使用oneinstack安装LNMP环境,由于默认是缺少两个模块的,所以需要我们编译一下nginx;
首先查看一下nginx -V;
然后git clone https://github.com/yaoweibin/ngx_http_substitutions_filter_module.git 或者wget -O ngx_http_substitutions_filter_module-master.zip https://github.com/yaoweibin/ngx_http_substitutions_filter_module/archive/master.zip 下载下来;
先找到Ngnix的源码包,并解压 cd /root/oneinstack/src/ tar zxf nginx-1.15.tar.gz;解压相应的包。
然后cd nginx-1.15; ./configure –prefix=/usr/local/nginx –user=www –group=www –with-http_stub_status_module –with-http_v2 _module –with-http_ssl_module –with-http_gzip_static_module –with-http_realip_module –with-http_flv_module –wi th-http_mp4_module –with-openssl=../openssl-1.1.1b –with-pcre=../pcre-8.42 –with-pcre-jit –with-ld-opt=-ljemall oc –with-http_sub_module –add-module=/root/ngx_http_substitutions_filter_module-master
make,开始替换编译;
service nginx stop 停止nginx ;
cp /usr/local/nginx/sbin/nginx /usr/local/nginx/sbin/nginx.bak 备份nginx;
cp ./objs/nginx /usr/local/nginx/sbin/ 覆盖nginx;
service nginx start 启动nginx 这样就完成nginx的模块添加 接下来就是镜像网站了.
分两种情况,一种http协议的,一种https协议的; http协议的比较简单 HTTP 镜像适用于:
添加虚拟主机时选择不启用 SSL 证书,并且被镜像的域名也没有启用 SSL 证书 打开/usr/local/nginx/conf/vhost 新建abc.com.conf vim abc.com.conf,把以下内容复制到 abc.com.conf
server { listen 80; server_name bbbbb.com;
if ($http_user_agent ~* (baiduspider|360spider|haosouspider|googlebot|soso|bing|sogou|yahoo|sohu-search|yodao|YoudaoBot|robozilla|msnbot|MJ12bot|NHN|Twiceler)) { return 403; }
location / {
sub_filter 被复制的网址.com abc.com;
sub_filter_once off;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Referer http://被复制的网址.com;
proxy_set_header Host 被复制的网址.com;
proxy_pass http://被复制的网址.com;
proxy_set_header Accept-Encoding "";
}
}
最后执行:service nginx restart 重启nginx,使其生效。
另外一种是https镜像的; HTTPS 镜像适用于:添加虚拟主机时选择启用SSL证书,并且被镜像的域名也启用了SSL证书 ;
cd /usr/local/nginx/conf/vhost vim abc.com.conf(创建一个网站conf),
根本具体的情况修改:
server {
listen 80; listen 443 ssl http2;
ssl_certificate /usr/local/nginx/conf/ssl/www.abc.com.crt;
ssl_certificate_key /usr/local/nginx/conf/ssl/www.abc.com.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
ssl_ciphers TLS13-AES-256-GCM-SHA384:TLS13-CHACHA20-POLY1305-SHA256:TLS13-AES-128-GCM-SHA256:TLS13-AES-128-CCM-8-SHA256:TLS13-AES-128-CCM-SHA256:EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
ssl_prefer_server_ciphers on;
ssl_session_timeout 10m;
ssl_session_cache builtin:1000 shared:SSL:10m;
ssl_buffer_size 1400;
add_header Strict-Transport-Security max-age=15768000;
ssl_stapling on;
ssl_stapling_verify on;
server_name www.abc.com abc.com;
access_log /data/wwwlogs/www.abc.com_nginx.log combined;
index index.html index.htm index.php;
root /data/wwwroot/www.abc.com;
if ($ssl_protocol = "") { return 301 https://$host$request_uri; }
if ($host != www.abc.com) { return 301 $scheme://www.abc.com$request_uri; }
include /usr/local/nginx/conf/rewrite/abc.com.conf;
#error_page 404 /404.html; #error_page 502 /502.html;
if ($http_user_agent ~* (baiduspider|360spider|haosouspider|googlebot|soso|bing|sogou|yahoo|sohu-search|yodao|YoudaoBot|robozilla|msnbot|MJ12bot|NHN|Twiceler)) { return 403; }
location / {
sub_filter www.被复制的网址.com www.abc.com;
sub_filter_once off;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Referer https://www.被复制的网址.com;
proxy_set_header Host www.被复制的网址.com;
proxy_pass https://www.被复制的网址.com;
proxy_set_header Accept-Encoding "";
}
}