和客户端请求相关的配置:

12、keepalive_timeout timeout [header_timeout];

       设定保持连接的超时时长,0表示禁止长连接 ;默认为75s;

                           

13、keepalive_requests number;

       在一次长连接上所允许请求的资源的最大数量,默认为100;

                           

14、keepalive_disable none | browser ...;

       对哪种浏览器禁用长连接;

                           

15、send_timeout time;

       向客户端发送响应报文的超时时长; 特别地,是指两次写操作之间的间隔时长;

                    

16、client_body_buffer_size size;

       用于接收客户端请求报文的body部分的缓冲区大小;默认为16k;超时此大小时,其将被暂存到磁盘上;

                           

17、client_body_temp_path path [level1 [level2 [level3]]];

       设定用于存储客户端请求报文的body部分的临时存储路径及子目录结构和数量;

                           

       /var/tmp/body  2 1 2

              00-ff

*******************************************************************

对客户的请求进行限制的相关配置:

18、limit_rate rate;

       限制响应给客户端的传输速率,单位是bytes/second,0表示无限制;

                           

19、limit_except method ... { ... };

       限制对指定的请求方法之外的其它方法的使用客户端;

                           

       limit_except GET POST {

              allow  172.18.0.0/16;

              deny all;

       }

                           

       表示除了GET和POST之外的其它方法仅允许172.18.0.0/16中的主机使用;

******************************************************************

              文件操作优化的配置:

                     20、aio on | off | threads[=pool];

                            是否启用aio功能;(异步传输功能) 异步传输时线程池的大小

                           

                     21、directio size | off;  设定直接io的大小 或关闭

直接io:写时 数据不在内存中缓存而直接写入磁盘

                           

                     22、open_file_cache off;

                            open_file_cache max=N [inactive=time];

                                   nginx可以缓存以下三种信息:

                                          (1) 文件的描述符、文件大小和最近一次的修改时间;

                                          (2) 打开的目录的结构;

                                          (3) 没有找到的或者没有权限访问的文件的相关信息;

                                         

                                   max=N:可缓存的缓存项上限;达到上限后会使用LRU算法实现缓存管理;

                                  

                                   inactive=time:缓存项的超时时长,在此处指定的时长内未被命中的缓存项即为非活动项;

                                  

                     23、open_file_cache_errors on | off;

                            是否缓存查找时发生错误的文件一类的信息;

                           

                     24、open_file_cache_min_uses number;

                            在open_file_cache指令的inactive参数指定的时长内,至少命中此处指定的次数方可不被归类到非活动项;

                           

                     25、open_file_cache_valid time;

                            缓存项有效性的检查频率;默认是60s;

************************************

模块相关:

ngx_http_access_module模块:

                     实现基于ip的访问控制功能;

                    

                     26、allow address | CIDR | unix: | all;

                     27、deny address | CIDR | unix: | all;

                     可用上下文:http, server, location, limit_except

************************************

              ngx_http_auth_basic_module模块:

                     28、auth_basic string | off;

                            使用basic机制进行用户认证;

                           

                     29、auth_basic_user_file file;

                            认证用的账号密码文件;                           

                            文件格式:

                                   name:password:commet                                  

                            密码格式:

                                   htpasswd命令;httpd提供

                                  

                                   location /admin/ {

                                   auth_basic "Admin Area";

                                   auth_basic_user_file /etc/nginx/.ngxpasswd;

                                   }

************************************

              ngx_http_stub_status_module模块:(需要自定义location)

                     用于输出nginx的基本状态信息;

                    

                     Active connections: 1

                     server accepts handled requests

                     155 155 298

                     Reading: 0 Writing: 1 Waiting: 0              

                    

                     Active connections:  处于活动状态的客户端连接的数量;

                     accepts:已经接受的客户端请求的总数;

                     handled:已经处理完成的客户端请求的总数;

                     requests:客户端发来的总的请求数;

                     Reading:处于读取客户端请求报文首部的连接数;

                     Writing:处于向客户端发送响应报文过程中的连接数;

                     Waiting:处于等待客户端发出请求的空闲连接数;

Location /status {

Stub_status;

}

************************************

       ngx_http_referer_module模块:

                     The ngx_http_referer_module module is used to block access to a site for requests with invalid values in the “Referer” header field.

                    

                     30、valid_referers none | blocked | server_names | string ...;

                            定义合法的referer数据;

                           

                            none:请求报文首部没有referer首部;

                            blocked:请求报文的referer首部没有值;

                            server_names:其值是主机名;

                            arbitrary string:直接字符串,可以使用*作为通配符;

                            regular expression:被指定的正则表达式模式匹配到的字符串;要使用~起始;

                           

                            valid_referers none blocked server_names *.magedu.com magedu.* ~\.magedu\.;

                           

                            if ($invalid_referer) {

                                   return 403;

                            }             

************************************

************************************

************************************

************************************

************************************