Nginx服务之配置文件
纸上得来终觉浅,绝知此事要躬行。
1. 基本特性
Nginx 是一个优秀的 Web、代理、缓存服务器。
基本特性
- 低内存消耗
- 模块化设计,支持模块的动态装卸载(DSO机制)
- 高可靠性,使用master/worker工作模式
- 支持热部署,不停机更新配置文件和程序版本等
- 支持事件驱动、AIO、mmap等机制
基本功能
- 静态资源的Web服务器,能缓存打开的文件描述符
- 支持http、smtp、pop3协议的反向代理、缓存、负载均衡
- 支持FastCGI(fpm)、uWSGI(Python)等
- 模块化、过滤器zip、SSI及图像大小调整等
- 支持SSL安全协议
扩展功能
- 基于名称和IP的虚拟主机
- 支持平滑升级
- 支持路径别名
- 支持URL重写(rewrite)
- 支持keepalive高可用
- 支持基于 IP 及用户的访问控制
- 支持速率限制,支持并发数限制
- 定制访问日志 ,支持使用日志缓冲区提高日志存储性能
基本架构
- 一个master进程,生成一个或多个worker
- 基于事件驱动机制,如epoll、kqueue等
- 支持sendfile、sendfile64的响应机制
- 支持异步IO模型(AIO)
- 支持内存映射机制(mmap)
- 并发收到TCP的套接字限制,最多5万左右,代理的时候更少
防护墙
- 四层防护墙:只针对于流量、IP做过滤
- 七层防火墙:防止爬虫、XSS攻击、请求过滤
2. 安装方法
通过命令行工具安装 Nginx 工具
- (1) 编译环境准备
[[email protected]~]# yum install -y gcc [[email protected]~]# yum install -y make [[email protected]~]# yum groupinstall -y "Development tools" [[email protected]~]# yum install -y pcre-devel [[email protected]~]# yum install -y openssl-develzlib-devel [[email protected]~]# useradd -g nginx -r nginx
- (2) 解压安装
[[email protected]~]# tar xf nginx-1.8.0.tar.gz [[email protected]]# ./configure --prefix=/usr/local/nginx --conf-path=/etc/nginx/nginx.conf --user=nginx --group=nginx --error-log-path=/data/log/nginx/error.log --http-log-path=/data/log/nginx/access.log --pid-path=/var/run/nginx/nginx.pid --lock-path=/var/lock/nginx.lock --with-http_ssl_module --with-http_stub_status_module --with-http_gzip_static_module --with-debug [[email protected]]# make && make install
# 生成环境编译配置 # 为了方便程序迁移可以将配置文件指定到安装目录下或对/etc做定期备份 [[email protected]~]# mkdir -pv /var/tmp/nginx/{client,proxy,fastcgi} [[email protected]]# ./configure --prefix=/usr/local/nginx --conf-path=/etc/nginx/nginx.conf --user=nginx --group=nginx --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --pid-path=/var/run/nginx/nginx.pid --lock-path=/var/lock/nginx.lock --with-http_ssl_module --with-http_stub_status_module --with-http_gzip_static_module --with-http_flv_module --with-http_mp4_module --http-client-body-temp-path=/var/tmp/nginx/client --http-proxy-temp-path=/var/tmp/nginx/proxy --http-fastcgi-temp-path=/var/tmp/nginx/fastcgi [[email protected]]# make && make install
- (3) 启动服务并检测端口是否启用
[[email protected]~]# /usr/local/nginx/sbin/nginx [[email protected]~]# ss -tnl
3. 模块介绍
Nginx是由内核和模块组成的,内核的设计非常微小和简洁,完成非常简单的工作。仅通过查找配置文件将客户端请求映射到一个location block中,而这个location中所配置的每个指令将会启动不同的模块去完成相应的工作。
Nginx的模块直接被编译进Nginx,因此属于静态编译的方式。启动Nginx后,Nginx的模块被自动加载,不像在Apache一样。首先将模块编译为一个个的so文件,然后在配置文件中指定是否进行加载。在解析配置文件时,Nginx的每一个模块都有可能去处理某个请求,但是同一个处理请求只能由一个模块来完成。
模块分类(层次)
- 核心模块:http模块、event模块、mail模块
- 基础模块:access模块、FastCGI模块、proxy模块、rewrite模块
- 第三方模块:upstream模块、request hash模块、notice模块
模块分类(功能)
- 处理器模块(Handlers):可以直接处理请求并进行内容输出和修改报文信息
- 过滤器模块(Filters):主要对其他处理器模块输出的内容进行修改,最后输出
- 代理类模块(Proxies):主要与后端服务器的交互等操作,如负载均衡和代理
请求处理过程
基本的 Web 服务器请求步骤
第三方模块
- 下面列出的NGINX和NGINX+第三方模块,创建并维护都是NGINX的社区成员,参见官方链接。
| 模块 | 模块功能表述 | 仓库地址 |
|---|---|---|
| Accept Language Module | Accept-Language header parser | giom/nginx_accept_language_module |
| AFCGI | Asynchronous/multiplexing FastCGI for NGINX | rsms/afcgi |
| Akamai G2O | Restricts access to content to Akamai edge servers using G2O headers | kaltura/nginx_mod_akamai_g2o |
| Array Var | Add support for array variables to NGINX config files | openresty/array-var-nginx-module |
