nginx – Page 3 – KutuKupret colorful website

Nginx, limit website visitor bandwidth by country

First grab this perl script which you will use to convert Maxmind’s geo IP database into a format usable by Nginx. make it executable Then download Maxmind’s latest GeoLite country database in CSV format. Unzip it, and run perl script Copy nginxGeo.txt into your nginx config directory. Then add the…

admin September 16, 2010bandwidth, nginx2

https nginx

Nginx, redirecting all request to https

In normal https configuration just add rewrite directive like this:

admin September 16, 2010https, nginx, redirectNo Comments

nginx tls

Nginx enabling TLS SNI support on centos 5

By default centos 5.x has openssl-0.9.8e which is not have tls extention for sni support. this is workaround on how to get nginx 0.8.48 rpm with TLS SNI enabled

Step 1:

download openssl source, example openssl-0.9.8l. extract it in /usr/src

$ cd /usr/src
$ wget http://www.openssl.org/source/openssl-0.9.8l.tar.gz
$ tar xvzf openssl-0.9.8l.tar.gz

Step 2:

Download nginx rpm source, example nginx-0.8.49-1.el5.src.rpm

$ wget http://centos.alt.ru/pub/nginx/0.8/RHEL/SRPMS/nginx-0.8.49-1.el5.src.rpm
$ rpm -Uvh nginx-0.8.49-1.el5.src.rpm

Move to directory where the spec file is in and edit nginx.spec

$ cd /path/to/rpm/SPECS/
$ vi nginx.spec

admin August 30, 2010nginx, tls, tls sniNo Comments

nginx

Change Nginx Version Header

Edit nginx.h [bash] $ vi src/core/nginx.h [/bash] find lines: [text] #define NGINX_VERSION "0.7.64" #define NGINX_VER "nginx/" NGINX_VERSION [/text] Change them as follows: [text] #define NGINX_VERSION "0.7.64" #define NGINX_VER "kutukupret/" NGINX_VERSION [/text] Save and close the file. Now, you can compile the server. Add the following in nginx.conf to turn off…

admin August 19, 2010header, nginx, version3

https nginx ssl

Nginx SSL/HTTPS

HTTP is a plain text protocol and it is open to passive monitoring. You should use SSL to to encrypt your content for users. Create an SSL Certificate Type the following commands: [bash] $ cd /usr/local/nginx/conf $ openssl genrsa -des3 -out server.key 1024 $ openssl req -new -key server.key -out…

admin August 19, 2010https, nginx, sslNo Comments

nginx

Nginx Image Hotlink Prevention

how to prevent image hotlinking with nginx? this will return 403 error when someone trying to use image directly from oursite. [xml] location ~* (\.jpg|\.png|\.gif|\.jpeg|\.png)$ { valid_referers none blocked www.example.com example.com; if ($invalid_referer) { return 403; } } [/xml] or we can change every images which hotlinked with our custom…

admin August 18, 2010hotlink, nginxNo Comments

nginx

Nginx – Customizing 404 page

You can setup a custom error page for every location block in your nginx.conf, or a global error page for the site as a whole. To redirect to a simple 404 not found page for a specific location: [xml] location /my_blog { error_page 404 = /article_not_found.html; } [/xml] A site…

admin August 16, 2010nginxNo Comments

ipv6 nginx

Nginx IPV6

Download nginx rpm SOURCE

http://centos.alt.ru/pub/nginx/0.8/RHEL/SRPMS/nginx-0.8.46-1.el5.src.rpm

Install rpm source

# rpm -Uvh nginx-0.8.46-1.el5.src.rpm

Chnage to rpm spec directory

# cd /path/to/rpm/spec/dir

Edit nginx.spec and add –with-ipv6 at configure section. IE:

./configure \
    --user=%{nginx_user} \
    --group=%{nginx_group} \
    --prefix=%{nginx_datadir} \
    --sbin-path=%{_sbindir}/%{name} \
    --conf-path=%{nginx_confdir}/%{name}.conf \
    --error-log-path=%{nginx_logdir}/error.log \
    --http-log-path=%{nginx_logdir}/access.log \
    --http-client-body-temp-path=%{nginx_home_tmp}/client_body \
    --http-proxy-temp-path=%{nginx_home_tmp}/proxy \
    --http-fastcgi-temp-path=%{nginx_home_tmp}/fastcgi \
    --pid-path=%{_localstatedir}/run/%{name}.pid \
    --lock-path=%{_localstatedir}/lock/subsys/%{name} \
    --with-http_secure_link_module \
    --with-http_random_index_module \
    --with-http_ssl_module \
    --with-http_realip_module \
    --with-http_addition_module \
    --with-http_sub_module \
    --with-http_dav_module \
    --with-http_flv_module \
    --with-http_gzip_static_module \
    --with-http_stub_status_module \
    --with-http_perl_module \
    --with-ipv6 \
    --with-mail \
    --with-mail_ssl_module \
    --with-cc-opt="%{optflags} $(pcre-config --cflags)" \
    --add-module=%{_builddir}/nginx-%{version}/nginx-upstream-fair \
    --add-module=%{_builddir}/nginx-%{version}/nginx-upload-progress-module \
    --add-module=%{_builddir}/nginx-%{version}/mod_zip-1.1.5 \
    --add-module=%{_builddir}/nginx-%{version}/nginx_upload_module-2.0.12 \
    --add-module=%{_builddir}/nginx-%{version}/nginx_mod_h264_streaming-2.2.7

admin July 22, 2010ipv6, nginx2