LEMP構建高性能WEB服務器

時間 2020-02-08

原文原文鏈接

LEMP構建高性能WEB服務器

目錄javascript

前言：
1、系統安裝
1. 系統分區
2.系統初始化腳本(根據具體需求關閉不須要的服務)php

2、編譯安裝基本環境
1. 安裝準備
2. 編譯安裝軟件包css

3、編譯安裝PHP及Nginx
1.PHP(Fastcgi)編譯安裝
2.安裝Nginx

4、Nginx多虛擬主機配置及基本優化(以配置Discuz!論壇爲例)
1.配置Nginx虛擬主機(防盜鏈及expires設置)
2.Nginx搭建下載站點限制併發數和速率.
3.如何實現Nginx身份驗證
4.如何實現Nginx目錄列表
5.修改Nginx的header假裝服務器
6.減少nginx編譯後的文件大小
7.Nginx日誌處理html

5、基本安全設置策略
6、附錄及相關介紹java

前言：
本文基於step by step的結構向你們介紹Nginx構建高性能WEB的全過程.而且咱們在
生產服務器上運行一個月很是穩定，因此整理出來供你們分享。但願可以幫助
更多的初學者輕鬆構建高性能的WEB服務器。對文中提到的相關操做有任何問題均可以
到LinuxTone論壇去交流提問，咱們將第一時間爲你解答，同時把網友的建議加入，及
時更新相關內容.node

系統環境:
CentOS 5.1+nginx-0.6.31+php-5.2.6+memcache-2.2.3+xcache-1.2.2+mysql-5.0.51bmysql

1、系統安裝linux

1. 系統分區
/boot 100M左右
SWAP 物理內存的2倍(若是你的物理內存大於4G以上，分配4G便可)
/ 分區15~20G
/usr/local 20G (用於安裝軟件)
/data 剩餘全部空間
*具體分區請根據相關業務劃分，具體安裝本文不做介紹.nginx

2.系統初始化腳本(根據具體需求關閉不須要的服務)
#vi init.sh
#welcome cat << EOF +--------------------------------------------------------------+ | === Welcome to CentOS System init === | +--------------http://www.linuxtone.org------------------------+ +--------------------------------------------------------------+ EOFc++

#disable ipv6
cat << EOF
+--------------------------------------------------------------+
| === Welcome to Disable IPV6 === |
+--------------------------------------------------------------+
EOF
echo "alias net-pf-10 off" >> /etc/modprobe.conf
echo 「alias ipv6 off」 >> /etc/modprobe.conf
/sbin/chkconfig –level 35 ip6tables off
echo 「ipv6 is disabled!」

#disable selinux
sed -i ‘/SELINUX/s/enforcing/disabled/’ /etc/selinux/config
echo 「selinux is disabled,you must reboot!」

#vim
sed -i 「8 s/^/alias vi=’vim’/」 /root/.bashrc
echo ’syntax on’ > /root/.vimrc

#LANG=en
sed -i -e ’s/^LANG=.*/LANG=」en」/’ /etc/sysconfig/i18n

#tunoff services
#————————————————————–+
cat << EOF
+--------------------------------------------------------------+
| === Welcome to Tunoff services === |
+--------------------------------------------------------------+
EOF
#--------------------------------------------------------------+
for i in `ls /etc/rc3.d/S*`
do
CURSRV=`echo $i|cut -c 15-`

#sh init.sh (執行上面保存的腳本，仍後重啓)

2、編譯安裝基本環境

1. 安裝準備
1) 系統約定
軟件源代碼包存放位置 /usr/local/src
源碼包編譯安裝位置(prefix) /usr/local/software_name
腳本以及維護程序存放位置 /usr/local/sbin
MySQL 數據庫位置 /data/mysql/data（可按狀況設置）
網站根目錄 /data/www/wwwroot（可按狀況設置）
虛擬主機日誌根目錄 /data/logs（可按狀況設置）
Nginx運行帳戶 www:www
in_software_name.sh 存放編譯參數腳本習慣將全部編譯腳本存放在in_software_name.sh便於升級和更新軟件.