| Audio Track for HTTP Live Streaming | Generate audio track for HTTP Live Streaming (HLS) streams on the fly | flavioribeiro/nginx-audio-track-for-hls-module |
| HTTP Digest Authentication | HTTP Digest Authentication | atomx/nginx-http-auth-digest |
| PAM Authentication | HTTP Basic Authentication using PAM | sto/ngx_http_auth_pam_module |
| Request Authentication | Allows authorization based on subrequest result | ngx_http_auth_request_module |
| Auto Lib | Reuse pre-compiled/installed versions of OpenSSL, PCRE and Zlib | simpl/ngx_auto_lib |
| AWS Auth | Generate security headers for GET requests to Amazon S3 | anomalizer/ngx_aws_auth |
| Backtrace | A NGINX module to dump backtrace case a worker process exits abnormally | alibaba/nginx-backtrace |
| Brotli | Serves dynamically or statically compressed responses with brotli | google/ngx_brotli |
| Cache Purge | Adds ability to purge content from FastCGI, proxy, and uWSGI caches | FRiCKLE/ngx_cache_purge |
| Circle Gif | Generates simple circle images with colors/size specified in the URL | evanmiller/nginx_circle_gif |
| Clojure | A module for embedding Clojure, Java, and Groovy programs | nginx-clojure/nginx-clojure |
| Concat | Concatenates files in a given context | alibaba/nginx-http-concat |
| Upstream Consistent Hash | Select backend based on Consistent hash ring | replay/ngx_http_consistent_hash |
| Development Kit | An extension to the core functionality of NGINX | simpl/ngx_devel_kit |
| Upstream Domain Resolve | An asynchronous domain name resolve module for NGINX upstream | wdaike/ngx_upstream_jdomain/ |
| HTTP Drizzle | Make NGINX talk directly to MySQL or Drizzle database servers | openresty/drizzle-nginx-module |
| Dynamic etags | NGINX module for etags on dynamic content | kali/nginx-dynamic-etags |
| Dynamic Upstream | Update upstreams’ config by restful interface | yzprofile/ngx_http_dyups_module |
| HTTP Echo | Provides familiar shell-style commands to NGINX HTTP servers | openresty/echo-nginx-module |
| Stream Echo | Provides familiar shell-style commands to NGINX stream servers | openresty/stream-echo-nginx-module |
| Encrypted Session | Encrypt NGINX variables for light-weight session-based authentication | openresty/encrypted-session-nginx-module |
| Enhanced Memcached | Repackaging of the standard memcached module to add features | bpaquet/ngx_http_enhanced_memcached_module |
| Eval | A module for evaluating memcached or proxy response into variable | vkholodkov/nginx-eval-module |
| Eval (OpenResty’s fork) | Captures arbitrary subrequests’ responses into custom NGINX variables | openresty/nginx-eval-module |
| Execute | Commands remotely and return results | limithit/NginxExecute |
| EY Balancer | Provides a request queue for limiting concurrent requests | ezmobius/nginx-ey-balancer |
| Upstream Fair Balancer | Distributes incoming requests to least-busy servers | gnosek/nginx-upstream-fair |
| Fancy Index | Like the built-in autoindex module, but fancier | aperezdc/ngx-fancyindex |
| Foot Filter | Implements a body filter that adds a given string to the page footer | alibaba/nginx-http-footer-filter |
| FastCGI Functional Handler | c/c++ service function handler which built for NGINX fastcgi | Taymindis/fcgi-function |
| Footer If Filter | Applies a footer if a response meets a specified condition | flygoast/ngx_http_footer_if_filter/ |
