive
ETag: "5a4c996d-14"
Accept-Ranges: bytes

[root@cham002 ~]# curl -x192.168.230.150:80 -I test.com/admin/
HTTP/1.1 200 OK
Server: nginx/1.12.1
Date: Thu, 04 Jan 2018 08:01:00 GMT
Content-Type: text/html
Content-Length: 20
Last-Modified: Wed, 03 Jan 2018 08:50:53 GMT
Connection: keep-alive
ETag: "5a4c996d-14"
Accept-Ranges: bytes

[root@cham002 ~]# curl -x192.168.230.135:80 -I test.com/admin/
HTTP/1.1 200 OK
Server: nginx/1.12.1
Date: Thu, 04 Jan 2018 08:01:14 GMT
Content-Type: text/html
Content-Length: 20
Last-Modified: Wed, 03 Jan 2018 08:50:53 GMT
Connection: keep-alive
ETag: "5a4c996d-14"
Accept-Ranges: bytes

[root@cham002 ~]# cat /tmp/test.com.log
127.0.0.1 - [03/Jan/2018:21:35:36 +0800] test.com "/index.html" 200 "-" "curl/7.29.0"
127.0.0.1 - [04/Jan/2018:15:59:16 +0800] test.com "/admin/" 200 "http://www.baidu.com/1.txt" "curl/7.29.0"
192.168.230.135 - [04/Jan/2018:16:01:00 +0800] test.com "/admin/" 200 "-" "curl/7.29.0"
192.168.230.135 - [04/Jan/2018:16:01:14 +0800] test.com "/admin/" 200 "-" "curl/7.29.0"
[root@cham002 ~]# curl -x192.168.230.150:80 -I test.com/admin/
HTTP/1.1 200 OK
Server: nginx/1.12.1
Date: Thu, 04 Jan 2018 08:01:37 GMT
Content-Type: text/html
Content-Length: 20
Last-Modified: Wed, 03 Jan 2018 08:50:53 GMT
Connection: keep-alive
ETag: "5a4c996d-14"
Accept-Ranges: bytes

[root@cham002 ~]# cat /tmp/test.com.log
127.0.0.1 - [03/Jan/2018:21:35:36 +0800] test.com "/index.html" 200 "-" "curl/7.29.0"
127.0.0.1 - [04/Jan/2018:15:59:16 +0800] test.com "/admin/" 200 "http://www.baidu.com/1.txt" "curl/7.29.0"
192.168.230.135 - [04/Jan/2018:16:01:00 +0800] test.com "/admin/" 200 "-" "curl/7.29.0"
192.168.230.135 - [04/Jan/2018:16:01:14 +0800] test.com "/admin/" 200 "-" "curl/7.29.0"
192.168.230.135 - [04/Jan/2018:16:01:37 +0800] test.com "/admin/" 200 "-" "curl/7.29.0"

[root@cham002 ~]# ifconfig
ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.230.135  netmask 255.255.255.0  broadcast 192.168.230.255
        inet6 fe80::6f15:52d3:ebeb:e193  prefixlen 64  scopeid 0x20<link>
        ether 00:0c:29:b6:9f:e3  txqueuelen 1000  (Ethernet)
        RX packets 96831  bytes 41894507 (39.9 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 60974  bytes 20136998 (19.2 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

ens33:0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.230.150  netmask 255.255.255.0  broadcast 192.168.230.255
        ether 00:0c:29:b6:9f:e3  txqueuelen 1000  (Ethernet)

ens37: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.100.1  netmask 255.255.255.0  broadcast 192.168.100.255
        inet6 fe80::1801:cbbb:ebcc:89a3  prefixlen 64  scopeid 0x20<link>
        ether 00:0c:29:b6:9f:ed  txqueuelen 1000  (Ethernet)
        RX packets 3  bytes 746 (746.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 81  bytes 6462 (6.3 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 1  (Local Loopback)
        RX packets 1363  bytes 1359483 (1.2 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 1363  bytes 1359483 (1.2 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

[root@cham002 ~]# curl -x192.168.100.1:80 test.com/admin/
<html>
<head><title>403 Forbidden</title></head>
<body bgcolor="white">
<center><h1>403 Forbidden</h1></center>
<hr><center>nginx/1.12.1</center>
</body>
</html>