建立網站帳號及相關存放目錄
groupadd www -g 48 useradd -u 48 -g www www mkdir -p /data/www/wwwroot mkdir -p /data/logs chmod +w /data/www/wwwroot chown -R www:www /data/www/wwwroot
2) 系統環境部署及調整
檢查系統是否正常
# tail -n100 /var/log/messages （檢查有無系統級錯誤信息）
# dmesg （檢查硬件設備是否有錯誤信息）
# ifconfig（檢查網卡設置是否正確）
# ping www.linuxtone.org （檢查網絡是否正常）

3) 使用 yum 程序安裝所需開發包（如下爲標準的 RPM 包名稱）
添加國內鏡像源加速軟件安裝下載速度請參照:http://bbs.linuxtone.org/thread-158-1-1.html
yum -y install ntp vim-enhanced gcc gcc-c++ gcc-g77 flex bison autoconf automake bzip2-devel \ ncurses-devel libtool* zlib-devel libxml2-devel libjpeg-devel libpng-devel libtiff-devel \ fontconfig-devel freetype-devel libXpm-devel gettext-devel curl curl-devel pam-devel kernel
發包裝上。

4) 定時校訂服務器時鐘，定時與中國國家授時中心授時服務器同步
# crontab -e
加入一行：
15 3 * * * /usr/sbin/ntpdate 210.72.145.44 > /dev/null 2>&1

5) 下載編譯相關的源碼包.
#vi list 在list文件裏填入之後下載地址列表.
http://www.libgd.org/releases/gd-2.0.35.tar.bz2 http://ftp.gnu.org/pub/gnu/libiconv/libiconv-1.12.tar.gz http://jaist.dl.sourceforge.net/sourceforge/mcrypt/libmcrypt-2.5.8.tar.bz2 http://jaist.dl.sourceforge.net/sourceforge/mcrypt/mcrypt-2.6.7.tar.gz http://www.openssl.org/source/openssl-0.9.8h.tar.gz http://openbsd.md5.com.ar/pub/OpenBSD/OpenSSH/portable/openssh-5.0p1.tar.gz

ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/pcre-7.7.tar.gz
http://sysoev.ru/nginx/nginx-0.6.31.tar.gz

http://mysql.byungsoo.net/Downloads/MySQL-5.0/mysql-5.0.51b.tar.gz

http://cn2.php.net/get/php-5.2.6.tar.bz2/from/this/mirror
http://php-fpm.anight.org/downloads/head/php-5.2.6-fpm-0.5.8.diff.gz
http://pecl.php.net/get/memcache-2.2.3.tgz
http://xcache.lighttpd.net/pub/Releases/1.2.2/xcache-1.2.2.tar.gz
http://downloads.phpchina.com/zend/optimizer/3.3.3/ZendOptimizer-3.3.3-linux-glibc23-i386.tar.gz

#vi down.sh 建立下載腳本.

#!/bin/bash for i in `cat list` do wget -c $i done

#sh down.sh 執行下載腳本便可下載相關軟件包.

2. 編譯安裝軟件包
源碼編譯安裝所需包(Source)
1) 升級OpenSSL及OpenSSH
tar xvf openssl-0.9.8h.tar.gz cd openssl-0.9.8h #vi in_openssl.sh ./config --prefix=/usr/local/openssl make make test make install # sh in_openssl.sh

#tar xvf openssh-5.0p1.tar.gz
#cd openssh-5.0p1
# vi in_openssh.sh
./configure \
"--prefix=/usr" \
"--with-pam" \
"--with-zlib" \
"--sysconfdir=/etc/ssh" \
"--with-ssl-dir=/usr/local/openssl" \
"--with-md5-passwords"
make
make install
# sh in_openssh.sh