| Form Input | Parses HTTP POST request bodies and saves results to NGINX variables | calio/form-input-nginx-module |
| GeoIP2 | City and country code lookups via the MaxMind GeoIP2 API | leev/ngx_http_geoip2_module |
| GridFS | NGINX module for serving files from MongoDB’s GridFS | mdirolf/nginx-gridfs |
| Groovy | A module for embedding Clojure, Java, and Groovy programs | nginx-clojure/nginx-clojure |
| Headers More | Set and clear input and output headers… more than “add”! | openresty/headers-more-nginx-module |
| HTTP Healthcheck | Health check HTTP servers inside an upstream | cep21/healthcheck_nginx_upstreams |
| HTTP Accounting | Realtime netflow and status code monitoring | Lax/ngx_http_accounting_module |
| HTTP Iconv | Converts character encodings | calio/iconv-nginx-module |
| Internal Redirect | A NGINX module for internal redirection | flygoast/ngx_http_internal_redirect/ |
| IP2Location | Identifies the country name/code of an IP address | chrislim2888/ip2location-nginx |
| Java | A module for embedding Clojure, Java, and Groovy programs | nginx-clojure/nginx-clojure |
| JavaScript | Embedding SpiderMonkey, a full port of Perl module, and more | peter-leonov/ngx_http_js_module#readme |
| Upstream Ketama CHash | Provides upstream load distribution by hashing a configurable variable | flygoast/ngx_http_upstream_ketama_chash/releases/ |
| LDAP Auth | LDAP module which supports authentication against multiple LDAP servers | kvspb/nginx-auth-ldap |
| Limit Upload Rate | Limit the transmission rate of request body from a client | cfsego/limit_upload_rate |
| Limit Upstream Connection | Limits the maximum connections to each server in a upstream | cfsego/nginx-limit-upstream/ |
| Log If | Log the requests only when given conditions are met | cfsego/ngx_log_if/ |
| Log ZMQ | Log the requests via ZeroMQ | alticelabs/nginx-log-zmq |
| Lower Upper Case | Provides upper/lowercase string functions in NGINX config files | replay/ngx_http_lower_upper_case |
| HTTP Lua | Embed the power of Lua into NGINX HTTP servers (OpenResty Official) | openresty/lua-nginx-module |
| Stream Lua | Embed the power of Lua into NGINX TCP servers (OpenResty Official) | openresty/stream-lua-nginx-module |
| Luafile | Embed the power of Lua into NGINX | alacner/nginx_lua_module |
| HTTP Lua Upstream | Make Nginx http upstream configurations scriptable by Lua | openresty/lua-upstream-nginx-module |
| MD5 Filter | Returns the MD5 sum of content that would’ve otherwise been served | kainswor/nginx_md5_filter |
| HTTP Memc | Extension of the standard memcached module | openresty/memc-nginx-module |
| ModSecurity | Web application firewall | spiderlabs/modsecurity/ |
| Mogilefs | Implements a MogileFS client | Download |
| Mongo | Upstream module for direct communication with MongoDB | simpl/ngx_mongo |
| MP4 Streaming Lite | Seeks time within H.264/MP4 files if a “start” parameter is in the URL | Download |
| mruby | Embedded mruby script language for nginx-module | matsumotory/ngx_mruby |
| Nchan | Pubsub server for Websockets, Long-Poll, EventSource etc. | slact/nchan |
| Naxsi | Web Application Firewall for NGINX | nbs-system/naxsi |
| nginx-ip-blocker | An efficient shared memory IP blocking system for nginx. | tmthrgd/nginx-ip-blocker |
| Notice | Serve static file to POST requests | kr/nginx-notice |
