当前位置：首页 > news >正文

php 手机网站模板产品开发岗位职责

news 2025/11/15 10:12:03

php 手机网站模板,产品开发岗位职责,软件工程大学排名,企业宣传画册制作报价2019独角兽企业重金招聘Python工程师标准 12.13 Nginx防盗链 12.14 Nginx访问控制 12.15 Nginx解析php相关配置 12.16 Nginx代理扩展 502问题汇总 http://ask.apelearn.com/question/9109location优先级 http://blog.lishiming.net/?p10012.13 Nginx防盗链用来… 2019独角兽企业重金招聘Python工程师标准 12.13 Nginx防盗链 12.14 Nginx访问控制 12.15 Nginx解析php相关配置 12.16 Nginx代理扩展 502问题汇总 http://ask.apelearn.com/question/9109location优先级 http://blog.lishiming.net/?p10012.13 Nginx防盗链用来禁止来自非本网站的资源访问请求可以保护服务器不为别的网站请求做响应 [rootaxiang-02 ~]# cd /usr/local/nginx/ [rootaxiang-02 nginx]# vim conf/vhost/ccc.conf location ~* ^.\.(gif|jpg|png|swf|flv|rar|zip|doc|pdf|gz|bz2|jpeg|bmp|xls)$ 匹配 ~*表示不区分大小写^.表示任意字符 {expires 7d;valid_referers none blocked server_names *.ccc.om ; //定义白名单不匹配403if ($invalid_referer) {return 403; }access_log off; }也可以和之前的配置结合起来多次定义有优先级的问题要注意参考扩展测试 [rootaxiang-02 vhost]# curl -x127.0.0.1:80 ccc.com/1.gif asfoawnfnasxojfan [rootaxiang-02 vhost]# curl -e http://www.baidu.com/1.txt -x127.0.0.1:80 ccc.com/1.gif #-e表示指定指定refer 必须是“http://~~格式”headtitle403 Forbidden/title/head 403表示防盗链成功 12.14 Nginx访问控制如果发现有来自某个固定IP其访问请求不太像人类行为可以通过访问控制拒绝为之服务访问控制还可以创建只允许内网IP访问的网站资源需求访问/admin/目录的请求只允许某几个IP访问配置如下目录访问控制 location /kongzhi/{allow 127.0.0.1;deny all;}mkdir kongzhi vim kongzhi/1.php echo “test,test”/data/wwwroot/ccc.com/kongzhi/2.html -t -s reload curl -x127.0.0.1:80 ccc.com/kongzhi/2.html -I curl -x192.168.83.138:80 ccc.com/kongzhi/2.html -I HTTP/1.1 403 Forbidden [rootaxiang-02 nginx]# curl -x127.0.0.1 ccc.com/kongzhi/2.html -I curl: (7) Failed connect to 127.0.0.1:1080; 拒绝连接 //没有指定端口也不行 [rootaxiang-02 nginx]# curl -x127.0.0.1:80 ccc.com/kongzhi/2.html -I HTTP/1.1 200 OK 页面访问控制可以匹配正则限制含有某些字符的目录下的php文件。根据user_agent限制server {listen 80;server_name aaa.com;index index.html index.htm index.php; root /data/wwwroot/aaa.com;location ~ .*(upload|image)/.*\.php$ / //表示匹配包含upload或image字符的目录下的php{deny all;}if ($http_user_agent ~ Spider/3.0|YoudaoBot|Tomato) //表示匹配agent为Spider/3.0|YoudaoBot|Tomato的拒绝访问{return 403;} }deny all和return 403效果一样匹配符号~ *可以不区分大小写12.15 Nginx解析php相关配置之前的主配置文件中删除service的部分含有php解析的代码。改为include后需要重新添加到各个虚拟主机 [rootaxiang-02 php-fpm]# cd /usr/local/nginx/conf/vhost/ [rootaxiang-02 vhost]# ls aaa.conf bbb.conf ccc.conf ld.conf proxy.conf ssl.conf [rootaxiang-02 vhost]# vi aaa.conf [rootaxiang-02 vhost]# cat aaa.conf server { listen 80; server_name aaa.com; index index.html index.htm index.php; root /data/wwwroot/aaa.com;location ~ .*(upload|image)/.*\.php$ {allow 127.0.0.1; allow 192.168.83.1; deny all; } if ($http_user_agent ~* Spider/3.0|YoudaoBot|Tomato) {return 403; } location ~ \.php$ //php解析核心配置 { include fastcgi_params; fastcgi_pass unix:/tmp/php-fcgi.sock; //这里要指定正确 #fastcgi_pass 127.0.0.1:9000; //也可以监听ip端口。