禁用 SSH V1 協議:找到#Protocol 2,1改成：Protocol 2

禁用服務器端GSSAPI找到如下兩行，並將它們註釋：
GSSAPIAuthentication yes
GSSAPICleanupCredentials yes

禁用 DNS 名稱解析
找到：#UseDNS yeas改成：UseDNS no

禁用客戶端 GSSAPI
# vi /etc/ssh/ssh_config 找到：GSSAPIAuthentication yes 將這行註釋掉。
最後，確認修改正確後從新啓動 SSH 服務
#init_ssh.sh
ssh_cf=」/etc/ssh/sshd_config」
sed -i -e ‘74 s/^/#/’ -i -e ‘76 s/^/#/’ $ssh_cf
sed -i 「s/#UseDNS yes/UseDNS no/」 $ssh_cf
#client
sed -i -e ‘44 s/^/#/’ -i -e ‘48 s/^/#/’ $ssh_cf
echo 「ssh is init is ok…………..」
# service sshd restart
# ssh -v 確認 OpenSSH 以及 OpenSSL 版本正確。

以上SSH配置可利用如下腳本自動修改:
#vi init_ssh.sh

#init_ssh.sh ssh_cf="/etc/ssh/sshd_config" sed -i -e '74 s/^/#/' -i -e '76 s/^/#/' $ssh_cf sed -i "s/#UseDNS yes/UseDNS no/" $ssh_cf #client sed -i -e '44 s/^/#/' -i -e '48 s/^/#/' $ssh_cf echo "ssh is init is ok.............."

#sh init_ssh.sh

[root@servers src]# /etc/init.d/sshd restart
Stopping sshd: [ OK ]
Starting sshd: [ OK ]
[root@servers src]# ssh -v
OpenSSH_5.0p1, OpenSSL 0.9.8h 28 May 2008

2) GD2
# cd /usr/local/src
# tar xvf gd-2.0.35.tar.gz
# cd gd-2.0.35
# vi in_gd2.sh

aclocal ./configure --prefix=/usr/local/gd2 make && make install # sh in_gd2.sh

3) tar xvf libmcrypt-2.5.8.tar.bz2
cd libmcrypt-2.5.8

#vi in_libmcrypt.sh ./configure --prefix=/usr/local/libmcrypt && make && make install #sh in.sh
4) #tar xvf libiconv-1.12.tar.gz
#cd libiconv-1.12
#vi in_iconv.sh

./configure --prefix=/usr && make && make install

#sh in_iconv.sh
5) 編譯安裝MySQL

# tar xvf mysql-5.0.51b.tar.gz
# cd mysql-5.0.51b
# vi in_mysql.sh
CFLAGS="-O3" CXX=gcc CXXFLAGS="-O3 -felide-constructors \ -fno-exceptions -fno-rtti -fomit-frame-pointer -ffixed-ebp" ./configure \ "--prefix=/usr/local/mysql" \ "--localstatedir=/data/mysql/data" \ "--with-comment=Source" \ "--with-server-suffix=-LinuxTone.Org" \ "--with-mysqld-user=mysql" \ "--without-debug" \ "--with-big-tables" \ "--with-charset=gbk" \ "--with-collation=gbk_chinese_ci" \ "--with-extra-charsets=all" \ "--with-pthread" \ "--enable-static" \ "--enable-thread-safe-client" \ "--with-client-ldflags=-all-static" \ "--with-mysqld-ldflags=-all-static" \ "--enable-assembler" \ "--without-isam" \ "--without-innodb" \ "--without-ndb-debug" make && make install useradd mysql -d /data/mysql -s /sbin/nologin /usr/local/mysql/bin/mysql_install_db --user=mysql cd /usr/local/mysql chown -R root:mysql . chown -R mysql /data/mysql/data cp share/mysql/my-huge.cnf /etc/my.cnf cp share/mysql/mysql.server /etc/rc.d/init.d/mysqld chmod 755 /etc/rc.d/init.d/mysqld chkconfig --add mysqld /etc/rc.d/init.d/mysqld start

cd /usr/local/mysql/bin
for i in *; do ln -s /usr/local/mysql/bin/$i /usr/bin/$i; done

