nginx专题

rewrite通过正则表达式的使用来改变URI,可以同时存在一个或者多个指令,按照顺序依次对URL进行匹配和处理(使用break可以依次处理,其它不可以)。

rewrite语法:rewrite regex replacement [falg];regex用于匹配URI的正则表达式。使用括号“()”标记想要截取的内容。
flag由以下几个选项:last,break,redirect,permanent

说明:
rewrite接收到的URI不包含host地址。因此regex不可能匹配到URI的host地址
例如URL:  http://myweb.com/source?arg1=value1&arg2=value2
rewrite指令接收到的URI为"/source“,不包含"?arg1=value1&arg2=value2"
replace,匹配成功后用于替换URI中被截取内容的字符串。默认情况下,如果该字符串是由”http://"或者"https://"开头的,则不会继续向下对URI进行其它处理,而直接将重写后的URI返回给客户端。

rewrite模块接收到的URI不包含URL中的请求信息(queryString),如果我们希望将这些指令传给重写后的URI,需要怎么做呢?
Nginx全局变量$request_uri可以帮忙,
rewrite  myweb.com  http://example.com$request_uri? permanent;

几个名词解析:

$request_uri
This variable is equal to the *original* request URI as received from the client including the args. 
It cannot be modified. Look at $uri for the post-rewrite/altered URI. Does not include host name. 
Example: "/foo/bar.php?arg=baz"
这个变量等于从客户端发送来的原生请求URI,包括参数。它不可以进行修改。$uri变量反映的是重写后/改变的URI。不包括主机名。
例如:"/foo/bar.php?arg=baz"

$uri
This variable is the current request URI, without any arguments (see argsforthose).
This variable will reflect any modification sdonesofarbyinternalredirectsortheindexmodule.
Note this maybe different from args for those).
This variable will reflect any modificationsdones ofarbyinternalredirectsortheindexmodule.
Notethismaybedifferentfromrequest_uri, as $request_uri is what was originally sent by the browser before any such modifications. 
Does not include the protocol or host name. Example: /foo/bar.html
这个变量指当前的请求URI,不包括任何参数(见args)。这个变量反映任何内部重定向或index模块所做的修改。
注意,这和args)。这个变量反映任何内部重定向或index模块所做的修改。注意,这和request_uri不同,因$request_uri是浏览器发起的不做任何修改的原生URI。
不包括协议及主机名。例如:"/foo/bar.html"

$document_uri
The same as $uri.
同$uri.

 

处理query_string
(1)什么是query_string:
http://i.cnblogs.com/EditPosts.aspx?opt=1

上面链接中的?后面的opt=1就是query_string,即url中?后面的都是
(2)nginx中如何获取到上面的值。本例以query_string有一个key为例,多个就是多个正则引用$1,$2的区别而已
nginx中全局变量$args和$query_string中存放的数据就是请求的url中带的query_string
如何获取query_string中key对应的value呢,以上面的链接为例,就是key:opt 对应的value: 1

方法1:下面使用了permanent,因为使用last没有生效。那个大神给看看是什么原因
last没有生效的原因是:
last,终止继续在本location块中处理接收到的URI,并将此处重写的URI作为一个新的URI,使用各location块进行处理。
last标志将重写后的URI重新在server块中执行,为重写后的URI提供了转入到其它location块的机会
看到这时,是不是有的小伙伴已经发现一个bug,下面的是不是就死循环了:
location /myweb/{

  rewrite ^(/myweb/.*)/media/(.*)\..*$  myweb/$1/mp3/$2.mp3 last;

