NGINX升级
yum版nginx
备份现有的配置文件
yum安装的默认在/ect/nginx 目录,安全旗舰将整个目录备份到其它文件夹中。
yum安装版升级
查看nginx当前版本
当前的版本是1.20.1。
[root@localhost ~]# nginx -v
nginx version: nginx/1.20.1将nginx升级到1.24版本
1,首先下载需要的rmp包 https://nginx.org/packages/centos/7/x86_64/RPMS/
2,将rpm包上传到服务器,进行本机安装。
rpm -ivh nginx-1.24.0-1.el7.ngx.x86_64.rpm这里nginx-1.24.0-1.el7.ngx.x86_64.rpm需要指定具体路径。
可能出现文件冲突的错误:
[root@localhost ~]# rpm -ivh nginx-1.24.0-1.el7.ngx.x86_64.rpm
Preparing... ################################# [100%]
file /usr/sbin/nginx from install of nginx-1:1.24.0-1.el7.ngx.x86_64 conflicts with file from package nginx-1:1.20.1-1.el7.ngx.x86_64
file /etc/nginx/mime.types from install of nginx-1:1.24.0-1.el7.ngx.x86_64 conflicts with file from package nginx-1:1.20.1-1.el7.ngx.x86_64
file /usr/libexec/initscripts/legacy-actions/nginx/check-reload from install of nginx-1:1.24.0-1.el7.ngx.x86_64 conflicts with file from package nginx-1:1.20.1-1.el7.ngx.x86_64
file /usr/libexec/initscripts/legacy-actions/nginx/upgrade from install of nginx-1:1.24.0-1.el7.ngx.x86_64 conflicts with file from package nginx-1:1.20.1-1.el7.ngx.x86_64
file /usr/sbin/nginx-debug from install of nginx-1:1.24.0-1.el7.ngx.x86_64 conflicts with file from package nginx-1:1.20.1-1.el7.ngx.x86_64
file /usr/share/nginx/html/50x.html from install of nginx-1:1.24.0-1.el7.ngx.x86_64 conflicts with file from package nginx-1:1.20.1-1.el7.ngx.x86_64
file /usr/share/nginx/html/index.html from install of nginx-1:1.24.0-1.el7.ngx.x86_64 conflicts with file from package nginx-1:1.20.1-1.el7.ngx.x86_64解决:
首先,卸载原来的版本,根据冲突提示是nginx-1:1.20.1-1.el7.ngx.x86_64这个rpm包,或者使用 rpm -qa | grep nginx查看rpm包。
root@localhost ~]# rpm -qa | grep nginx
nginx-1.20.1-1.el7.ngx.x86_64卸载1.20.1 rpm包 rpm -e nginx-1:1.20.1-1.el7.ngx.x86_64 --nodeps,--nodeps 忽略依赖关系检查,允许在不考虑依赖的情况下强行卸载软件包。这个操作本身不会直接修改Nginx的配置文件。
再次执行rpm -ivh nginx-1.24.0-1.el7.ngx.x86_64.rpm,看到已经成功升级到了1.24版本。
[root@localhost ~]# rpm -ivh nginx-1.24.0-1.el7.ngx.x86_64.rpm
Preparing... ################################# [100%]
Updating / installing...
1:nginx-1:1.24.0-1.el7.ngx ################################# [100%]
----------------------------------------------------------------------
Thanks for using nginx!
Please find the official documentation for nginx here:
* https://nginx.org/en/docs/
Please subscribe to nginx-announce mailing list to get
the most important news about nginx:
* https://nginx.org/en/support.html
Commercial subscriptions for nginx are available on:
* https://nginx.com/products/
----------------------------------------------------------------------
[root@localhost ~]# nginx -v
nginx version: nginx/1.24.0重启服务:
systemctl restart nginx如何将版本回退
首先卸载当前的rpm包,查看rpm包 rpm -qa | grep nginx
[root@localhost ~]# rpm -qa | grep nginx
nginx-1.24.0-1.el7.ngx.x86_64卸载:rpm -e nginx-1:1.20.1-1.el7.ngx.x86_64 --nodeps
yum重新安装,可以指定版本。我的仓库是官方最新版所以安装完是1.26版本了,安装时指定1.20就是1.20版本了。
[root@localhost ~]# yum install nginx
Loaded plugins: fastestmirror, langpacks
Loading mirror speeds from cached hostfile
* base: mirrors.bfsu.edu.cn
* extras: mirrors.bfsu.edu.cn
* updates: mirrors.aliyun.com
Resolving Dependencies
--> Running transaction check
---> Package nginx.x86_64 1:1.26.1-2.el7.ngx will be installed
--> Finished Dependency Resolution
Dependencies Resolved
================================================================================================================================================================================================================================================================
Package Arch Version Repository Size
================================================================================================================================================================================================================================================================
Installing:
nginx x86_64 1:1.26.1-2.el7.ngx nginx-stable 807 k
Transaction Summary
================================================================================================================================================================================================================================================================
Install 1 Package
Total size: 807 k
Installed size: 2.8 M
Is this ok [y/d/N]: y
Downloading packages:
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Warning: RPMDB altered outside of yum.