#sh in_mysql.sh

3、編譯安裝PHP及Nginx

1.PHP(Fastcgi)編譯安裝

1)php-fpm 給PHP(Fastcgi)打補丁
#tar xvf php-5.2.6.tar.bz2
#gzip -cd php-5.2.6-fpm-0.5.8.diff.gz | patch -d php-5.2.6 -p1

2)PHP(Fastcgi)安裝.
#cd php-5.2.6
#vi in_php5.sh

./configure \ "--prefix=/usr/local/php-fcgi" \ "--enable-fastcgi" \ "--enable-fpm" \ "--enable-discard-path" \ "--enable-force-cgi-redirect" \ "--with-config-file-path=/usr/local/php-fcgi/etc" \ "--enable-zend-multibyte" \ "--with-mysql=/usr/local/mysql" \ "--with-libxml-dir" \ "--with-iconv-dir=/usr/lib" \ "--with-xmlrpc" \ "--with-gd=/usr/local/gd2" \ "--with-jpeg-dir" \ "--with-png-dir" \ "--with-bz2" \ "--with-freetype-dir" \ "--with-zlib-dir " \ "--with-openssl=/usr/local/openssl" \ "--with-mcrypt=/usr/local/libmcrypt" \ "--enable-sysvsem" \ "--enable-inline-optimization" \ "--enable-soap" \ "--enable-gd-native-ttf" \ "--enable-ftp" \ "--enable-mbstring" \ "--enable-exif" \ "--disable-debug" \ "--disable-ipv6" make && make install cp php.ini-dist /usr/local/php-fcgi/etc/php.ini

#sh in_php5.sh

4)安裝Xcache
tar xvf xcache-1.2.2.tar.gz
cd xcache-1.2.2
#vi in_xcache.sh
/usr/local/php-fcgi/bin/phpize ./configure --enable-xcache --enable-xcache-coverager --with-php-config=/usr/local/php-

fcgi/bin/php-config \
--enable-inline-optimization --disable-debug
make && make install
#sh in_xcache.sh

#vi /usr/local/php-fcgi/etc/php.ini #編輯php.ini在其內容最後加入以下內容:

[xcache-common] zend_extension = /usr/local/php-fcgi/lib/php/extensions/no-debug-non-zts-20060613/xcache.so

[xcache.admin]
xcache.admin.user = 「admin」
;如何生成md5密碼: echo -n 「password」| md5sum
xcache.admin.pass = 「035d849226a8a10be1a5e0fec1f0f3ce」 #密碼爲52netseek

[xcache]
; Change xcache.size to tune the size of the opcode cache
xcache.size = 24M
xcache.shm_scheme = 「mmap」
xcache.count = 4
xcache.slots = 8K
xcache.ttl = 0
xcache.gc_interval = 0

; Change xcache.var_size to adjust the size of variable cache
xcache.var_size = 8M
xcache.var_count = 1
xcache.var_slots = 8K
xcache.var_ttl = 0
xcache.var_maxttl = 0
xcache.var_gc_interval = 300
xcache.test = Off
xcache.readonly_protection = On
xcache.mmap_path = 「/dev/zero」
xcache.coredump_directory = 「」
xcache.cacher = On
xcache.stat = On
xcache.optimizer = Off

[xcache.coverager]
xcache.coverager = On
xcache.coveragedump_directory = 「」

4)安裝Memcache
cd memcache-2.2.3
#vi in_memcache.sh

/usr/local/php-fcgi/bin/phpize ./configure --with-php-config=/usr/local/php-fcgi/bin/php-config make && make install