}
的确会出现死循环,
因为使用last,相当于一个新请求进来,再重新走一遍location。重写后的URI会被该location块重新匹配到
Nginx服务器遇到这种情况,会尝试10次循环之后返回错误状态代码500

rewrite中与last容易混淆的几个用来设置rewrite对URI处理行为的flag,也简单介绍一下:
break,将此处重写的URI作为一个新的URI,在本块中继续进行处理。该标志将重写后的地址在当前的location块中执行,不会将新的URI转向到其他location块
redirect,将重写后的URI返回给客户端,状态代码为302,指明是临时重定向URI,主要用在replacement变量不是以"http://"或"https://"开头的情况下
permanent,将重写后的URI返回给客户端,状态代码301,指明是永久重定向URI,

location /EditPosts.aspx {
            if ($args ~ opt=(\d+)){
	        set $opt $1;  #将截取到的opt对应的值$1赋值给变量$opt(变量必须以$开头,并且不能与nginx预设的全局变量同名)以备后用。
                rewrite  /(.*)\.aspx  /$1/$opt? permanent;   #最后的?很关键,表示正则结束,不然rewrite后的url会变成/EditPosts/1?opt=1
            }
 }

在正则表达式中可以,可以使用小括号对变量值进行截取,在花括号中使用$1...$9引用截取的值(注意,$后面的数字从1开始的哦)

方法2:

      location /EditPosts.aspx {
            if ($args ~ opt=(\d+)){
                rewrite  /(\w*)\.aspx  /$1/$arg_opt? permanent; #即$arg_query_string中key代表的字符串
            }
        }

 

log_format及nginx的部分预设全局变量的值:

    log_format  main '$remote_addr - $remote_user [$time_local]  "$uri" - "$request_uri" -"$request" -"$status"     "$http_referer" "$http_user_agent" '
	                 ' "$http_x_forwarded_for"  "$request_time" '
	                 '[$cookie_customerID_cookie_flag] [$args]'
	;	

127.0.0.1 - - [11/Jul/2016:17:11:56 +0800]  "/bbs/index.html" - "/bbs/" -"GET /bbs/ HTTP/1.1" -"200"     "-" "Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/45.0.2454.85 Safari/537.36"  "-"  "0.000" [-] [-]
127.0.0.1 - - [11/Jul/2016:17:11:57 +0800]  "/vender/AdminLTE/AdminLTE.min.css" - "/vender/AdminLTE/AdminLTE.min.css" -"GET /vender/AdminLTE/AdminLTE.min.css HTTP/1.1" -"200"     "http://localhost/bbs/" "Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/45.0.2454.85 Safari/537.36"  "-"  "0.000" [-] [-]
127.0.0.1 - - [11/Jul/2016:17:11:57 +0800]  "/vender/bootstrap_v3.3.5/css/bootstrap.min.css" - "/vender/bootstrap_v3.3.5/css/bootstrap.min.css" -"GET /vender/bootstrap_v3.3.5/css/bootstrap.min.css HTTP/1.1" -"200"     "http://localhost/bbs/" "Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/45.0.2454.85 Safari/537.36"  "-"  "0.000" [-] [-]

 

粘一个匹配过程:

        location / {
            root   D:/workspace/webapp;
            index  index.html index.htm;
        }

	location /api {
            proxy_pass   http://localhsot:9090/api;
        }

		location /topic/view {
            rewrite  /topic/view/(.*) /topic/#/$1 permanent;
        }		

		location ~ /topic/module/\d+ {
            if ($args ~ type=(\d+)){
			    #set $type $1;
                #rewrite  /topic/module/(\d+)  /hello/#/$1?cid=$type? permanent;
                rewrite  /topic/module/(\d+)  /hello/#/$1?cid=$arg_type? permanent;
            }
            rewrite  /topic/module/(\d+)  /hello/#/$1 permanent;
        }