| OCSP proxy | OCSP processing module designed for response caching | kyprizel/nginx_ocsp_proxy-module |
| OpenSSL Version | OpenSSL minimum version constraints in configuration | apcera/nginx-openssl-version |
| Owner Match | Provides a simple file owner-based access control | Download |
| PageSpeed | Rewrites webpages and associated assets to reduce latency and bandwidth | pagespeed/ngx_pagespeed |
| PHP | Embedded php script language for nginx-module | rryqszq4/ngx_php |
| PHP Session Parser | Extract values that are stored in a serialized PHP session | replay/ngx_http_php_session |
| PHP-Memache Standard Hash | Load balancer that imitates the PHP-Memcache standard hash’s behaviour | replay/ngx_http_php_memcache_standard_balancer |
| POST authentication | Authentication and authorization via POST request and PAM | veruu/ngx_form_auth |
| Postgres | Allows NGINX to communicate directly with PostgreSQL database | Download |
| Pubcookie | Adds Pubcookie-based cross-site authentication method to NGINX | ivandeex/pubcookie |
| HTTP Push Stream | Turns NGINX into an adept stream HTTP Push server | wandenberg/nginx-push-stream-module |
| HTTP rDNS | Makes a reverse DNS lookup and provides control of incoming hostname | flant/nginx-http-rdns |
| RDS CSV | Helps ngx_drizzle, ngx_postgres, and others emit Comma-Separated Values | openresty/rds-csv-nginx-module |
| RDS JSON | Helps ngx_drizzle, ngx_postgres, and others emit JSON data | openresty/rds-json-nginx-module |
| HTTP Redis | Redis support module | Download |
| HTTP Redis2 | HTTP Upstream module for the full Redis 2.0 protocol | openresty/redis2-nginx-module |
| HTTP Tarantool | HTTP Upstream module for communicate with Tarantool DB | tarantool/nginx_upstream_module |
| Replace Filter | Performs regular expression substitutions on response bodies | openresty/replace-filter-nginx-module |
| Roboo | HTTP Robot Mitigator that integrates easily with NGINX | yuri-gushin/Roboo/downloads |
| RRD Graph | This module provides an HTTP interface to RRDtool’s graphing facilities | evanmiller/mod_rrd_graph |
| RTMP | RTMP protocol support. Live streaming and video on demand | arut/nginx-rtmp-module |
| RTMPT module | Proxy RTMP packages using stadard HTTP requests | kwojtek/nginx-rtmpt-proxy-module |
| Sass | Compiles SASS files in NGINX before sending the response | mneudert/sass-nginx-module |
| Secure Download | Create expiring links | replay/ngx_http_secure_download |
| Selective Cache Purge | A cache purge module that allows GLOB expressions like .jpg or /test | wandenberg/nginx-selective-cache-purge-module |
| Set CConv | Conversion between Simplified and Traditional Chinese at rewrite phase | liseen/set-cconv-nginx-module |
| Set Hash | Set a variable to hash functions, including MD5, SHA1 and Murmurhash 2 | simpl/ngx_http_set_hash |
| Set Lang | Set a variable to indicate the language based on a variety of sources | simpl/ngx_http_set_lang/downloads |
| HTTP Set Misc | Various set_xxx directives added to NGINX’s rewrite module | openresty/set-misc-nginx-module |
| sFlow | Operational performance monitoring with standard sFlow protocol | Download |
| Shibboleth Auth | Perform authorization based on subrequest to Shibboleth FastCGI app | nginx-shib/nginx-http-shibboleth |