#sh in_memcache.sh

5) PHP初始化腳本
# cat init_fcgi.sh

#!/bin/bash #php-fastcgi.php fcgi_cf="/usr/local/php-fcgi/etc/php.ini" sed -i '205 s#;open_basedir =#open_basedir = /data/www/wwwroot:/tmp#g' $fcgi_cf sed -i '210 s#disable_functions =#disable_functions =

phpinfo,passthru,exec,system,chroot,scandir,chgrp,chown,shell_exec,proc_open,proc_get_status,ini_

alter,ini_alter,ini_restore,

dl,pfsockopen,openlog,syslog,readlink,symlink,popepassthru,stream_socket_server#g' $fcgi_cf
sed -i '/expose_php/s/On/Off/' $fcgi_cf
sed -i '/display_errors/s/On/Off/' $fcgi_cf
sed -i 's#extension_dir = "./"#extension_dir = "/usr/local/php-fcgi/lib/php/extensions/no-debug-

non-zts-20060613/"\nextension

= "memcache.so"\n#' $fcgi_cf

6)ZendOptimizer-3.3.3-linux-glibc23-i386 (解壓後進入目錄./install，安提示選擇相關的目錄及

配置文件存放目錄便可)

2.安裝Nginx
1)Nginx編譯安裝

cd nginx-0.6.31
#vi in_nginx.sh

./configure --user=www --group=www --prefix=/usr/local/nginx/ --with-http_stub_status_module --

with-

openssl=/usr/local/openssl
make && make install

sh in_nginx.sh

2)初始化Nginx相關配置
#mkdir /usr/local/nginx/conf/vhosts 建立存放虛擬主機配置文件目錄
#cd /usr/local/nginx/conf
#mv nginx.conf nginx.conf_back 將原配置文件備份供之後參考.
#vi nginx.conf 從新建立nginx主配置文件

user www www;

worker_processes 8;

events
{
use epoll;

#maxclient = worker_processes * worker_connections / cpu_number
worker_connections 51200;
}

http
{
include mime.types;
default_type application/octet-stream;
charset gb2312;
server_names_hash_bucket_size 128;

log_format main ‘$remote_addr - $remote_user [$time_local] $request ‘
‘」$status」 $body_bytes_sent 「$http_referer」 ‘
‘」$http_user_agent」「$http_x_forwarded_for」‘;

#access_log /data/www/logs/access.log main;
access_log /dev/null;

sendfile on;
tcp_nopush on;
keepalive_timeout 60;
tcp_nodelay on;

fastcgi_connect_timeout 60;
fastcgi_send_timeout 180;
fastcgi_read_timeout 180;
fastcgi_buffer_size 128k;
fastcgi_buffers 4 128k;
fastcgi_busy_buffers_size 128k;
fastcgi_temp_file_write_size 128k;
fastcgi_intercept_errors on;

gzip on;
gzip_min_length 1k;
gzip_buffers 4 8k;
gzip_http_version 1.1;
gzip_types text/plain application/x-javascript text/css text/html application/xml;

#
client_max_body_size 10m;
client_body_buffer_size 256k;
#
#proxy_temp_path /dev/shm/proxy_temp;
fastcgi_temp_path /dev/shm/fastcgi_temp;
client_body_temp_path /dev/shm/client_body_temp;

# The following includes are specified for virtual hosts
include vhosts/bbs.linxutone.org.conf;
include vhosts/down.redocn.com.conf;
include vhosts/count.linuxtone.org.conf;
}

fastcgi_pass 127.0.0.1:8085; fastcgi_index index.php;

fastcgi_param GATEWAY_INTERFACE CGI/1.1;
fastcgi_param SERVER_SOFTWARE nginx;

fastcgi_param QUERY_STRING $query_string;
fastcgi_param REQUEST_METHOD $request_method;
fastcgi_param CONTENT_TYPE $content_type;
fastcgi_param CONTENT_LENGTH $content_length;

fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
fastcgi_param REQUEST_URI $request_uri;
fastcgi_param DOCUMENT_URI $document_uri;
fastcgi_param DOCUMENT_ROOT $document_root;
fastcgi_param SERVER_PROTOCOL $server_protocol;

fastcgi_param REMOTE_ADDR $remote_addr;
fastcgi_param REMOTE_PORT $remote_port;
fastcgi_param SERVER_ADDR $server_addr;
fastcgi_param SERVER_PORT $server_port;
fastcgi_param SERVER_NAME $server_name;