2016/07/12 18:44:23 [debug] 3580#292: post event 0054E058

2016/07/12 18:44:23 [debug] 3580#292: delete posted event 0054E058
2016/07/12 18:44:23 [debug] 3580#292: accept on 0.0.0.0:80, ready: 0
2016/07/12 18:44:23 [debug] 3580#292: malloc: 00512E08:256
2016/07/12 18:44:23 [debug] 3580#292: *89 accept: 127.0.0.1:49491 fd:400
2016/07/12 18:44:23 [debug] 3580#292: *89 event timer add: 400: 60000:3736476011
2016/07/12 18:44:23 [debug] 3580#292: *89 reusable connection: 1
2016/07/12 18:44:23 [debug] 3580#292: *89 select add event fd:400 ev:0
2016/07/12 18:44:23 [debug] 3580#292: *89 post event 0054E0A8
2016/07/12 18:44:23 [debug] 3580#292: *89 delete posted event 0054E0A8
2016/07/12 18:44:23 [debug] 3580#292: *89 http wait request handler
2016/07/12 18:44:23 [debug] 3580#292: *89 malloc: 005211A0:1024
2016/07/12 18:44:23 [debug] 3580#292: *89 WSARecv: fd:400 rc:0 444 of 1024
2016/07/12 18:44:23 [debug] 3580#292: *89 reusable connection: 0
2016/07/12 18:44:23 [debug] 3580#292: *89 malloc: 00518010:4096
2016/07/12 18:44:23 [debug] 3580#292: *89 http process request line
2016/07/12 18:44:23 [debug] 3580#292: *89 http request line: "GET /topic/module/7?channel=3 HTTP/1.1"
2016/07/12 18:44:23 [debug] 3580#292: *89 http uri: "/topic/module/7"
2016/07/12 18:44:23 [debug] 3580#292: *89 http args: "channel=3"
2016/07/12 18:44:23 [debug] 3580#292: *89 http exten: ""
2016/07/12 18:44:23 [debug] 3580#292: *89 http process request header line
2016/07/12 18:44:23 [debug] 3580#292: *89 http header: "Host: localhost"
2016/07/12 18:44:23 [debug] 3580#292: *89 http header: "Connection: keep-alive"
2016/07/12 18:44:23 [debug] 3580#292: *89 http header: "Upgrade-Insecure-Requests: 1"
2016/07/12 18:44:23 [debug] 3580#292: *89 http header: "User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.106 Safari/537.36"
2016/07/12 18:44:23 [debug] 3580#292: *89 http header: "Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8"
2016/07/12 18:44:23 [debug] 3580#292: *89 http header: "Accept-Encoding: gzip, deflate, sdch"
2016/07/12 18:44:23 [debug] 3580#292: *89 http header: "Accept-Language: zh-CN,zh;q=0.8"
2016/07/12 18:44:23 [debug] 3580#292: *89 http header: "Cookie: JSESSIONID=608D2B53198A02DE2B977D976A6DE026"
2016/07/12 18:44:23 [debug] 3580#292: *89 http header done
2016/07/12 18:44:23 [debug] 3580#292: *89 event timer del: 400: 3736476011
2016/07/12 18:44:23 [debug] 3580#292: *89 generic phase: 0
2016/07/12 18:44:23 [debug] 3580#292: *89 rewrite phase: 1
2016/07/12 18:44:23 [debug] 3580#292: *89 test location: "/"
2016/07/12 18:44:23 [debug] 3580#292: *89 test location: "api"
2016/07/12 18:44:23 [debug] 3580#292: *89 test location: "topic/view"
2016/07/12 18:44:23 [debug] 3580#292: *89 test location: ~ "/topic/module/\d+"
2016/07/12 18:44:23 [debug] 3580#292: *89 using configuration "/topic/module/\d+"
2016/07/12 18:44:23 [debug] 3580#292: *89 http cl:-1 max:1048576
2016/07/12 18:44:23 [debug] 3580#292: *89 rewrite phase: 3
2016/07/12 18:44:23 [debug] 3580#292: *89 http script var
2016/07/12 18:44:23 [debug] 3580#292: *89 http script var: "channel=3"
2016/07/12 18:44:23 [debug] 3580#292: *89 http script regex: "channel=(\d+)"
2016/07/12 18:44:23 [notice] 3580#292: *89 "channel=(\d+)" matches "channel=3", client: 127.0.0.1, server: localhost, request: "GET /topic/module/7?channel=3 HTTP/1.1", host: "localhost"
2016/07/12 18:44:23 [debug] 3580#292: *89 http script if
2016/07/12 18:44:23 [debug] 3580#292: *89 http script regex: "/topic/module/(\d+)"
2016/07/12 18:44:23 [notice] 3580#292: *89 "/topic/module/(\d+)" matches "/topic/module/7", client: 127.0.0.1, server: localhost, request: "GET /topic/module/7?channel=3 HTTP/1.1", host: "localhost"
2016/07/12 18:44:23 [debug] 3580#292: *89 http script copy: "/bbs/#/"
2016/07/12 18:44:23 [debug] 3580#292: *89 http script capture: "7"
2016/07/12 18:44:23 [debug] 3580#292: *89 http script copy: "?cid="
2016/07/12 18:44:23 [debug] 3580#292: *89 http script var: "3"
2016/07/12 18:44:23 [debug] 3580#292: *89 http script regex end
2016/07/12 18:44:23 [notice] 3580#292: *89 rewritten redirect: "/bbs/#/7?cid=3", client: 127.0.0.1, server: localhost, request: "GET /topic/module/7?channel=3 HTTP/1.1", host: "localhost"
2016/07/12 18:44:23 [debug] 3580#292: *89 http finalize request: 301, "/topic/module/7?channel=3" a:1, c:1
2016/07/12 18:44:23 [debug] 3580#292: *89 http special response: 301, "/topic/module/7?channel=3"
2016/07/12 18:44:23 [debug] 3580#292: *89 http set discard body
2016/07/12 18:44:23 [debug] 3580#292: *89 HTTP/1.1 301 Moved Permanently
Server: nginx/1.10.1
Date: Tue, 12 Jul 2016 10:44:23 GMT
Content-Type: text/html
Content-Length: 185
Location: http://localhost/bbs/#/7?cid=3
Connection: keep-alive