不用来与外网交互只在本机监听进程fastcgi_index index.php;fastcgi_param SCRIPT_FILENAME /data/wwwroot/aaa.com$fastcgi_script_name; } }测试 [rootaxiang-02 vhost]# /usr/local/nginx/sbin/nginx -s reload [rootaxiang-02 vhost]# curl -x127.0.0.1:80 aaa.com/aaa/aaa.php this is aaa.com [rootaxiang-02 vhost]# curl -x127.0.0.1:80 aaa.com/reupload/aaa.php ?php echo this is aaa.com; ? //做了访问控制的目录即使通过访问请求也仍然不能解析php sock监听错误 [rootaxiang-02 vhost]# vim aaa.conf fcgi故意写错为cgi再测试 [rootaxiang-02 vhost]# /usr/local/nginx/sbin/nginx -s reload [rootaxiang-02 vhost]# curl -x127.0.0.1:80 aaa.com/aaa/aaa.phpheadtitle502 Bad Gateway/title/head 出现502坏访问网关查看错误日志主配置文件里有定义位置注意是nginx_error.log 把级别改为debug更详细 [rootaxiang-02 vhost]# vi /usr/local/nginx/conf/nginx.conf [rootaxiang-02 vhost]# tail /usr/local/nginx/logs/nginx_error.log 2017/08/09 17:40:37 [crit] 2966#0: *31 connect() to unix:/tmp/php-cgi.sock failed (2: No such file or directory) while connecting to upstream, client: 127.0.0.1, server: aaa.com, request: GET HTTP://aaa.com/aaa/aaa.php HTTP/1.1, upstream: fastcgi://unix:/tmp/php-cgi.sock:, host: aaa.com看到提示php-cgi.sock不存在说明nginx与php-fpm需要指向正确的 sock文件进行交互 [rootaxiang-02 vhost]# ls /usr/local/php-fpm/etc/php-fpm.d/ axiang.conf www.conf [rootaxiang-02 vhost]# cat !$www.conf cat /usr/local/php-fpm/etc/php-fpm.d/www.conf[www] listen /tmp/php-fcgi.sock #listen 127.0.0.1:9000 listen.mode 666IP端口监听改为监听IP和端口 [rootaxiang-02 vhost]# vim /usr/local/php-fpm/etc/php-fpm.d/www.conf[www] #listen /tmp/php-fcgi.sock listen 127.0.0.1:9000 listen.mode 666[rootaxiang-02 vhost]# /usr/local/php-fpm/sbin/php-fpm -t [rootaxiang-02 vhost]# /etc/init.d/php-fpm reload [rootaxiang-02 vhost]# netstat -lntp //查看9000端口tcp0 0 127.0.0.1:9000 0.0.0.0:* LISTEN 3018/php-fpm: maste [rootaxiang-02 vhost]# vi aaa.conflocation ~ \.php$ {include fastcgi_params;#fastcgi_pass unix:/tmp/php-fcgi.sock; #虚拟主机配置文件中定义监听方式sock和ip:port两种fastcgi_pass 127.0.0.1:9000;fastcgi_index index.php;fastcgi_param SCRIPT_FILENAME /data/wwwroot/aaa.com$fastcgi_script_name; }[rootaxiang-02 vhost]# /usr/local/nginx/sbin/nginx -s reload [rootaxiang-02 vhost]# curl -x127.0.0.1:80 aaa.com/aaa/aaa.php this is aaa.com注意解析的根目录参数 /data/wwwroot/aaa.com$fastcgi_script_name;注意nginx对接php-fpm监听方式 vim /usr/local/php-fpm/etc/php-fpm.d/www.conf如果有优先级更高的php匹配则location ~ \.php$中的参数不生效比如 location ~ .*(upload|image)/.*\.php$优先级大于 location ~ \.php$所以curl -x127.0.0.1:80 aaa.com/reupload/aaa.php出现php不解析?php echo this is aaa.com; ?12.16 Nginx代理当两边的服务器不能直接访问或者访问速度很慢可以通过优秀的代理服务器作为中间的访问跳板 [rootaxiang-02 vhost]# vim proxy.conf //创建虚拟代理服务器加入如下内容server {listen 80;server_name ask.apelearn.com;location /{proxy_pass http://121.201.9.155/; //前提是你得知道合适的代理服务器proxy_set_header Host $host;proxy_set_header X-Real-IP $remote_addr;proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;} }[rootaxiang-02 vhost]# /usr/local/nginx/sbin/nginx -t [rootaxiang-02 ~]# /usr/local/nginx/sbin/nginx -s reload [rootaxiang-02 ~]# curl -x127.0.0.1:80 ask.apelearn.com/robots.txt # # robots.txt for MiWen #User-agent: *Disallow: /?/admin/ Disallow: /?/people/ Disallow: /?/question/ Disallow: /account/ Disallow: /app/ Disallow: /cache/ Disallow: /install/ Disallow: /models/ ... 转载于:https://my.oschina.net/u/3579690/blog/1558953

查看全文

http://www.zqtcl.cn/news/718643/