1. Persisting Firewall Port Rules When exposing services to external traffic, port configurations must survive system reboots. Using firewalld, rules are applied to the runtime environment by default. To make them permanent, append the --permanent flag: sudo firewall-cmd --zone=public --add-port=808...
One-Way TLS Authentication In one-way TLS, only the client verifies the server's identity. The server presents its certificate, the client validates it, and a secure session is established without the server checking the client's certificate. This is typical for public websites. The handshake procee...
Setting Up the Nginx Environment This setup uses CentOS 7 with properly configured yum repositories. For those needing repository configuration, the Alibaba Cloud mirror site provides necessary resources. Begin by creating and navigating to the Nginx directory: mkdir -p /soft/nginx cd /soft/nginx Do...
Installing and Starting Nginx Install the Nginx package using yum: sudo yum install nginx -y Start the Nginx service: sudo systemctl start nginx Enable Nginx to start on system boot: sudo systemctl enable nginx Verifying Service Status Check the current status of the Nginx service: sudo systemctl st...
Default Nginx Configuration To examine the default configuration files for Nginx, inspect /etc/nginx/nginx.conf. The end of this file typically includes directives that load all .conf file from /etc/nginx/conf.d/. Check the contents of /etc/nginx/conf.d/: ls /etc/nginx/conf.d/ By default, two config...
Nginx is a lightweight, high-performance web server and reverse proxy server developed by Igor Sysoev from Russia. It excels in handling high concurrency, with reports indicating support for up to 50,000 simultaneous connections. Nginx Features Nginx is widely adopted in internet projects due to sev...
Nginx Built-in Modules --prefix=/usr/local/nginx # Installation directory --sbin-path=/usr/local/nginx/sbin/nginx # Binary executable path --conf-path=/usr/local/nginx/conf/nginx.conf # Configuration file path --error-log-path=/var/log/nginx/error.log # Error log location --pid-path=/var/run/nginx.p...
To create a lightweight Docker image based on Alpine Linux that includes Nginx and PHP-FPM (an LNP stack), start by defining a base PHP layer. For compatibility with legacy applications, use PHP 5.6 on Alpine 3.3: # php5.dockerfile FROM alpine:3.3 ENV TIMEZONE=Asia/Shanghai \ PHP_MEMORY_LIMIT=512M \...
Rate Limiting Nginx provides two distinct types of rate limiting mechanisms: Connection frequency control via limit_conn_module Request frequency control via limit_req_module HTTP Connection vs Request Behavior HTTP operates over TCP, requiring a three-way handshake before data transfer begins. Once...
Virtual Host Setup Each server block in Nginx represents a virtual host. Valid configurations include same port/different domain or same domain/different port. Nginx’s default main configuration includes all .conf files under conf.d via include /usr/local/nginx/conf.d/*.conf;. Create a new file ther...