2016/07/12 18:44:23 [debug] 3580#292: *89 write new buf t:1 f:0 0051896C, pos 0051896C, size: 205 file: 0, size: 0
2016/07/12 18:44:23 [debug] 3580#292: *89 http write filter: l:0 f:0 s:205
2016/07/12 18:44:23 [debug] 3580#292: *89 http output filter "/topic/module/7?channel=3"
2016/07/12 18:44:23 [debug] 3580#292: *89 http copy filter: "/topic/module/7?channel=3"
2016/07/12 18:44:23 [debug] 3580#292: *89 http postpone filter "/topic/module/7?channel=3" 00518B04
2016/07/12 18:44:23 [debug] 3580#292: *89 write old buf t:1 f:0 0051896C, pos 0051896C, size: 205 file: 0, size: 0
2016/07/12 18:44:23 [debug] 3580#292: *89 write new buf t:0 f:0 00000000, pos 00EC39D8, size: 132 file: 0, size: 0
2016/07/12 18:44:23 [debug] 3580#292: *89 write new buf t:0 f:0 00000000, pos 00EC3780, size: 53 file: 0, size: 0
2016/07/12 18:44:23 [debug] 3580#292: *89 http write filter: l:1 f:0 s:390
2016/07/12 18:44:23 [debug] 3580#292: *89 http write filter limit 0
2016/07/12 18:44:23 [debug] 3580#292: *89 WSASend: fd:400, s:390
2016/07/12 18:44:23 [debug] 3580#292: *89 http write filter 00000000
2016/07/12 18:44:23 [debug] 3580#292: *89 http copy filter: 0 "/topic/module/7?channel=3"
2016/07/12 18:44:23 [debug] 3580#292: *89 http finalize request: 0, "/topic/module/7?channel=3" a:1, c:1
2016/07/12 18:44:23 [debug] 3580#292: *89 set http keepalive handler
2016/07/12 18:44:23 [debug] 3580#292: *89 http close request
2016/07/12 18:44:23 [debug] 3580#292: *89 http log handler
2016/07/12 18:44:23 [debug] 3580#292: *89 free: 00518010, unused: 1022
2016/07/12 18:44:23 [debug] 3580#292: *89 free: 005211A0
2016/07/12 18:44:23 [debug] 3580#292: *89 hc free: 00000000 0
2016/07/12 18:44:23 [debug] 3580#292: *89 hc busy: 00000000 0
2016/07/12 18:44:23 [debug] 3580#292: *89 tcp_nodelay

上面提到的问题解决了,原因是如下:

