POST_READ
SERVER_REWRITE
FIND_CONFIG
REWIRTE
POST_REWIRITE
PRE_ACCESS
ACCESS
POST_ACCESS
PRECONTENT
CONTENT
LOG
POST_READ
readip x_forward_for module
当 remote_addr ip为以下网段时进行 realip设置
set_real_ip_from 192.168.1.0/24; set_real_ip_from 192.168.2.1; set_real_ip_from 2001:0db8::/32;
real_ip_header X-Forwarded-For; real_ip_recursive on;
[root@node3 nginx]# curl 192.168.122.13 -H 'X-Forwarded-For: 101.10.10.10,192.168.122.13' -H 'Host: zz.com.cn' real ip is 101.10.10.10 [root@node3 nginx]# !cat cat vhost/realip.conf server { listen 80; server_name zz.com.cn; set_real_ip_from 192.168.122.13; real_ip_header X-Forwarded-For; real_ip_recursive on; location / { return 200 "real ip is $remote_addr "; } } [root@node3 nginx]# curl 192.168.122.13 -H 'X-Forwarded-For: 101.10.10.10,192.168.122.13' -H 'Host: zz.com.cn' real ip is 101.10.10.10
server_rewrite
return
error_page
rewrite
[root@node3 vhost]# ls realip.conf server_rewrite.conf [root@node3 vhost]# cat server_rewrite.conf server { listen 80; server_name rewrite.com.cn; return 403 'server return '; server阶段的 rewrite location / { return 403 " location return "; } }
rewrite_log on | off
打开 rewrite 日志进行重定向分析
find_config
location匹配流程忽略
ACCESS
allow deny
basic auth
auth_request
三个模块可以进行认证动作
location / { satisfy any; allow 192.168.1.0/32; deny all; auth_basic "closed site"; auth_basic_user_file conf/htpasswd; }
PRECONTENT
try_files
mirror 镜像流量
ACCESS
Context: http, server, location, if in location
root
Context: location
alais
case:
[root@node3 vhost]# cat content.conf server { listen 80; server_name content.com.cn; location /root { root html; } location /alias { alias html; } location ~ /root/(w+.txt) { root html/first/$1; } location ~ /alias/(w+.txt) { alias html/first/$1; }
##################################################################################
[root@node3 html]# pwd
/usr/share/nginx/html
[root@node3 html]# tree first/
first/
└── 1.txt
0 directories, 1 file