| Slice | NGINX module for serving a file in slices (reverse byte-range) | alibaba/nginx-http-slice |
| SlowFS Cache | Adds ability to cache static files | Download |
| SmallLight | Dynamic Image Transformation Module For NGINX | cubicdaiya/ngx_small_light |
| SOCKS | SOCKS5 proxy module for NGINX | dannote/socks-nginx-module |
| Sorted Querystring | Expose a variable with the parameters ordered to be used as a cache_key | wandenberg/nginx-sorted-querystring-module |
| Sphinx | NGINX upstream module for Sphinx 2.x | reeteshranjan/sphinx2-nginx-module |
| SPNEGO | Support for SPNEGO/gssapi in NGINX | stnoonan/spnego-http-auth-nginx-module |
| HTTP SRCache | Transparent subrequest-based caching layout for NGINX locations | openresty/srcache-nginx-module |
| SSSD info | Retrieves and exposes additional user attributes from SSSD | veruu/ngx_sssd_info |
| Static etags | Generates etags for static content | mikewest/nginx-static-etags |
| Statsd | Adds the ability for NGINX to interacting with Statsd | zebrafishlabs/nginx-statsd |
| Sticky upstream | Adds an upstream server persistance using cookies | nginx-goodies/nginx-sticky-module-ng/get/master.tar.gz |
| STS | A stream traffic status module | vozlt/nginx-module-sts |
| Subrange | Split one big HTTP/Range request to multiple subrange requesets | Qihoo360/ngx_http_subrange_module |
| Substitutions | Performs regular expression and string substitutions on response bodies | yaoweibin/ngx_http_substitutions_filter_module |
| Summarizer | An upstream module for Summarizer 1.0 | reeteshranjan/summarizer-nginx-module |
| Supervisord | Communicate with supervisord and manage backends on-demand | Download |
| Sync Upstreams | Syncing upstreams from etcd or consul, needn’t reload nginx(HTTP Module) | weibocom/nginx-upsync-module |
| Sync Upstreams | Syncing upstreams from etcd or consul, needn’t reload nginx(TCP Module) | xiaokai-wang/nginx-stream-upsync-module |
| SysGuard | A module to protect the system against too high load | vozlt/nginx-module-sysguard |
| TCP Proxy | TCP proxy with NGINX, includes health check and status monitor | yaoweibin/nginx_tcp_proxy_module |
| TestCookie module | Simple robot (DDoS) mitigation module | kyprizel/testcookie-nginx-module |
| Types Filter | Changes the Content-Type output header on specified conditions | flygoast/ngx_http_types_filter |
| UnZip | serve file directly from the archives | youzee/nginx-unzip-module |
| Upload | Handles file uploads using multipart/form-data encoding (RFC 1867) | vkholodkov/nginx-upload-module |
| NGINX Upload Progress Module | Tracks and reports upload progress | masterzen/nginx-upload-progress-module |
| Url | A module to convert uri to user-defined encoding | vozlt/nginx-module-url |
| User Agent | A more powerful module than the native BrowserModule | alibaba/nginx-http-user-agent |
| Video Thumb Extractor | NGINX module to extract thumbs from a video file | wandenberg/nginx-video-thumbextractor-module |
| VOD | Repackage MP4 files for streaming in HLS, HDS, MSS and DASH | kaltura/nginx-vod-module |
| VTS | A virtual host and upstream traffic status module | vozlt/nginx-module-vts |
| XSS | Native support for cross-site scripting (XSS) | openresty/xss-nginx-module |
| Zip | Assemble ZIP archives on the fly | evanmiller/mod_zip |
4. 配置简介
- 配置文件基本结构
main
http {
upstream {
...