2016/07/12 20:13:28 [debug] 4044#3764: *15 http process request line
2016/07/12 20:13:28 [debug] 4044#3764: *15 http request line: "GET /topic/module/7?channel=3 HTTP/1.1"
2016/07/12 20:13:28 [debug] 4044#3764: *15 http uri: "/topic/module/7"
2016/07/12 20:13:28 [debug] 4044#3764: *15 http args: "channel=3"
2016/07/12 20:13:28 [debug] 4044#3764: *15 http exten: ""
2016/07/12 20:13:28 [debug] 4044#3764: *15 http process request header line
2016/07/12 20:13:28 [debug] 4044#3764: *15 http header: "Host: localhost"
2016/07/12 20:13:28 [debug] 4044#3764: *15 http header: "Connection: keep-alive"
2016/07/12 20:13:28 [debug] 4044#3764: *15 http header: "Upgrade-Insecure-Requests: 1"
2016/07/12 20:13:28 [debug] 4044#3764: *15 http header: "User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.106 Safari/537.36"
2016/07/12 20:13:28 [debug] 4044#3764: *15 http header: "Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8"
2016/07/12 20:13:28 [debug] 4044#3764: *15 http header: "Accept-Encoding: gzip, deflate, sdch"
2016/07/12 20:13:28 [debug] 4044#3764: *15 http header: "Accept-Language: zh-CN,zh;q=0.8"
2016/07/12 20:13:28 [debug] 4044#3764: *15 http header done
2016/07/12 20:13:28 [debug] 4044#3764: *15 event timer del: 400: 3741821009
2016/07/12 20:13:28 [debug] 4044#3764: *15 generic phase: 0
2016/07/12 20:13:28 [debug] 4044#3764: *15 rewrite phase: 1
2016/07/12 20:13:28 [debug] 4044#3764: *15 test location: "/"
2016/07/12 20:13:28 [debug] 4044#3764: *15 test location: "api"
2016/07/12 20:13:28 [debug] 4044#3764: *15 test location: "topic/view"
2016/07/12 20:13:28 [debug] 4044#3764: *15 test location: ~ "/topic/module/\d+"
2016/07/12 20:13:28 [debug] 4044#3764: *15 using configuration "/topic/module/\d+"
2016/07/12 20:13:28 [debug] 4044#3764: *15 http cl:-1 max:1048576
2016/07/12 20:13:28 [debug] 4044#3764: *15 rewrite phase: 3
2016/07/12 20:13:28 [debug] 4044#3764: *15 http script var
2016/07/12 20:13:28 [debug] 4044#3764: *15 http script var: "channel=3"
2016/07/12 20:13:28 [debug] 4044#3764: *15 http script regex: "channel=(\d+)"
2016/07/12 20:13:28 [notice] 4044#3764: *15 "channel=(\d+)" matches "channel=3", client: 127.0.0.1, server: localhost, request: "GET /topic/module/7?channel=3 HTTP/1.1", host: "localhost"
2016/07/12 20:13:28 [debug] 4044#3764: *15 http script if
2016/07/12 20:13:28 [debug] 4044#3764: *15 http script regex: "/topic/module/(\d+)"
2016/07/12 20:13:28 [notice] 4044#3764: *15 "/topic/module/(\d+)" matches "/topic/module/7", client: 127.0.0.1, server: localhost, request: "GET /topic/module/7?channel=3 HTTP/1.1", host: "localhost"
2016/07/12 20:13:28 [debug] 4044#3764: *15 http script copy: "/bbs/#/"
2016/07/12 20:13:28 [debug] 4044#3764: *15 http script capture: "7"
2016/07/12 20:13:28 [debug] 4044#3764: *15 http script args
2016/07/12 20:13:28 [debug] 4044#3764: *15 http script copy: "cid="
2016/07/12 20:13:28 [debug] 4044#3764: *15 http script var: "3"
2016/07/12 20:13:28 [debug] 4044#3764: *15 http script regex end
2016/07/12 20:13:28 [notice] 4044#3764: *15 rewritten data: "/bbs/#/7", args: "cid=3", client: 127.0.0.1, server: localhost, request: "GET /topic/module/7?channel=3 HTTP/1.1", host: "localhost"
2016/07/12 20:13:28 [debug] 4044#3764: *15 post rewrite phase: 4
2016/07/12 20:13:28 [debug] 4044#3764: *15 uri changes: 11
2016/07/12 20:13:28 [debug] 4044#3764: *15 test location: "/"
2016/07/12 20:13:28 [debug] 4044#3764: *15 test location: "api"
2016/07/12 20:13:28 [debug] 4044#3764: *15 test location: "topic/view"
2016/07/12 20:13:28 [debug] 4044#3764: *15 test location: ~ "/topic/module/\d+"
2016/07/12 20:13:28 [debug] 4044#3764: *15 using configuration "/"
2016/07/12 20:13:28 [debug] 4044#3764: *15 http cl:-1 max:1048576
2016/07/12 20:13:28 [debug] 4044#3764: *15 rewrite phase: 3
2016/07/12 20:13:28 [debug] 4044#3764: *15 post rewrite phase: 4
2016/07/12 20:13:28 [debug] 4044#3764: *15 generic phase: 5
2016/07/12 20:13:28 [debug] 4044#3764: *15 generic phase: 6
2016/07/12 20:13:28 [debug] 4044#3764: *15 generic phase: 7
2016/07/12 20:13:28 [debug] 4044#3764: *15 access phase: 8
2016/07/12 20:13:28 [debug] 4044#3764: *15 access phase: 9
2016/07/12 20:13:28 [debug] 4044#3764: *15 access phase: 10
2016/07/12 20:13:28 [debug] 4044#3764: *15 post access phase: 11
2016/07/12 20:13:28 [debug] 4044#3764: *15 content phase: 12
2016/07/12 20:13:28 [debug] 4044#3764: *15 content phase: 13
2016/07/12 20:13:28 [debug] 4044#3764: *15 content phase: 14
2016/07/12 20:13:28 [debug] 4044#3764: *15 content phase: 15
2016/07/12 20:13:28 [debug] 4044#3764: *15 content phase: 16
2016/07/12 20:13:28 [debug] 4044#3764: *15 content phase: 17
2016/07/12 20:13:28 [debug] 4044#3764: *15 http filename: "D:/workspace/webapp/bbs/#/7"
2016/07/12 20:13:28 [debug] 4044#3764: *15 add cleanup: 00DF8948
2016/07/12 20:13:28 [error] 4044#3764: *15 CreateFile() "D:/workspace/webapp/bbs/#/7" failed (3: The system cannot find the path specified), client: 127.0.0.1, server: localhost, request: "GET /topic/module/7?channel=3 HTTP/1.1", host: "localhost"
2016/07/12 20:13:28 [debug] 4044#3764: *15 http finalize request: 404, "/bbs/#/7?cid=3" a:1, c:1
2016/07/12 20:13:28 [debug] 4044#3764: *15 http special response: 404, "/bbs/#/7?cid=3"
2016/07/12 20:13:28 [debug] 4044#3764: *15 internal redirect: "/404.html?"