[root@cham002 ~]# cat /tmp/test.com.log
127.0.0.1 - [03/Jan/2018:21:35:36 +0800] test.com "/index.html" 200 "-" "curl/7.29.0"
127.0.0.1 - [04/Jan/2018:15:59:16 +0800] test.com "/admin/" 200 "http://www.baidu.com/1.txt" "curl/7.29.0"
192.168.230.135 - [04/Jan/2018:16:01:00 +0800] test.com "/admin/" 200 "-" "curl/7.29.0"
192.168.230.135 - [04/Jan/2018:16:01:14 +0800] test.com "/admin/" 200 "-" "curl/7.29.0"
192.168.230.135 - [04/Jan/2018:16:01:37 +0800] test.com "/admin/" 200 "-" "curl/7.29.0"
192.168.100.1 - [04/Jan/2018:16:05:14 +0800] test.com "/admin/" 403 "-" "curl/7.29.0

访问控制（针对正则匹配）

[root@cham002 ~]# vim /usr/local/nginx/conf/vhost/test.com.conf 
server
{
    listen 80;
    server_name test.com test2.com test3.com;
    index index.html index.htm index.php;
    root /data/wwwroot/test.com;
    if ($host != ''test.com'' ) {
        rewrite  ^/(.*)$  http://test.com/$1  permanent;
    }
   # location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
   # {
   #       expires      7d;
   #       access_log off;
   # }
location ~* ^.+\.(gif|jpg|png|swf|flv|rar|zip|doc|pdf|gz|bz2|jpeg|bmp|xls)$
{
    expires 7d;
    valid_referers none blocked server_names  *.test.com ;
    if ($invalid_referer) {
        return 403;
    }
    access_log off;
}


    location ~ .*\.(js|css)$
    {
          expires      12h;
          access_log off;
    }
    location /admin/
    {
       allow 127.0.0.1;
       allow 192.168.230.135;
       deny all;
    }

    location ~ .*(upload|image)/.*\.php$
    {
        deny all;
    }


    access_log /tmp/test.com.log cham;
}

[root@cham002 ~]# /usr/local/nginx/sbin/nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
[root@cham002 ~]# /usr/local/nginx/sbin/nginx -s reload
[root@cham002 ~]# mkdir /data/wwwroot/test.com/upload
[root@cham002 ~]# echo "11111" > /data/wwwroot/test.com/upload/1.php

测试

[root@cham002 ~]# curl -x127.0.0.1:80 test.com/upload/1.php
<html>
<head><title>403 Forbidden</title></head>
<body bgcolor="white">
<center><h1>403 Forbidden</h1></center>
<hr><center>nginx/1.12.1</center>
</body>
</html>


[root@cham002 ~]# curl -x127.0.0.1:80 test.com/upload/1.txt
11111
看日志
[root@cham002 ~]# cat /tmp/test.com.log
127.0.0.1 - [03/Jan/2018:21:35:36 +0800] test.com "/index.html" 200 "-" "curl/7.29.0"
127.0.0.1 - [04/Jan/2018:15:59:16 +0800] test.com "/admin/" 200 "http://www.baidu.com/1.txt" "curl/7.29.0"
192.168.230.135 - [04/Jan/2018:16:01:00 +0800] test.com "/admin/" 200 "-" "curl/7.29.0"
192.168.230.135 - [04/Jan/2018:16:01:14 +0800] test.com "/admin/" 200 "-" "curl/7.29.0"
192.168.230.135 - [04/Jan/2018:16:01:37 +0800] test.com "/admin/" 200 "-" "curl/7.29.0"
192.168.100.1 - [04/Jan/2018:16:05:14 +0800] test.com "/admin/" 403 "-" "curl/7.29.0"
127.0.0.1 - [04/Jan/2018:16:15:46 +0800] test.com "/upload/1.php" 403 "-" "curl/7.29.0"
127.0.0.1 - [04/Jan/2018:16:16:46 +0800] test.com "/upload/1.txt" 200 "-" "curl/7.29.0"

