Posted innginx

Nginx, limit website visitor bandwidth by country

First grab this perl script which you will use to convert Maxmind’s geo IP database into a format usable by Nginx. make it executable Then download Maxmind’s latest GeoLite country database in CSV format. Unzip it, and run perl script Copy nginxGeo.txt into your nginx config directory. Then add the…
Tags: , 2
Posted innginx tls

Nginx enabling TLS SNI support on centos 5

By default centos 5.x has openssl-0.9.8e which is not have tls extention for  sni support. this is workaround on how to get nginx 0.8.48 rpm with TLS SNI enabled

Step 1:

download openssl source, example  openssl-0.9.8l. extract it in /usr/src

$ cd /usr/src
$ wget http://www.openssl.org/source/openssl-0.9.8l.tar.gz
$ tar xvzf openssl-0.9.8l.tar.gz

Step 2:

Download nginx rpm source, example nginx-0.8.49-1.el5.src.rpm

$ wget http://centos.alt.ru/pub/nginx/0.8/RHEL/SRPMS/nginx-0.8.49-1.el5.src.rpm
$ rpm -Uvh nginx-0.8.49-1.el5.src.rpm

Move to directory where the spec file is in and edit nginx.spec

$ cd /path/to/rpm/SPECS/
$ vi nginx.spec
Tags: , , No Comments
Posted infastcgi nginx

Nginx, fastcgi, ‘Hello World’ in C

Here is a simple example of a hello world program for FastCGI written in C. Before you can compile this, you will need to install the FastCGI devkit. At the time of writing the latest version is available from www.fastcgi.com

extract, compile and install fcgi-current.tar.gz

$ tar xvzf fcgi-current.tar.gz
$ cd  fcgi-2.x.x/
$ ./configure
$ make
$ sudo make install

the c code

#include <fcgi_stdio.h>
int main( int argc, char *argv[] )
{
   while( FCGI_Accept() >= 0 ) {
      printf( "Content-Type: text/plain\n\n" );
      printf( "Hello world in C\n" );
   }
   return 0;
}
Tags: 11
Posted innginx

Change Nginx Version Header

Edit nginx.h [bash] $ vi src/core/nginx.h [/bash] find lines: [text] #define NGINX_VERSION "0.7.64" #define NGINX_VER "nginx/" NGINX_VERSION [/text] Change them as follows: [text] #define NGINX_VERSION "0.7.64" #define NGINX_VER "kutukupret/" NGINX_VERSION [/text] Save and close the file. Now, you can compile the server. Add the following in nginx.conf to turn off…
Tags: , , 3
Posted innginx

Nginx Limit Available Methods

GET and POST are the most common methods on the Internet. Web server methods are defined in RFC 2616. If a web server does not require the implementation of all available methods, they should be disabled. The following will filter and only allow GET, HEAD and POST methods: [xml] ##…
2
Posted inhttps nginx ssl

Nginx SSL/HTTPS

HTTP is a plain text protocol and it is open to passive monitoring. You should use SSL to to encrypt your content for users. Create an SSL Certificate Type the following commands: [bash] $ cd /usr/local/nginx/conf $ openssl genrsa -des3 -out server.key 1024 $ openssl req -new -key server.key -out…
Tags: , , No Comments
Posted innginx

Nginx Image Hotlink Prevention

how to prevent image hotlinking with nginx? this will return 403 error when someone trying to use image directly from oursite. [xml] location ~* (\.jpg|\.png|\.gif|\.jpeg|\.png)$ { valid_referers none blocked www.example.com example.com; if ($invalid_referer) { return 403; } } [/xml] or we can change every images which hotlinked with our custom…
Tags: , No Comments
Posted innginx

Nginx – Customizing 404 page

You can setup a custom error page for every location block in your nginx.conf, or a global error page for the site as a whole. To redirect to a simple 404 not found page for a specific location: [xml] location /my_blog { error_page 404 = /article_not_found.html; } [/xml] A site…
Tags: No Comments
Posted inipv6 nginx

Nginx IPV6

Download nginx rpm SOURCE

http://centos.alt.ru/pub/nginx/0.8/RHEL/SRPMS/nginx-0.8.46-1.el5.src.rpm

Install rpm source

# rpm -Uvh nginx-0.8.46-1.el5.src.rpm

Chnage to rpm spec directory

# cd /path/to/rpm/spec/dir

Edit nginx.spec and add –with-ipv6 at configure section. IE:

./configure \
    --user=%{nginx_user} \
    --group=%{nginx_group} \
    --prefix=%{nginx_datadir} \
    --sbin-path=%{_sbindir}/%{name} \
    --conf-path=%{nginx_confdir}/%{name}.conf \
    --error-log-path=%{nginx_logdir}/error.log \
    --http-log-path=%{nginx_logdir}/access.log \
    --http-client-body-temp-path=%{nginx_home_tmp}/client_body \
    --http-proxy-temp-path=%{nginx_home_tmp}/proxy \
    --http-fastcgi-temp-path=%{nginx_home_tmp}/fastcgi \
    --pid-path=%{_localstatedir}/run/%{name}.pid \
    --lock-path=%{_localstatedir}/lock/subsys/%{name} \
    --with-http_secure_link_module \
    --with-http_random_index_module \
    --with-http_ssl_module \
    --with-http_realip_module \
    --with-http_addition_module \
    --with-http_sub_module \
    --with-http_dav_module \
    --with-http_flv_module \
    --with-http_gzip_static_module \
    --with-http_stub_status_module \
    --with-http_perl_module \
    --with-ipv6 \
    --with-mail \
    --with-mail_ssl_module \
    --with-cc-opt="%{optflags} $(pcre-config --cflags)" \
    --add-module=%{_builddir}/nginx-%{version}/nginx-upstream-fair \
    --add-module=%{_builddir}/nginx-%{version}/nginx-upload-progress-module \
    --add-module=%{_builddir}/nginx-%{version}/mod_zip-1.1.5 \
    --add-module=%{_builddir}/nginx-%{version}/nginx_upload_module-2.0.12 \
    --add-module=%{_builddir}/nginx-%{version}/nginx_mod_h264_streaming-2.2.7
Tags: , 2