报错:

2017/02/16 11:36:39 [emerg] 4008#0: bind() to 0.0.0.0:80 failed (13: Permission denied)
2017/02/16 11:36:57 [error] 4013#0: *2 "/home/ec2-user/nginx/html/index.html" is forbidden (13: Permission denied), client: 196.1.1.200, server: localhost, request: "GET / HTTP/1.1", host: "196.1.1.100"
2017/02/16 11:36:58 [error] 4013#0: *2 "/home/ec2-user/nginx/html/index.html" is forbidden (13: Permission denied), client: 196.1.1.200, server: localhost, request: "GET / HTTP/1.1", host: "196.1.1.100"
2017/02/16 11:37:02 [error] 4013#0: *2 "/home/ec2-user/nginx/html/index.html" is forbidden (13: Permission denied), client: 196.1.1.200, server: localhost, request: "GET / HTTP/1.1", host: "196.1.1.100"
2017/02/16 11:40:16 [emerg] 4031#0: bind() to 0.0.0.0:80 failed (13: Permission denied)
2017/02/16 11:40:43 [error] 4037#0: *1 "/home/ec2-user/nginx/html/index.html" is forbidden (13: Permission denied), client: 196.1.1.200, server: localhost, request: "GET / HTTP/1.1", host: "196.1.1.100"
2017/02/16 11:40:44 [error] 4037#0: *1 "/home/ec2-user/nginx/html/index.html" is forbidden (13: Permission denied), client: 196.1.1.200, server: localhost, request: "GET / HTTP/1.1", host: "196.1.1.100"
2017/02/16 11:40:45 [error] 4037#0: *1 "/home/ec2-user/nginx/html/index.html" is forbidden (13: Permission denied), client: 196.1.1.200, server: localhost, request: "GET / HTTP/1.1", host: "196.1.1.100"
2017/02/16 11:43:11 [error] 4037#0: *2 "/home/ec2-user/nginx/html/index.html" is forbidden (13: Permission denied), client: 196.1.1.200, server: localhost, request: "GET / HTTP/1.1", host: "196.1.1.100"

