在configurationDrupal和nginx一起工作之后,我想出了一个网站的下面的configuration。 它运行良好,无论是私人和公共文件系统。 然而,因为我对nginx相当陌生,所以我想听听是否有这样的configuration,我应该改变(为
请注意! 我的目标是获得有关通用Drupalconfiguration的反馈。 也就是说,其他正在尝试Drupal + nginx的configuration可以“复制粘贴”来启动和运行。
更新1:我(希望)稍微改进了configuration文件,并且添加了描述性注释来解释文件的各个部分在做什么。 根据input,我也启用了“open_file_cache”指令。
/etc/nginx/nginx.conf(部分)
# Cache information about local files. open_file_cache max=1000 inactive=3600s; open_file_cache_errors on; open_file_cache_min_uses 3; open_file_cache_valid 1800s; /etc/nginx/sites-available/example.conf
server { listen 80; server_name ~^(www\.)?((example|example-web).+)$; access_log /home/example/www/logs/access.log; error_log /home/example/www/logs/error.log; root /home/example/www/public_html; # Do not log events related to 'favicon.ico'. location = /favicon.ico { log_not_found off; access_log off; } # Do not log events related to 'robots.txt'. location = /robots.txt { allow all; log_not_found off; access_log off; } # Do not allow access to certain file types from outside the # network, regardless of their location in the file system. location ~* \.(txt|log|htaccess|htpassword)$ { allow 10.0.0.0/8; allow 172.16.0.0/12; allow 192.168.0.0/16; deny all; } # Requests are by default rewritten as defined in the @rewrite # location location / { try_files $uri @rewrite; } # The path '/system/files' is a virtual path managed by Drupal, # and thus needs to be handled by Drupal. Logging is disabled # for these requests, and server response is set to expire # after 7 days. location ~* /system/files/ { try_files $uri @rewrite; expires 7d; access_log off; } # Images and static content, which is defined as specific file # types, will be served directly by Nginx. These requests will # not be logged, and is set to expire after 30 days. location ~* \.(jpg|jpeg|gif|css|png|js|ico|xml)$ { access_log off; expires 30d; } # All requests are handled by index.php, and we need to make # sure that this still happens even if the site runs with clean # urls enabled. location @rewrite { rewrite_log on; rewrite ^/(.*)$ /index.php?q=$1; } # Delegate handling of '.php' files to PHP. location ~ \.php$ { fastcgi_split_path_info ^(.+\.php)(.*)$; fastcgi_pass unix:/var/run/example.sock; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; include fastcgi_params; fastcgi_param QUERY_STRING $query_string; fastcgi_param REQUEST_METHOD $request_method; fastcgi_param CONTENT_TYPE $content_type; fastcgi_param CONTENT_LENGTH $content_length; fastcgi_intercept_errors on; fastcgi_ignore_client_abort off; fastcgi_connect_timeout 60; fastcgi_send_timeout 180; fastcgi_read_timeout 180; fastcgi_buffer_size 128k; fastcgi_buffers 4 256k; fastcgi_busy_buffers_size 256k; fastcgi_temp_file_write_size 256k; } }
这个configuration应该工作。 但是,为什么你应该对哼唱,当你可以用nginx尖叫呢! 您应该考虑添加以下指令以提高性能这里有一个全面的Nginx.conf,您可以select和select指令,并查看哪些工作适合您。 大多数应该工作,因为这个configuration是为静态HTML文件提供服务。 你可能想把服务器块和它的指令放在你的default.conf和nginx.conf中的nginx指令中,因为这两个指令都在一个nginx.conf中,不像你上面的configuration:
worker_processes 3; #worker_rlimit_nofile 1024; events { worker_connections 64; } http { ## Size Limits #client_body_buffer_size 8k; #client_header_buffer_size 1k; #client_max_body_size 1m; #large_client_header_buffers 4 4k/8k; ## Timeouts #client_body_timeout 60; #client_header_timeout 60; keepalive_timeout 300 300; #send_timeout 60; ## General Options charset utf-8; default_type application/octet-stream; ignore_invalid_headers on; include /etc/mime.types; keepalive_requests 20; #keepalive_disable msie6; max_ranges 0; #open_file_cache max=1000 inactive=1h; #open_file_cache_errors