今天就带大家来一起重新复习一下这方面的知识点。
验证Nginx日志切割
创建nginx管理账户
[root@centos01 ~]# useradd -M -s /sbin/nologin nginx
拓扑
挂载Centos7系统光盘
[root@centos01 ~]# mount /dev/cdrom /mnt/
前几天,有个读者向我吐槽,找了很久的工作,好不容易熬到到了二面。谁知道没有准备充分,被一道题给直接挂掉了。
挂载centos7系统光盘安装DNS
[root@centos03 ~]# mount /dev/cdrom /mnt/
mount: /dev/sr0 写保护,将以只读方式挂载
[root@centos03 ~]# ls /mnt/
CentOS_BuildTag EULA images LiveOS repodata RPM-GPG-KEY-CentOS-Testing-7
EFI GPL isolinux Packages RPM-GPG-KEY-CentOS-7 TRANS.TBL
root@centos03 ~]# rpm -ivh /mnt/Packages/bind-9.9.4-50.el7.x86_64.rpm
[root@centos03 ~]# rpm -ivh /mnt/Packages/bind-chroot-9.9.4-50.el7.x86_64.rpm
配置DNS区域配置文件第一台服务器
[root@centos03 ~]# vim /var/named/h.com.zone
$TTL 86400
@ SOA h.com. root.h.com. (
2023021015
1H
15M
1W
1D
)
@ NS centos03.h.com.
centos03 A 192.168.100.30
www A 192.168.100.10
[root@centos03 ~]# named-checkzone h.com /var/named/h.com.zone
zone h.com/IN: loaded serial 2023021015
OK
centos03配置DNS重启网卡服务
[root@centos03 ~]# vim /通达信API接口调用,etc/sysconfig/network-scripts/ifcfg-ens32
[root@centos03 ~]# cat /通达信API接口调用,etc/sysconfig/network-scripts/ifcfg-ens32
TYPE=Ethernet
BOOTPROTO=static
NAME=ens32
DEVICE=ens32
ONBOOT=yes
IPADDR=192.168.100.30
NATMACK=255.255.255.0
DNS1=192.168.100.30
[root@centos03 ~]# systemctl restart network
[root@centos03 ~]# cat /etc/resolv.conf
# Generated by NetworkManager
nameserver 192.168.100.30
配置DNS主配置文件
[root@centos03 ~]# echo "" > /etc/named.conf
[root@centos03 ~]# vim /etc/named.conf
options {
listen-on port 53 { any; };
directory "/var/named/";
};
zone "h.com" IN {
type master;
file "/var/named/h.com.zone";
};
zone "hy.com" IN {
type master;
file "/var/named/hy.com.zone";
};
设置开机自启设置网站主页
centos02配置DNS重启网卡服务
[root@centos02 ~]# vim /etc/sysconfig/network-scripts/ifcfg-ens32
[root@centos02 ~]# cat /etc/sysconfig/network-scripts/ifcfg-ens32
TYPE=Ethernet
BOOTPROTO=static
NAME=ens32
DEVICE=ens32
ONBOOT=yes
IPADDR=192.168.100.20
NATMACK=255.255.255.0
DNS1=192.168.100.30
[root@centos02 ~]# systemctl restart network
[root@centos02 ~]# cat /etc/resolv.conf
# Generated by NetworkManager
nameserver 192.168.100.30
互联网/程序员/技术/资料共享
传输nginx11文件
[root@centos01 ~]# rz
z waiting to receive.**B0100000023be50
验证隐藏版本
注:本文提到的网址仅不是实际存在的网站,仅作为技术学习举例之用。
程序员的成长之路
修改Nginx数据包请求头部
[root@centos01 ~]# vim/usr/src/nginx-1.16.1/src/http/ngx_http_header_filter_module.c
49 static u_char ngx_http_server_string[] = "Server: IIS" CRLF;li
验证网页缓存
安装依赖文件
[root@centos01 ~]# yum -y install pcre-devel zlib-devel
mount:/dev/sr0写保护,将以只读方式挂载
配置第二台DNS区域配置文件
[root@centos03 ~]# vim /var/named/hy.com.zone
$TTL 86400
@ SOA hy.com. root.hy.com. (
2023021015
1H
15M
1W
1D
)
@ NS centos03.hy.com.
centos03 A 192.168.100.30
www A 192.168.100.20
[root@centos03 ~]# named-checkzone hy.com /var/named/hy.com.zone
zone hy.com/IN: loaded serial 2023021015
OK
配置Nginx
配置DNS
解压nginx配置文件
[root@centos01 ~]# yum -y install pcre-devel zlib-devel
推荐步骤
验证防盗链
启动DNS服务监听端口
[root@centos03 ~]# systemctl stop named
[root@centos03 ~]# systemctl start named
[root@centos03 ~]# netstat -anptu | grep named
tcp 0 0 192.168.100.30:53 0.0.0.0:* LISTEN 2430/named
tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 2430/named
tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN 2430/named
tcp6 0 0 ::1:953 :::* LISTEN 2430/named
udp 0 0 192.168.122.1:53 0.0.0.0:* 2430/named
udp 0 0 192.168.100.30:53 0.0.0.0:* 2430/named
udp 0 0 127.0.0.1:53 0.0.0.0:* 2430/named
修改源代码程序
[root@centos01 ~]# vim /usr/src/nginx-1.16.1/src/core/nginx.h
13 #define NGINX_VERSION "7.0"
14 #define NGINX_VER "IIS/" NGINX_VERSION
22 #define NGINX_VAR "IIS"
挂centos7系统光盘yum安装apache
这道题就是:Nginx的优化思路有哪些?网站的防盗链如何做?实际工作中有哪些类似的安全经验?结果支支吾吾半天没讲到重点,结果就可想而知了。。。
centos01配置DNS,重启网卡服务
[root@centos01 ~]# vim /etc/sysconfig/network-scripts/ifcfg-ens32
[root@centos01 ~]# cat /etc/sysconfig/network-scripts/ifcfg-ens32
TYPE=Ethernet
BOOTPROTO=static
NAME=ens32
DEVICE=ens32
ONBOOT=yes
IPADDR=192.168.100.10
NATMACK=255.255.255.0
DNS1=192.168.100.30
[root@centos01 ~]# systemctl restart network
[root@centos01 ~]# cat /etc/resolv.conf
# Generated by NetworkManager
nameserver 192.168.100.30
文章为作者独立观点,不代表股票交易接口观点