针对 user_agent 限制

server
{
    listen 80;
    server_name test.com test2.com test3.com;
    index index.html index.htm index.php;
    root /data/wwwroot/test.com;
    if ($host != ''test.com'' ) {
        rewrite  ^/(.*)$  http://test.com/$1  permanent;
    }
   # location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
   # {
   #       expires      7d;
   #       access_log off;
   # }
location ~* ^.+\.(gif|jpg|png|swf|flv|rar|zip|doc|pdf|gz|bz2|jpeg|bmp|xls)$
{
    expires 7d;
    valid_referers none blocked server_names  *.test.com ;
    if ($invalid_referer) {
        return 403;
    }
    access_log off;
}


    location ~ .*\.(js|css)$
    {
          expires      12h;
          access_log off;
    }
    location /admin/
    {
       allow 127.0.0.1;
       allow 192.168.230.135;
       deny all;
    }

    location ~ .*(upload|image)/.*\.php$
    {
        deny all;
    }
    
    if ($http_user_agent ~ ''Spider/3.0|YoudaoBot|Tomato'')
    {
      return 403;
    }



    access_log /tmp/test.com.log cham;
}
[root@cham002 ~]# /usr/local/nginx/sbin/nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
[root@cham002 ~]# /usr/local/nginx/sbin/nginx -s reload
[root@cham002 ~]# curl -x127.0.0.1:80 test.com/upload/1.txt -I
HTTP/1.1 200 OK
Server: nginx/1.12.1
Date: Thu, 04 Jan 2018 08:22:45 GMT
Content-Type: text/plain
Content-Length: 6
Last-Modified: Thu, 04 Jan 2018 08:16:39 GMT
Connection: keep-alive
ETag: "5a4de2e7-6"
Accept-Ranges: bytes

[root@cham002 ~]# curl -A "Tomatodsfsdf" -x127.0.0.1:80 test.com/upload/1.txt -I
HTTP/1.1 403 Forbidden
Server: nginx/1.12.1
Date: Thu, 04 Jan 2018 08:23:37 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive

说明: deny all 和 return 403 效果一样

12.15 Nginx 解析 PHP 相关配置

核心配置：
[root@cham002 ~]# vim /usr/local/nginx/conf/vhost/test.com.conf 

 location ~ \.php$
    {
        include fastcgi_params;
        #fastcgi_pass unix:/tmp/php-fcgi.sock;
        fastcgi_pass 127.0.0.1:9000;
##fastcgi_pass两种监听格式，但是要保证Nginx和php-fpm中格式一致
        fastcgi_index index.php;
        fastcgi_param SCRIPT_FILENAME /data/wwwroot/test.com$fastcgi_script_name;
    }

[root@cham002 ~]# cat /usr/local/php-fpm/etc/php-fpm.conf
[global]
pid = /usr/local/php-fpm/var/run/php-fpm.pid
error_log = /usr/local/php-fpm/var/log/php-fpm.log
[www]
#listen = /tmp/php-fcgi.sock
listen = 127.0.0.1:9000
listen.mode = 666
user = php-fpm
group = php-fpm
pm = dynamic
pm.max_children = 50
pm.start_servers = 20
pm.min_spare_servers = 5
pm.max_spare_servers = 35
pm.max_requests = 500
rlimit_files = 1024

[root@cham002 ~]# /usr/local/nginx/sbin/nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
[root@cham002 ~]# /usr/local/nginx/sbin/nginx -s reload
[root@cham002 ~]# /etc/init.d/php-fpm reload
Reload service php-fpm  done

[root@cham002 ~]# curl -x 127.0.0.1:80 test.com/3.php -I
HTTP/1.1 200 OK
Server: nginx/1.12.1
Date: Thu, 04 Jan 2018 10:44:25 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.6.30

注： 在此注意两点，fastcgi_pass 有两种格式，但是无论使用哪种格式都有保证 Nginx 和 php-fpm 中格式一致，否则会报错 502；fastcgi _param SCRIPT _FILENAME 所在行的路径要和 root 路径一致！

12.16 Nginx 代理

Nginx 代理是一种反向代理。反向代理（Reverse Proxy）方式是指以代理服务器来接受 Internet 上的连接请求，然后将请求转发给内部网络上的服务器；并将从服务器上得到的结果返回给 Internet 上请求连接的客户端，此时代理服务器对外就表现为一个服务器。

工作原理

Nginx 代理是在一台代理服务器中自定义一个域名，该域名指向一个 IP，然后将用户的请求通过这台代理服务器访问指定的 IP 所对应的 web 服务器。

graph LR
用户-->代理服务器
代理服务器-->用户
代理服务器-->web服务器
web服务器-->代理服务器

[root@cham002 ~]# cd /usr/local/nginx/conf/vhost
[root@cham002 vhost]# vim proxy.conf 

server
{
    listen 80;
    server_name ask.apelearn.com;
 #定义域名（一般和被代理ip的域名保持一致）

    location /
    {
        proxy_pass      http://121.201.9.155/;
#指定被代理（被访问）的IP（web服务器IP）
        proxy_set_header Host   $host;
#$host指的是代理服务器的servername（也是被代理IP的域名）
        proxy_set_header X-Real-IP      $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    }
}