}
server {
listen IP:PORT;
location /URL {
if ... {
...
}
root "/path/to/somewhere";
...
}
}
server {
...
}
}
mail {
...
}
- 配置语法格式
- 配置指令要以分号结尾
- directive value1 [value2...];
- 支持使用变量
- 模块内置变量
- 自定义变量set var_name value
5. 官方模块
模块相关参考链接:扣扣的小木屋 > 使用 Nginx 实现 TCP 反向代理 > 使用 Nginx 实现 UDP 反向代理 > 使用 Nginx 自带 Realip 模块获取用户真实 IP 地址
| 模块名称 | 提供什么功能或服务 | 模块常用指令 |
|---|---|---|
| ngx_http_access_module | 该模块允许或禁止某些客户端地址才能访问特点服务 | allow、deny |
| ngx_http_auth_basic_module | 该模块允许通过使用HTTP Basic Authentication协议验证用户名和密码来限制对资源的访问;访问也可以通过密码、子请求的结果或JWT来限制(由其他模块提供) | auth_basic、auth_basic_user_file |
| ngx_http_auth_jwt_module | 该模块通过使用指定的键验证提供的JSON Web令牌(JWT)来实现客户端授权;该模块可用于OpenID Connect身份验证 | - |
| ngx_http_auth_request_module | 该模块根据子请求的结果实现客户端授权;如果子请求返回2xx响应代码便允许访问,如果它返回401或403便拒绝访问相应的错误代码,子请求返回的任何其他响应代码被视为错误;此模块不是默认构建的,应使用--with-http_auth_request_module配置参数启用;模块可以与其他访问模块组合,但需要通过allocate指令 | auth_request、auth_request_set |
| ngx_http_addition_module | 该模块是一个在响应之前和之后添加文本的过滤器;此模块不是默认构建的,应使用--with-http_addition_module配置参数启用 | - |
| ngx_http_autoindex_module | 该模块处理以斜杠字符(/)结尾的请求并生成目录列表;通常,当ngx_http_index_module模块找不到索引文件时,会将请求传递给ngx_http_autoindex_module模块 | autoindex、autoindex_exact_size、autoindex_format、autoindex_localtime |
| ngx_http_browser_module | 该模块创建的变量的值取决于User-Agent请求头字段的值;$modern_browser、$ancient_browser和$msie变量 | ancient_browser、ancient_browser_value、modern_browser、modern_browser_value |
| ngx_http_dav_module | 该模块是为通过WebDAV协议自动管理文件而设计的;该模块处理HTTP和WebDAV的请求方法PUT、DELETE、MKCOL、COPY和MOVE;此模块不是默认构建的,应使用--with-http_dav_module配置参数启用 | - |
| ngx_http_empty_gif_module | 该模块会发出单像素透明GIF | - |
| ngx_http_f4f_module | 该模块为Adobe HTTP动态流(HDS)提供服务器端支持 | - |
| ngx_http_flv_module | 该模块为Flash视频(FLV)文件提供虚拟流服务器端支持;此模块不是默认构建的,应使用--with-http_flv_module配置参数启用 | - |
| ngx_http_geo_module | 该模块根据客户端IP地址创建具有值的变量 | - |
| ngx_http_geoip_module | 该模块使用预编译的MaxMind数据库创建具有取决于客户端IP地址的值的变量;此模块需要MaxMind GeoIP库;此模块不是默认构建的,应使用--with-http_geoip_module配置参数启用 | - |
| ngx_http_gzip_module | 该模块是一个使用gzip方法压缩响应的过滤器;这通常有助于将传输数据的大小减少一半或更多 | gzip、gzip_buffers、gzip_comp_level、gzip_disable、gzip_min_length、gzip_http_version、gzip_proxied、gzip_types、gzip_vary |
| ngx_http_gzip_static_module | 该模块允许发送带有.gz文件扩展名的预压缩文件而不是常规文件;此模块不是默认构建的,应使用--with-http_gzip_static_module配置参数启用 | gzip_static |
