CentOS 8 Nginx 配置(限流 + 反向代理)
检查配置与路径
nginx -t # 检查配置文件语法
# 服务目录:/opt/nginx
# 配置文件:/etc/nginx/nginx.conf
主配置 nginx.conf(含限流区)
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;
include /usr/share/nginx/modules/*.conf;
events {
worker_connections 1024;
}
http {
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
# 限流区:每 IP 每秒 60 个请求
limit_req_zone $binary_remote_addr zone=one:10m rate=60r/s;
include /etc/nginx/conf.d/*.conf; # 统一管理 server 配置
}
反向代理 server 示例(conf.d/*.conf)
server {
listen 80;
server_name <你的域名>;
location / {
limit_req zone=one burst=5 nodelay;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Range $http_range;
proxy_set_header If-Range $http_if_range;
proxy_redirect off;
proxy_pass http://127.0.0.1:1208;
client_max_body_size 307200m; # 上传文件大小上限
}
}
静态站点 server 示例(含 COOP/COEP 头)
server {
listen 8999;
server_name 127.0.0.1;
access_log /var/log/nginx/usd.access.log main;
location / {
root /usr/share/nginx/html/usd/dist;
index index.html index.htm;
add_header 'Cross-Origin-Embedder-Policy' 'require-corp';
add_header 'Cross-Origin-Opener-Policy' 'same-origin';
}
}
原文链接:https://www.ssssmy.com/notes/centos-8-nginx-pei-zhi-xian-liu-fan-xiang-dai-li