解决办法:

One permission requirement that is often overlooked is a user needs x permissions in every parent directory of a file to access that file. Check the permissions on /, /home, /home/demo, etc. for www-data x access. My guess is that /home is probably 770 and www-data can't chdir through it to get to any subdir. If it is, try chmod o+x /home (or whatever dir is denying the request).

EDIT: To easily display all the permissions on a path, you can use namei -om /path/to/check

Same here. On my install of CentOS 6, /home/user dirs are set to 700 by default.

 

http://stackoverflow.com/questions/6795350/nginx-403-forbidden-for-all-files

 

问题:
2017/10/27 17:16:17 [alert] 1347#0: *19916 socket() failed (24: Too many open files) while connecting to upstream, client: 120.132.18.132, server: _, request: "GET /admin/v1/evaluation/careers HTTP/1.1", upstream: "http://10.25.174.68:5000/admin/v1/evaluation/careers", host: "120.132.18.132", referrer: "http://1gepingguo.cn/swagger-ui.html"
2017/10/27 17:16:17 [crit] 1347#0: *19916 open() "/usr/share/nginx/html/50x.html" failed (24: Too many open files), client: 120.132.18.132, server: _, request: "GET /admin/v1/evaluation/careers HTTP/1.1", upstream: "http://10.25.174.68:5000/admin/v1/evaluation/careers", host: "120.132.18.132", referrer: "http://1gepingguo.cn/swagger-ui.html"
2017/10/27 17:21:30 [notice] 1373#0: signal process started
解决办法:

#nginx worker进程运行用户以及用户组
user  nobody nobody;

#nginx worker数量
worker_processes  4;

#全局错误日志文件,日志输出级别有debug、info、notice、warn、error、crit(类似于Python中的logging)
error_log  logs/error.log  notice;

#指定主进程id的存储文件位置
pid        logs/nginx.pid;

#指定一个nginx进程可以打开的最多文件描述符数目
worker_rlimit_nofile 65535; //增加此配置

#设定nginx的工作模式及连接数上限
events{
      use epoll; #linux 服务器的优点所在
      worker_connections      65536;#设定worker的最大连接数
}

http://inbank2012.blog.51cto.com/6302802/1097939
http://www.cnblogs.com/coder2012/p/4072387.html

 

 

时间: 2024-08-03 19:54:06

nginx专题的相关文章

Nginx负载均衡实战

Nginx是一款面向性能设计的HTTP服务器,相较于Apache.lighttpd具有占有内存少,稳定性高等优势.与旧版本(<=2.2)的Apache不同,nginx不采用每客户机一线程的设计模型,而是充分使用异步逻辑,削减了上下文调度开销,所以并发服务能力更强.整体采用模块化设计,有丰富的模块库和第三方模块库,配置灵活. 在Linux操作系统下,nginx使用epoll事件模型,得益于此,nginx在Linux操作系统下效率相当高.同时Nginx在OpenBSD或FreeBSD操作系统上采用类

