需要两台nginx,
nginx1,是源
nginx2,是盗取
实验步骤:
在源上安装nginx
1、挂载镜像
[root@kvm122102 Nginx]# mount /dev/cdrom /mnt/
2、安装依赖包
[root@kvm122102 Nginx]# yum -y install gcc gcc-c++ make autoconf openssl openssl-devel
3、安装yum源
[root@kvm122102 Nginx]# tar xf nginx-1.12.1.tar
[root@kvm122102 Nginx]# tar xf pcre-8.40.tar.gz #让nginx支持正则
4、创建用户
[root@kvm122102 Nginx]# useradd -s /sbin/nologin nginx
5、进入到nginx路径
[root@kvm122102 Nginx]# cd nginx-1.12.1/
6、配置
[root@kvm122102 nginx-1.12.1]# ./configure --prefix=/usr/local/nginx --user=nginx --group=nginx --with-http_ssl_module --with-http_stub_status_module --with-file-aio --with-http_dav_module --with-pcre=/root/Nginx/pcre-8.40
7、编译
[root@kvm122102 nginx-1.12.1]# make
8、安装
[root@kvm122102 nginx-1.12.1]# make install
9、编辑启动配置
[root@kvm122102 nginx-1.12.1]# vim /usr/lib/systemd/system/nginx.service
[Unit]
Description=The nginx HTTP and reverse proxy server
After=syslog.target network.target remote-fs.target nss-lookup.target
[Service]
Type=forking
PIDFile=/usr/local/nginx/logs/nginx.pid
ExecStartPre=/usr/local/nginx/sbin/nginx -t
ExecStart=/usr/local/nginx/sbin/nginx
ExecReload=/bin/kill -s HUP $MAINPID
ExecStop=/bin/kill -s QUIT $MAINPID
PrivateTmp=true
[Install]
WantedBy=multi-user.target
10、启用脚本
[root@kvm122102 nginx-1.12.1]# systemctl daemon-reload
11、启动nginx
[root@kvm122102 nginx-1.12.1]# systemctl start nginx
之后复制nginx到盗取的环境
[root@kvm122102 ~]# scp -r /usr/local/nginx 192.168.122.103:/usr/local/
[root@kvm122102 ~]# scp -r /usr/lib/systemd/system/nginx.service 192.168.122.103:/usr/lib/systemd/system/
在盗取的nginx创建nginx用户
[root@kvm122103 ~]# useradd -s /sbin/nologin nginx
[root@kvm122103 ~]# systemctl restart nginx
[root@kvm122103 ~]# ps -ef | grep nginx
root 1235 1 0 23:48 ? 00:00:00 nginx: master process /usr/local/nginx/sbin/nginx
nginx 1236 1235 0 23:48 ? 00:00:00 nginx: worker process
root 1238 1142 0 23:48 pts/0 00:00:00 grep --color=auto nginx
[root@kvm122103 ~]#
在源nginx上编辑
location /status {
stub_status;
}
location ~* \.(txt)$ {
valid_referers none blocked www.102.com;
if ( $invalid_referer ) {
#rewrite ^/ /1.html;
#rewrite ^/ http://192.168.122.103/index.html;
return 404;
}
}
[root@kvm122102 ~]# cat /usr/local/nginx/html/index.html
102
nginx
[root@kvm122102 ~]#
[root@kvm122102 ~]# echo “这是一个盗取的连接,请访问www.102.com” > /usr/local/nginx/html/1.html
[root@kvm122102 ~]# cat /usr/local/nginx/html/a.txt
hello
[root@kvm122102 ~]#
在盗取的环境里进行设置
[root@kvm122103 nginx]# cat /usr/local/nginx/html/index.html
103
nginx
[root@kvm122103 nginx]#
验证结果:
盗取的不能够打开源的信息