一 、Acess 日志演示
1、实现代码
http {
include mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status [$request_length:$bytes_sent] "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
......
server {
......
access_log logs/access.log main;
location / {
alias dlib/;
autoindex on;
set $limit_rate 1k;
}
2、查看日志
192.168.0.109 - - [01/Mar/2020:17:57:57 +0800] "GET /dlib.js HTTP/1.1" 304 [397:180] "http://192.168.0.123:8080/" "Mozilla/5.0 (Windows NT 6.2; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/82.0.4068.5 Safari/537.36" "-" 192.168.0.109 - - [01/Mar/2020:17:57:58 +0800] "GET /dlib.css HTTP/1.1" 304 [416:181] "http://192.168.0.123:8080/" "Mozilla/5.0 (Windows NT 6.2; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/82.0.4068.5 Safari/537.36" "-" 192.168.0.109 - - [01/Mar/2020:17:57:58 +0800] "GET /dlib-logo.png HTTP/1.1" 304 [442:181] "http://192.168.0.123:8080/" "Mozilla/5.0 (Windows NT 6.2; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/82.0.4068.5 Safari/537.36" "-" 192.168.0.1
二、用nginx搭建一个具备缓存功能的反向代理
1、nginx web 服务正常
1、nginx web配置如下:
[root@nginx conf]#
[root@nginx conf]# ifconfig eth0|awk 'NR==2 {print $2}'
192.168.118.155
cat nginx.conf
server {
listen 8080;
server_name www.luoahong.com;
#charset koi8-r;
access_log logs/access.log main;
location / {
alias dlib/;
autoindex on;
set $limit_rate 1k;
}
location /report.html {
alias /usr/local/nginx/html/report.html;
}
[root@nginx conf]# ../sbin/nginx
[root@nginx conf]# ps -ef|grep nginx
root 17093 1 0 Mar02 ? 00:00:00 nginx: master process ../sbin/nginx
nobody 17094 17093 0 Mar02 ? 00:00:00 nginx: worker process
2、反向代理OpenResty配置如下:
[root@luoahong conf]# ifconfig eth0|awk 'NR==2 {print $2}'
192.168.118.157
[root@luoahong conf]# cat nginx.conf
......
http {
include mime.types;
......
upstream test {
server 192.168.118.155:8080;
}
server {
listen 80;
server_name www.luoahong.com;
#charset koi8-r;
#access_log logs/host.access.log main;
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwared-For $proxy_add_x_forwarded_for;
proxy_cache my_cache;
proxy_cache_key $host$uri$is_args$args;
proxy_cache_valid 200 304 302 1d;
proxy_pass http://test;
}
location /lua {
default_type text/html;
content_by_lua 'ngx.say("User-Agent: ", ngx.req.get_headers()["User-Agent"])';
}
3、nginx web测试截图
4、反向代理测试截图
2、nginx web 服务异常
1、关闭nginx web服务
[root@nginx conf]# ../sbin/nginx -s stop [root@nginx conf]# ps -ef|grep nginx root 19104 9461 0 09:32 pts/0 00:00:00 grep --color=auto nginx
2、nginx web访问测试截图
3、服务依然正常访问
三、用 GoAccess 实现可视化并实时监控 access 日志
1、安装依赖包
yum install -y GeoIP-devel.x86_64 ncurses-devel
2、安装GeoIP
tar -xzvf GeoIP-1.6.11.tar.gz cd GeoIP-1.6.11 ./configure make && make install
3、安装go access
wget https://tar.goaccess.io/goaccess-1.3.tar.gz tar -xzvf goaccess-1.3.tar.gz cd goaccess-1.3/ ./configure --enable-utf8 --enable-geoip=legacy make && make install
4、配置nginx
location /report.html {
alias /usr/local/nginx/html/report.html;
}
5、运行
goaccess access.log -o /usr/local/nginx/html/report.html --real-time-html --time-format='%H:%M:%S' --date-format='%d/%b/%Y' --log-format=COMBINED
6、浏览器上查看
四、对称加密与非对称加密各自的应用场景
1、TLS/SSL发展
2、TLS 安全密码套件解读
五、对称加密与非对称加密各自的应用场景
1、对称加密
加密示例
2、非对称加密
3、PKI公钥基础设施