on; #open_file_cache_min_uses 3; #open_file_cache_valid 1m; postpone_output 1460; recursive_error_pages on; reset_timedout_connection on; sendfile on; server_tokens off; #server_name_in_redirect on; source_charset utf-8; #tcp_nodelay on; #tcp_nopush off; ## Request limits limit_req_zone $binary_remote_addr zone=gulag:1m rate=60r/m; ## Compression gzip on; gzip_static on; #gzip_buffers 16 8k; #gzip_comp_level 1; #gzip_http_version 1.0; #gzip_min_length 0; #gzip_types text/plain text/html text/css image/x-icon image/bmp; gzip_vary on; ## Log Format log_format main '$remote_addr $host $remote_user [$time_local] "$request" $status $body_bytes_sent "$http_referer" "$http_user_agent" $ssl_cipher $request_time'; ## Deny access to any host other than (www.)mydomain.com. Only use this ## option is you want to lock down the name in the Host header the client sends. # server { # server_name _; #default # return 444; # } ## Server (www.)mydomain.com server { add_header Cache-Control public; access_log /var/log/nginx/access.log main buffer=32k; error_log /var/log/nginx/error.log error; expires max; limit_req zone=gulag burst=200 nodelay; listen 127.0.0.1:80; root /htdocs; server_name mydomain.com www.mydomain; ## Note: if{} sections are expensive to process. Please only use them if you need them ## and take a look lower down on the page for our discussion of if{} statements. ## Only allow GET and HEAD request methods. By default Nginx blocks ## all requests type other then GET and HEAD for static content. # if ($request_method !~ ^(GET|HEAD)$ ) { # return 405; # } ## Deny illegal Host headers. # if ($host !~* ^(mydomain.com|www.mydomain.com)$ ) { # return 405; # } ## Deny certain User-Agents (case insensitive) ## The ~* makes it case insensitive as opposed to just a ~ # if ($http_user_agent ~* (Baiduspider|Jullo) ) { # return 405; # } ## Deny certain Referers (case insensitive) ## The ~* makes it case insensitive as opposed to just a ~ # if ($http_referer ~* (babes|click|diamond|forsale|girl|jewelry|love|nudit|organic|poker|porn|poweroversoftware|sex|teen|video|webcam|zippo) ) { # return 405; # } ## Redirect from www to non-www # if ($host = 'www.mydomain.com' ) { # rewrite ^/(.*)$ http://mydomain.com/$1 permanent; # } ## Stop Image and Document Hijacking location ~* (\.jpg|\.png|\.css)$ { if ($http_referer !~ ^(http://mydomain.com) ) { return 405; } } ## Restricted Access directory by password in the access_list file. location ^~ /secure/ { allow 127.0.0.1/32; allow 10.10.10.0/24; deny all; auth_basic "RESTRICTED ACCESS"; auth_basic_user_file /var/www/htdocs/secure/access_list; } ## Only allow these full URI paths relative to document root. If you only want ## to reference the file name use $request_filename instead of $request_uri. By default ## nginx will only serve out files in "root /htdocs;" defined above so this block is not needed, just an example. # if ($request_uri ~* (^\/|\.html|\.jpg|\.org|\.png|\.css|favicon\.ico|robots\.txt)$ ) { # break; # } # return 405; ## Serve an empty 1x1 gif _OR_ an error 204 (No Content) for favicon.ico location = /favicon.ico { #empty_gif; return 204; } ## System Maintenance (Service Unavailable) if (-f $document_root/system_maintenance.html ) { error_page 503 /system_maintenance.html; return 503; } ## All other errors get the generic error page error_page 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 495 496 497 500 501 502 503 504 505 506 507 /error_page.html; location /error_page.html { internal; } } }
您通常应该使用Yslow或Page速度来validation结果,以跟踪您的进度。 如果您正在尝试实现优化,则使用负载testing。 祝你好运!