Linux系统上配置Nginx+Ruby on Rails+MySQL超攻略_ruby专题

安装 RVM 通常使用 RVM 或 rbenv 来安装 Ruby,这里选用 RVM. $ curl -sSL https://get.rvm.io | bash -s stable 载入 RVM : $ source /home/libuchao/.rvm/scripts/rvm $ rvm -v rvm 1.25.12 (stable) by Wayne E. Seguin <wayneeseguin@gmail.com> ...... 再执行以下命令: $ type rvm rvm is

艰难完成 nginx + puma 部署 rails 4的详细记录_ruby专题

花了两周时间 Google 部署方法,找的的许多方法都没有用,最终被我用控制变量法,一条一条修改配置文件修改成功了. 首先是 /etc/nginx/vhosts/limlog.sloger.info.conf 和 config/puma.rb # # /etc/nginx/vhosts/limlog.sloger.info.conf # upstream limlog { server unix:///tmp/limlog.sock; } server { listen 80; server_n

Nginx错误日志与优化专题

一.Nginx配置和内核优化 实现突破十万并发 二.一次Nignx的502页面的错误记录 (1)错误页面显示   错误日志: 2017/07/17 17:32:57 [error] 29071#0: *96 recv() failed (104: Connection reset by peer) while reading response header from upstream, client: 101.226.125.118, server: live.baidu.com, reques

Ubuntu Linux专题

Ubuntu 14.04中用Chrome浏览网页内容显示正常但是Tab显示乱码 Ubuntu 14.04安装mysq时报错问题 Ubuntu 12.04 创建用户失败如何解决 ubuntu安装软件提示无法打开锁文件 /var/lib/dpkg/lock 解决Ubuntu或Fedora虚拟机重启网络时报错问题 如何在ubuntu下创建桌面快捷方式 在ubuntu主线版本下的/var/cache/apt/archives文件夹说明:系统 ubuntu系统播放视频时黑屏的问题 Ubuntu及VMwar

VPS频繁提示Nginx 502 Bad Gateway错误的解决办法

这是一篇非常有价值的文章,在我们的Linux生产环境实际使用过程中,Nginx也难免会出现这样或是那样的故障,而502 Bad Gateway也是最常见的故障之一,所以整理出Nginx 502 Bad Gateway的一些解决方案!现在Nginx在Webhttp://www.aliyun.com/zixun/aggregation/18665.html">应用领域也是越来越广泛,有很多大型的互联网公司,或是Web站点都将运行平台移植到Nginx中,而相对于Apache所占市场的比例,Ngi

Symfony2在Nginx下的配置方法图文教程_php实例

本文详细讲述了Symfony2在Nginx下的配置方法.分享给大家供大家参考,具体如下: 网上有很多关于symfony2在nginx下的配置文章,如果是小白,按照网上贴出来的配置文件配置,却怎么也不成功,我经过多次摸索,写下心得: 1. 首先开启Nginx的pathinfo 至于什么是pathinfo,可以参考文章<nginx下支持PATH_INFO的方法实例详解>,自行脑补.很多人按照教程配置的时候,会报500的错误,查报错日志也查不出来,八成就是没有开启pathinfo. 如果你的主机上安

Nginx安装,Nginx静态缓存,Nginx Gzip压缩,Nginx负载均衡,Nginx方向代理,Nginx+Tomcat+Redis做session共享

Nginx安装 nginx-1.10.1.tar.gz安装,参考http://blog.csdn.net/tototuzuoquan/article/details/47381907. 修改nginx.conf的配置文件 #user  nobody; worker_processes  8;   error_log  logs/error.log; error_log  logs/error.log  notice; error_log  logs/error.log  info;   #pid

CORS 专题

CORS(跨域资源共享,Cross-Origin Resource Sharing)CORS其实出现时间不短了,它在维基百科上的定义是:跨域资源共享(CORS )是一种网络浏览器的技术规范,它为Web服务器定义了一种方式,允许网页从不同的域访问其资源.而这种访问是被同源策略所禁止的.CORS系统定义了一种浏览器和服务器交互的方式来确定是否允许跨域请求. 它是一个妥协,有更大的灵活性,但比起简单地允许所有这些的要求来说更加安全. 比如,站点 http://domain-a.com 的某 HTML