Installing : 1:nginx-1.26.1-2.el7.ngx.x86_64 1/1
----------------------------------------------------------------------
Thanks for using nginx!
Please find the official documentation for nginx here:
* https://nginx.org/en/docs/
Please subscribe to nginx-announce mailing list to get
the most important news about nginx:
* https://nginx.org/en/support.html
Commercial subscriptions for nginx are available on:
* https://nginx.com/products/
----------------------------------------------------------------------
Verifying : 1:nginx-1.26.1-2.el7.ngx.x86_64 1/1
Installed:
nginx.x86_64 1:1.26.1-2.el7.ngx
Complete!
[root@localhost ~]# nginx -v
nginx version: nginx/1.26.1编译安装nginx
安装包下载地址
https://nginx.org/en/download.html安装编译文件库
yum -y install make zlib zlib-devel gcc-c++ libtool openssl openssl-devel安装 PCRE
wget http://downloads.sourceforge.net/project/pcre/pcre/8.35/pcre-8.35.tar.gz
tar zxvf pcre-8.35.tar.gz
cd pcre-8.35
./configure
make && make install
pcre-config --version安装NGINX
进入到NGINX解压目录
./configure --prefix=/usr/local/nginx --with-http_ssl_module --with-http_stub_status_module --with-pcre make
make install启动NGINX
/usr/local/nginx/sbin/nginx版本升级
安装包上传编译
tar -zxvf nginx-1.24.0.tar.gz
cd nginx-1.24.0/
./configure --prefix=/tmp/nginx --with-http_ssl_module --with-http_stub_status_module --with-pcre
make
make install替换旧版本
将新编译的NGINX /tmp/nginx/sbin/nginx拷贝到 /usr/local/nginx/sbin/目录下替换掉之前编辑的nginx,替换前先将老的备份。
[root@localhost sbin]# ./nginx -v
nginx version: nginx/1.24.0可以看到已经替换为新版本,重启启动NGINX即可。
统信系统nginx
apt安装
apt-get install nginxnginx -v 查看版本
编译安装
openssl下载
//解压
# tar -zxvf openssl-3.0.1.tar.gz
//进目录
#cd openssl-3.0.1
//编译
#./config
//安装
# make && make install
pcre下载
//解压
# tar -zxvf pcre2-10.39.tar.gz
//进目录
#cd pcre-10.39
//编译
#./configure
//安装
#make && make install
//查看版本
# pcre-config --versionzlib下载
//解压
#tar -zxvf zlib-1.2.11.tar.gz
//进目录
#cd zlib-1.2.11
//编译
#./configure
//安装
#make && make install
nginx下载
//解压
#tar -zxvf nginx-1.21.6.tar.gz
//进目录
#cd nginx-1.21.6
//编译
#./configure --prefix=/usr/local/nginx --with-http_ssl_module --with-http_stub_status_module --with-pcre
//安装
#make && make install升级
将apt安装的nginx /usr/sbin/nginx进行备份,并将编译安装的nginx /usr/local/nginx/sbin/nginx 替换到 /usr/sbin/目录下。
nginx -v 查看nginx是否为新版本。
相关软件包
链接:https://pan.baidu.com/s/1STO6ieXhnjmF7ckhxsv9ag
提取码:quxpNGINX代理配置
相同端口代理不同服务
server {
listen 80;
server_name your-proxy1.com;
location / {
proxy_pass http://12.152.6.65:80/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
# 超时设置
proxy_connect_timeout 30s;
proxy_read_timeout 30s;
}
}
server {
listen 80;
server_name your-proxy2.com;
location / {
proxy_pass http://12.152.6.66:80/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_connect_timeout 30s;
proxy_read_timeout 30s;
}
}本地绑host访问如:
101.66.32.11 your-proxy1.com
101.66.32.11 your-proxy2.comNGINX配置遍历目录漏洞
server {
listen 3001;
server_name localhost;
if ($request_uri ~* "(\.\.|%2e%2e|%252e%252e|\\|%5c|%255c)") {
return 403;
}
location / {
if ($request_uri ~* (\.\.)) {
return 403;
}
if ($request_uri ~* (%2e%2e/|%2e%2e%5c|%252e%252e/)) {
return 403;
}
proxy_pass http://localhost:3000;
proxy_redirect ~^http(s)?://[^/]+(/.*)$ http://$remote_addr$1;
if ($request_uri ~* ^.*/redirect/.*https?://) {
return 403;
}
# 标准代理头配置
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
# 超时设置
proxy_connect_timeout 300s;
proxy_read_timeout 300s;
}
}
评论区