NGINX做为WEB服务器,运行PHP开发的程序和页面:
server {
listen 80;
listen 443 ssl;
ssl_certificate /usr/local/nginx/conf/ssl/cc.crt;
ssl_certificate_key /usr/local/nginx/conf/ssl/cc.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
ssl_prefer_server_ciphers on;
ssl_session_timeout 10m;
ssl_session_cache builtin:1000 shared:SSL:10m;
ssl_buffer_size 1400;
add_header Strict-Transport-Security max-age=15768000;
ssl_stapling on;
ssl_stapling_verify on;
server_name www.cc.com;
log_format main escape=json '{ "@timestamp": "$time_iso8601", '
'"remote_addr": "$remote_addr",'
'"request_time": "$request_time",'
'"upstream_response_time": "$upstream_response_time",'
'"status": $status,'
'"x_forwarded": "$http_x_forwarded_for",'
'"http_referer": "$http_referer",'
'"request": "$request",'
'"upstream_addr": "$upstream_addr",'
'"body_bytes_sent":$body_bytes_sent,'
'"request_body":$request_body,'
'"http_user_agent": "$http_user_agent" }';
access_log /weblogs/cc.com_nginx.log combined;
index index.php;
include /usr/local/nginx/conf/rewrite/thinkphp.conf;
root /web/cc.com;
error_page 400 /errpage/400.html;
error_page 403 /errpage/403.html;
error_page 404 /errpage/404.html;
error_page 503 /errpage/503.html;
location / {
include /web/cc.com/.htaccess;
index index.php;
#如果文件不存在则尝试TP解析
}
location ~ .*.(wma|wmv|asf|mp3|mmf|zip|rar|jpg|gif|png|swf|flv|mp4)$ {
valid_referers none blocked *.cc.com new.cc.com;
if ($invalid_referer) {
return 403;
}
}
location ~ .+.php($|/) {
root //web/cc.com;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
#设置PATH_INFO,注意fastcgi_split_path_info已经自动改写了fastcgi_script_name变量,
#后面不需要再改写SCRIPT_FILENAME,SCRIPT_NAME环境变量,所以必须在加载fastcgi.conf之前设置
fastcgi_split_path_info ^(.+.php)(/.*)$;
fastcgi_param PATH_INFO $fastcgi_path_info;
#加载Nginx默认服务器环境变量配置
include fastcgi.conf;
}
location ~ .*.(gif|jpg|jpeg|png|bmp|swf|flv|mp4|ico)$ {
expires 30d;
access_log off;
}
location ~ .*.(js|css)?$ {
expires 7d;
access_log off;
}
location ~ /.ht {
deny all;
}
}