Centos7.4 安装Nginx
2019-03-16 22:30
176 查看
前言
在Centos7默认仓库没有Nginx下载源,大家可通过Nginx官网下载源码包自行编译或者下载Nginx官方yum仓库进行安装。这里要示范的是通过yum源进行安装Nginx1.14.2。
官方安装指南:http://nginx.org/en/linux_packages.html
安装Nginx
下载Nginx的repo源
wget http://nginx.org/packages/centos/7/noarch/RPMS/nginx-release-centos-7-0.el7.ngx.noarch.rpm
将Nginx添加到系统的yum库
在使用nginx存储库时,默认情况下会选择nginx的最新稳定版本进行安装
rpm -ivh nginx-release-centos-7-0.el7.ngx.noarch.rpm
安装Nginx
yum -y install nginx
启动Nginx服务器
启动nginx服务
systemctl start nginx
检查其运行状态
systemctl status nginx
输出:
● nginx.service - nginx - high performance web server Loaded: loaded (/usr/lib/systemd/system/nginx.service; disabled; vendor preset: disabled) Active: active (running) since Sat 2019-03-16 21:08:16 CST; 15s ago Docs: http://nginx.org/en/docs/ Process: 2606 ExecStart=/usr/sbin/nginx -c /etc/nginx/nginx.conf (code=exited, status=0/SUCCESS) Main PID: 2607 (nginx) CGroup: /system.slice/nginx.service ├─2607 nginx: master process /usr/sbin/nginx -c /etc/nginx/nginx.conf └─2608 nginx: worker process 3月 16 21:08:16 bogon systemd[1]: Starting nginx - high performance web server... 3月 16 21:08:16 bogon systemd[1]: PID file /var/run/nginx.pid not readable (yet?) after start. 3月 16 21:08:16 bogon systemd[1]: Started nginx - high performance web server.
开机启动Nginx服务
systemctl enable nginx
如果您正在运行防火墙(firewalld),则还需要打开HTTP和HTTPS端口80和443:
firewall-cmd --permanent --zone=public --add-service=http
firewall-cmd --permanent --zone=public --add-service=https
firewall-cmd --reload
验证安装
要验证安装,在您所选择的浏览器中打开您的服务器IP地址,您将看到默认的Nginx欢迎页面,如下所示:
使用systemctl管理Nginx服务
我们可以像任何其他系统单元一样管理nginx服务。
要停止Nginx服务,请运行:
systemctl stop nginx
要再次启动,请键入:
systemctl start nginx
重新启动Nginx服务:
systemctl restart nginx
在进行一些配置更改后重新加载Nginx服务:
systemctl reload nginx
如果您想禁用Nginx服务以在启动时启动:
systemctl disable nginx
并重新启用它:
systemctl enable nginx
配置Nginx
Nginx配置文件路径位于:
/etc/nginx
nginx.conf
nginx配置文件位于:
/etc/nginx/nginx.conf
虚拟主机
关于虚拟主机项目配置文件,位于
/etc/nginx/conf.d目录,建议一个域名一个配置文件
虚拟主机配置文件规范:[域名].conf
虚拟主机配置文件范例:
server { listen 80; server_name [域名]; set $root [项目目录]; #charset koi8-r; #access_log /var/log/nginx/host.access.log main; location ~ \.php { root /; fastcgi_pass 127.0.0.1:9000; fastcgi_split_path_info ^((?U).+.php)(/?.+)$; fastcgi_param PATH_INFO $fastcgi_path_info; fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info; fastcgi_param SCRIPT_FILENAME $root$fastcgi_script_name; include fastcgi_params; } location / { root $root; index index.html index.php; if ( -f $request_filename) { break; } if ( !-e $request_filename) { rewrite ^(.*)$ /index.php/$1 last; break; } } location ~ /\.ht { deny all; } }
安全配置
隐藏HTTP请求头web服务器信息
没作任何设置前,查看web服务器请求文件头:
Connection:Keep-Alive Date:Sat, 16 Mar 2019 14:18:04 GMT ETag:"18-583bffda946f5" Keep-Alive:timeout=5, max=100 Server:nginx/1.14.2
几乎把web服务器详细信息都暴露出来了,如果哪个版本的nginx和php爆出严重漏洞,会给攻击者提供最有攻击价值的安全信息,这是非常危险的。
在nginx的
nginx.conf配置文件的
http区段插入
server_tokens off;重新载入配置文件:
user nginx; worker_processes 1; error_log /var/log/nginx/error.log warn; pid /var/run/nginx.pid; events { worker_connections 1024; } http { include /etc/nginx/mime.types; default_type application/octet-stream; log_format main '$remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; access_log /var/log/nginx/access.log main; sendfile on; #tcp_nopush on; keepalive_timeout 65; # 隐藏版本号 server_tokens off; #gzip on; include /etc/nginx/conf.d/*.conf; }
编辑php-fpm配置文件,打开
/etc/nginx/fastcgi_params文件
找到:
fastcgi_param SERVER_SOFTWARE nginx/$nginx_version;
改为:
fastcgi_param SERVER_SOFTWARE nginx;
然后重启nginx服务:
systemctl restart nginx
再次发出请求:
Connection:keep-alive Content-Length:564 Content-Type:text/html Date:Sat, 16 Mar 2019 14:23:24 GMT Server:nginx
可以看到nginx版本号于已经没有了。
相关文章推荐
- CentOS7.4 编译安装 Nginx
- centos7.4安装Nginx
- CentOS 7.4 下安装Epel源和Nginx
- ###centos 7.4 安装nginx-1.10.3###
- centos7.4搭建lnmp ###编译安装 nginx1.12 php7.2 ###
- centos 7.4 yum 安装 nginx
- Centos7.4安装Nginx1.14.0
- [macOS] macOS下,VirtualBox安装CentOS7.4, 搭建nginx, mysql, PHP5.6&PHP7.1
- RedHat7.4或CentOS7.4安装Nginx1.14.2详细教程,含安装包及依赖包
- CentOS 7.4 源码安装 nginx 1.14
- centos7.4 源码安装 nginx
- Centos 7.4 安装Nginx
- Centos7.4安装Nginx及优化(一)
- 安装JDK、Tomcat、Mysql、Nginx(CentOS 7.4)
- Centos7.4 安装java开发环境(lnmt)Linux + Nginx+ MySQL+ Tomcat
- CentOS7.4 编译安装 Nginx
- CentOS-Nginx 安装
- CentOS 7编译安装Nginx1.9.0
- centos6.8服务器配置之编译安装PHP、配置nginx
- 编译安装LNMP Centos 6.5 x64 + Nginx1.6.0 + PHP5.5.13 + Mysql5.6.19