nginx配置只能域名访问，禁止ip访问

摘要: 这样配置之后被反向代理的tomcat也需要配置一下不能被ip访问

直接上配置

nginx.conf

# For more information on configuration, see:
#   * Official English Documentation: http://nginx.org/en/docs/ #   * Official Russian Documentation: http://nginx.org/ru/docs/ 
user              root;
worker_processes  1;

error_log  /opt/nginx/logs/error.log;
#error_log  /var/log/nginx/error.log  notice;
#error_log  /var/log/nginx/error.log  info;

pid        /var/run/nginx.pid;

events {
worker_connections  1024;
}

http {
include       /etc/nginx/mime.types;
default_type  application/octet-stream;

log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';

access_log  /opt/nginx/logs/access.log  main;

sendfile        on;
#tcp_nopush     on;

#keepalive_timeout  0;
keepalive_timeout  65;

gzip         on;
gzip_min_length  1000;
gzip_buffers  4 8k;
gzip_http_version  1.1;
gzip_types  text/text text/plain text/xml text/css application/x-javascript application/javascript;
gzip_disable "MSIE [1-6]\.(?!.*SV1)";
#仅可通过域名访问，(具体的域名配置在default.conf的server中)不能通过ip访问
server {
listen 80 default;
server_name _;
return 404;
}
# Load config files from the /etc/nginx/conf.d directory
# The default server is in conf.d/default.conf
include /etc/nginx/conf.d/*.conf;

}

/etc/nginx/conf.d/default.conf的配置

upstream fsmap-upstream {
#反向代理到你真实的tomcat的地址和端口
server 192.168.6.135:8080;
}

server {
listen 80;
#配置可以访问的域名
server_name zrzwjj.com www.zrzwjj.com;
location / {
proxy_pass http://fsmap-upstream; }

location ~ .*\.(css|js) {
proxy_pass http://fsmap-upstream; proxy_redirect off;
proxy_set_header Host $host;
proxy_cache cache_one;
proxy_cache_valid 200 302 1h;
proxy_cache_valid 301 6h;
proxy_cache_valid any 12h;
expires 1d;
}

error_page  404              /404.html;
location = /404.html {
root   /opt/nginx/html;
}

error_page   500 502 503 504  /50x.html;
location = /50x.html {
root   /opt/nginx/html;
}

}

配置完之后需要配置被指向的tomcat的地址，配置tomcat的server.xml文件，具体配置如下

<!-- 配置具体的域名访问 -->
<Host name="www.zrzwjj.com"  appBase="webapps"
unpackWARs="true" autoDeploy="true" xmlValidation="false" xmlNamespaceAware="false">
<Context path="" docBase="/opt/war/fs-map.war" />
<!-- SingleSignOn valve, share authentication between web applications
Documentation at: /docs/config/valve.html -->
<!--
<Valve className="org.apache.catalina.authenticator.SingleSignOn" />
-->

<!-- Access log processes all example.
Documentation at: /docs/config/valve.html
Note: The pattern used is equivalent to using pattern="common" -->
<Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs"
prefix="localhost_access_log." suffix=".txt"
pattern="%h %l %u %t "%r" %s %b" />
</Host>

<!-- 当时用ip访问的时候，设置跳转到报错的网站，其网站部署路劲指向errorapps -->
<Host name="192.168.135.157"  appBase="errorapps"
unpackWARs="true" autoDeploy="true"
xmlValidation="false" xmlNamespaceAware="false"/>