# PHP only, required if PHP was built with --enable-force-cgi-redirect
#fastcgi_param REDIRECT_STATUS 200;

#vi /enable_php5.conf Nginx支持PHP配置文件.

3)配置修改php-fpm腳本
配置php-fpm腳本:
cd /usr/local/php-fcgi/etc/
vi php-fpm.conf 修改以下內容:(進入vi編輯器，輸入:set nu 顯示行號.)
[code]
41 127.0.0.1:8085
62 Unix user of processes
63 www
65 Unix group of processes
66 www
79 128
80
81 Settings group for ‘apache-like’ pm style
82
83
84 Sets the number of server processes created on

startup.
85 Used only when ‘apache-like’ pm_style is selected
86 20
87
88 Sets the desired minimum number of idle server

processes.
89 Used only when ‘apache-like’ pm_style is selected

90 5
91
92 Sets the desired maximum number of idle server

processes.
93 Used only when ‘apache-like’ pm_style is selected
94 250
104 Set open file desc rlimit
105 51200
106
107 Set max core size rlimit
108 0
109
110 Chroot to this directory at the start
111
112
113 Chdir to this directory at the start
114
115
116 Redirect workers’ stdout and stderr into main error log.
117 If not set, they will be redirected to /dev/null, according to

FastCGI specs
118 yes
119
120 How much requests each process should execute before respawn.
121 Useful to work around memory leaks in 3rd party libraries.
122 For endless request processing please specify 0
123 Equivalent to PHP_FCGI_MAX_REQUESTS
124 51200
[code]

4) Nginx+PHP(fastcgi)啓動腳本參考:http://bbs.linuxtone.org/thread-372-1-2.html

4、Nginx多虛擬主機配置及基本優化(以配置Discuz!論壇爲例)

1.配置Nginx虛擬主機(防盜鏈及expires設置)
#vi /usr/local/nginx/conf/vhosts/bbs.linuxtone.org.conf

server { listen 80; server_name bbs.linuxtone.org www.linuxtone.org; index index.html index.php index.htm; root /data/www/wwwroot/lt/bbs; #access_log /var/log/nginx/access_bbs.redocn.com.log combined; location / { if (!-e $request_filename) { rewrite ^/archiver/((fid|tid)-[\w\-]+\.html)$ /archiver/index.php?$1

last;
rewrite ^/forum-([0-9]+)-([0-9]+)\.html$ /forumdisplay.php?

fid=$1&page=$2 last;
rewrite ^/thread-([0-9]+)-([0-9]+)-([0-9]+)\.html$ /viewthread.php?

tid=$1&extra=page%3D$3&page=$2

last;
rewrite ^/space-(username|uid)-(.+)\.html$ /space.php?$1=$2 last;
rewrite ^/tag-(.+)\.html$ /tag.php?name=$1 last;
break;
}

}

#Preventing hot linking of p_w_picpaths and other file types
location ~* ^.+\.(gif|jpg|png|swf|flv|rar|zip)$ {
valid_referers none blocked server_names *.linuxtone.org http://localhost;
if ($invalid_referer) {
rewrite ^/ http://bbs.linuxtone.org/p_w_picpaths/default/logo.gif;
return 403;
}
}
# Add expires header for static content
location ~* \.(js|css|jpg|jpeg|gif|png|swf)$ {
if (-f $request_filename) {
root /data/www/wwwroot/lt/bbs;
expires 1d;
break;
}