| ngx_http_gunzip_module | 该模块是一个过滤器,用于对不支持gzip编码方法的客户端使用Content-Encoding:gzip解压缩响应;当希望存储压缩的数据以节省空间并降低I/O成本时,该模块将是有用的;此模块不是默认构建的,应使用--with-http_gunzip_module配置参数启用 | gunzip、gunzip_buffers |
| ngx_http_headers_module | 该模块允许将Expires和Cache-Control报头字段和任意字段添加到响应标头 | add_header、expires |
| ngx_http_image_filter_module | 该模块是一个以JPEG、GIF、PNG和WebP格式转换图像的过滤器;此模块使用libgd库,建议使用库的最新可用版本;此模块不是默认构建的,应使用--with-http_image_filter_module配置参数启用 | image_filter、image_filter_buffer、image_filter_interlace、image_filter_jpeg_quality |
| ngx_http_index_module | 该模块处理以斜杠字符/结尾的请求;这些请求也可以由ngx_http_autoindex_module和ngx_http_random_index_module模块处理 | index、ngx_http_js_module |
| ngx_http_limit_conn_module | 该模块用于限制每个定义的键的请求连接数,特别是来自单个IP地址的连接数,并非所有连接都被计数;只有当连接具有由服务器处理的请求并且整个请求头已经被读取时,才对连接进行计数 | limit_conn、limit_conn_log_level、limit_conn_status、limit_conn_zone |
| ngx_http_limit_req_module | 该模块用于限制每个定义的键的请求处理速率,特别是来自单个IP地址的请求的处理速率;使用leaky bucket方法进行限制 | limit_req、limit_req_log_level、limit_req_status、limit_req_zone |
| ngx_http_map_module | 该模块创建变量的值取决于其他变量的值 | - |
| ngx_http_memcached_module | 该模块从memcached服务器获取响应;键在$memcached_key变量中设置;应该通过nginx外部的方式预先将响应放在memcached中 | - |
| ngx_http_mp4_module | 该模块为MP4文件提供伪流式服务器端支持;此类文件通常具有.mp4、.m4v或.m4a文件扩展名 | - |
| ngx_http_perl_module | 该模块用于在Perl中实现位置和变量处理程序,并将Perl调用插入到SSI中;此模块不是默认构建的,应使用--with-http_perl_module配置参数启用 | |
| ngx_http_random_index_module | 该模块处理以斜杠字符(/)结尾的请求,并选择目录中的随机文件作为索引文件; 模块在ngx_http_index_module模块之前处理;此模块不是默认构建的,应使用--with-http_random_index_module配置参数启用 | random_index |
| ngx_http_realip_module | 该模块用于将客户端地址和可选端口更改为在指定的头字段中发送的端口;此模块不是默认构建的,应使用--with-http_realip_module配置参数启用 | real_ip_header、real_ip_recursive |
| ngx_http_referer_module | 该模块用于阻止对Referer头字段中具有无效值的请求对站点的访问;应该记住,使用适当的Referer字段值来构造请求是非常容易的,因此该模块的预期目的不是彻底阻止这种请求,而是阻止普通浏览器发送的请求的大量流动;还应该考虑到,即使对于有效的请求,常规浏览器也可能不发送Referer字段。 | referer_hash_bucket_size、referer_hash_max_size、valid_referers |
| ngx_http_rewrite_module | 该模块用于使用PCRE正则表达式更改请求URI,返回重定向并有条件地选择配置 | break、if、return、rewrite、rewrite_log、set、uninitialized_variable_warn |
| ngx_http_scgi_module | 该模块允许将请求传递到SCGI服务器 | - |
| ngx_http_secure_link_module | 该模块用于检查请求的链接的真实性,保护资源免受未经授权的访问,并限制链接的生存期;此模块不是默认构建的,应使用--with-http_secure_link_module配置参数启用 | - |