说明： 因为该虚拟主机只用作代理服务器，不需要访问本地文件，所以不需要设置根目录。

没有设置代理前
[root@cham002 vhost]# curl -x127.0.0.1:80 ask.apelearn.com/robots.txt
<html>
<head><title>404 Not Found</title></head>
<body bgcolor="white">
<center><h1>404 Not Found</h1></center>
<hr><center>nginx/1.12.1</center>
</body>
</html>
[root@cham002 vhost]# 

[root@cham002 vhost]# /usr/local/nginx/sbin/nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful

[root@cham002 vhost]# /usr/local/nginx/sbin/nginx -s reload
设置代理后
[root@cham002 vhost]# curl -x127.0.0.1:80 ask.apelearn.com/robots.txt
#
# robots.txt for MiWen
#

User-agent: *

Disallow: /?/admin/
Disallow: /?/people/
Disallow: /?/question/
Disallow: /account/
Disallow: /app/
Disallow: /cache/
Disallow: /install/
Disallow: /models/
Disallow: /crond/run/
Disallow: /search/
Disallow: /static/
Disallow: /setting/
Disallow: /system/
Disallow: /tmp/
Disallow: /themes/
Disallow: /uploads/
Disallow: /url-*
Disallow: /views/
Disallow: /*/ajax/[root@cham002 vhost]# 

6 月 11 日任务 Nginx 防盗链、Nginx 访问控制、Nginx 解析 php 相关配置、Nginx 代理

12.13 Nginx 防盗链

修改配置文件

location ~* ^.+\.(gif|jpg|png|swf|flv|rar|zip|doc|pdf|gz|bz2|jpeg|bmp|xls)$
{
expires 7d;
valid_referers none blocked server_names  *.abc.com ;
if ($invalid_referer) {
return 403;
}
access_log off;
}

测试: 

curl -e "http://www.abc.com/" -x127.0.0.1:80 -I abc.com/1.jpg

12.14 Nginx 访问控制

修改配置文件  

#按目录匹配

location /
{
allow 127.0.0.1;
deny all;
}

#可以匹配正则

location ~ .*(upload|image)/.*\.php$     

{

        deny all;

}

#根据 user_agent 限制

if ($http_user_agent ~* ''Spider/3.0|YoudaoBot|Tomato'')   // 匹配符号后面 +* 忽略大小写

{

      return 403;

}

 deny all 和 return 403 效果一样

12.15 Nginx 解析 php 相关配置

location ~ \.php$
{
fastcgi_pass 127.0.0.1:9000;
    fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include     fastcgi_params;

fastcgi_pass 配置对应的参数  是 sock  还是 ip  否则 502 错误

listen.mode = 666     监听 sock 不定义 mode sock 文件权限 440  

12.16 Nginx 代理

1. 新建配置文件  proxy.conf

server
{
    listen 80;
    server_name 111.com;      // 本机域名
    location /
    {
        proxy_pass      http://106.39.167.118:80/;     // 目标服务器
        proxy_set_header Host   $host;
        proxy_set_header X-Real-IP      $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    }
}

install nginx on ubuntu install ubuntu usb install ubuntu 14.04 ubuntu install jd

Linux Nginx安装以及可能出现错误 linux nginx php mysql linux nginx 301跳转 1 nginx 安

关于Ubuntu 14.04 + nginx + php + mysql + phpmyadmin环境搭建，详细操作和ubuntu搭建nginx服务器教程的介绍现已完结，谢谢您的耐心阅读，如果想了解更多关于12.13 Nginx 防盗链 12.14 Nginx 访问控制 12.15 Nginx 解析 php 相关配置 12.16 Nginx 代理、6 月 11 日任务 Nginx 防盗链、Nginx 访问控制、Nginx 解析 php 相关配置、Nginx 代理、install nginx on ubuntu install ubuntu usb install ubuntu 14.04 ubuntu install jd、Linux Nginx安装以及可能出现错误 linux nginx php mysql linux nginx 301跳转 1 nginx 安的相关知识，请在本站寻找。