}
#support php
location ~ .*\.php?$
{
include enable_php5.conf;
}

}

vi /usr/local/nginx/conf/vhosts/down.redocn.com.conf limit_zone one $binary_remote_addr 10m; server { listen 80; server_name down.redocn.com; index index.html index.htm index.php; root /data/www/wwwroot/down; error_page 404 /index.php; # redirect server error pages to the static page /50x.html error_page 500 502 503 504 /50x.html; location = /50x.html { root html; } #Zone limit location / { limit_conn one 1; limit_rate 20k; }

# serve static files
location ~ ^/(p_w_picpaths|javascript|js|css|flash|media|static)/ {
root /data/www/wwwroot/down;
expires 30d;
}
}

2.Nginx搭建下載站點限制併發數和速率.

3.如何實現Nginx身份驗證
實現輸入http://count.linuxtone.org/tongji 要求輸入用戶名和密碼驗證纔可查看內內。配置方

法以下：
建立統計配置文件:

mkdir /usr/local/nginx/conf/htpasswd #建立存放密碼的目錄 /usr/local/apache2/bin/htpasswd -c /usr/local/nginx/conf/htpasswd/tongji admin

server
{
listen 80;
server_name count.linuxtone.org 211.100.72.138;
index index.html index.php;
root /data/www/wwwroot/count;
access_log /data/logs/access_count.linuxtone.org.log combined;
#error page
error_page 404 http://www.linuxtone.org/error.html;
error_page 500 502 503 504 http://www.linuxtone.org;
#support php
location ~ .*\.php?$
{
include enable_php5.conf;
}

#expires static files
location ~* \.(js|css|jpg|jpeg|gif|png)$ {
if (-f $request_filename) {
access_log off;
expires 1d;
break;
}
}
location ~ ^/(tongji)/ {
root /data/www/wwwroot/count;
auth_basic "LT-COUNT-TongJi";
auth_basic_user_file /usr/local/nginx/conf/htpasswd/tongji;
}

}
4.如何實現Nginx目錄列表
在相關虛擬主機配置文件加入以下設置便可，更多請參考官方wiki

location / { autoindex on; }

5.修改Nginx的header假裝服務器

cd nginx-0.6.31/src/core #define NGINX_VERSION "1.2" #define NGINX_VER "LTWS/" NGINX_VERSION

仍後從新編譯nginx便可，查看一下效果:

[root@count ~]# curl -I http://bbs.linuxtone.org

HTTP/1.1 200 OK Server: LTWS/1.2 Date: Mon, 23 Jun 2008 06:11:17 GMT Content-Type: text/html; charset=gb2312 Transfer-Encoding: chunked Connection: keep-alive Set-Cookie: lt__sid=cJN2FT; expires=Mon, 30-Jun-2008 06:11:17 GMT; path=/ Set-Cookie: lt__onlineusernum=228; expires=Mon, 23-Jun-2008 06:16:17 GMT; path=/

6.減少nginx編譯後的文件大小 (Reduce file size of nginx)
默認的nginx編譯選項裏竟然是用debug模式(-g)的（debug模式會插入不少跟蹤和ASSERT之類），編譯之後一個

nginx有好幾兆。
去掉nginx的debug模式編譯，編譯之後只有480K(nginx-0.6.31 , gcc4)。
[root@ssatt local]# du -sh nginx
480K nginx
在auto/cc/gcc，最後幾行有：

# debug CFLAGS="$CFLAGS -g"

註釋掉或刪掉這幾行，從新編譯便可

7.Nginx日誌處理
[root@count ~]# crontab -l

59 23 * * * /usr/local/sbin/logcron.sh /dev/null 2>&1

[root@count ~]# cat /usr/local/sbin/logcron.sh

#!/bin/bash log_dir="/data/logs" time=`date +%Y%m%d` /bin/mv ${log_dir}/access_linuxtone.org.log ${log_dir}/access_count.linuxtone.org.$time.log kill -USR1 `cat /var/run/nginx.pid`