| ngx_http_session_log_module | 该模块启用日志记录会话(即多个HTTP请求的聚合),而不是单个HTTP请求;此模块可作为商业版本的一部分 | - |
| ngx_http_slice_module | 该模块是一个将请求拆分为子请求的过滤器,每个返回一定范围的响应,过滤器提供更有效的缓存大响应;此模块不是默认构建的,应使用--with-http_slice_module配置参数启用 | - |
| ngx_http_split_clients_module | 该模块创建适合A/B测试的变量,也称为拆分测试 | split_clients |
| ngx_http_ssi_module | 该模块是一个过滤器,用于处理通过它的响应中的SSI(服务器端包含)命令;目前,支持的SSI命令列表不完整 | |
| ngx_http_ssl_module | 该模块为HTTPS提供必要的支持;此模块不是默认构建的,应使用--with-http_ssl_module配置参数启用 | ssl、ssl_buffer_size、ssl_certificate、ssl_certificate_key、ssl_ciphers、ssl_client_certificate、ssl_password_file |
| ngx_http_status_module | 该模块提供对基本状态信息的访问;此模块不是默认构建的,应使用--with-http_stub_status_module配置参数启用 | stub_status |
| ngx_http_sub_module | 该模块是一个过滤器,通过用另一个替换一个指定的字符串来修改响应;此模块不是默认构建的,应使用--with-http_sub_module配置参数启用 | sub_filter、sub_filter_last_modified、sub_filter_once |
| ngx_http_userid_module | 该模块设置适合客户端标识的cookie;接收和设置的Cookie可以使用嵌入式变量$uid_got和$uid_set记录;此模块与Apache的mod_uid模块兼容 | userid、userid_domain、userid_expires、userid_name、userid_path |
| ngx_http_v2_module | 该模块提供对HTTP/2的支持,并取代ngx_http_spdy_module模块;此模块不是默认构建的,应使用--with-http_v2_module配置参数启用 | - |
| ngx_http_xslt_module | 该模块是一个过滤器,它使用一个或多个XSLT样式表转换XML响应;此模块需要libxml2和libxslt库;此模块不是默认构建的,应使用--with-http_xslt_module配置参数启用 | xml_entities、xslt_last_modified、xslt_param |
| ngx_http_charset_module | 该模块添加指定的字符集的Content-Type响应标头字段 | charset、charset_map、charset_types |
| ngx_http_hls_module | 该模块提供HTTP流媒体直播(HLS)服务器端支持MP4和MOV媒体文件;这些文件通常有.mp4、.m4v、.m4a、.mov或.qt文件名扩展 | hls |
| ngx_http_js_module | 该模块用于实现nginScript程序的处理 | js_include、js_content |
| ngx_http_keyval_module | 该模块创建变量值从键值对管理的 API | keyval、keyval_zone |
| ngx_http_log_module | 该模块用于定义请求日志格式 | access_log、log_format、open_log_file_cache |
| ngx_http_memcached_module | 该模块是用于获得从memcached服务器响应;关键是在$memcached_key变量中设置 | memcached_bind、memcached_buffer_size |
| ngx_http_mirror_module | 利用mirror模块,业务可以将线上实时访问流量拷贝至其他环境,基于这些流量可以做版本发布前的预先验证,进行流量放大后的压测等等 | mirror |
| ngx_http_upstream_module | 该模块设置负载均衡 | upstream、server |
| ngx_http_uwsgi_module | 该模块提供对Python动态内容的支持 | uwsgi_pass、uwsgi_cache |
| ngx_stream_core_module | 该模块支持TCP协议/UDP协议的代理和负载均衡,即四层模型的支持 | server、listen |
