# Nginx常用扫操作

  1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23  set $is_matched 0; if ($http_user_agent ~* "wget") { set $is_matched "${is_matched}1"; } if ($remote_addr ~ "127.0.0.1|172.16.11.10") { set$is_matched "${is_matched}01"; } # 满足条件: # 当 http_user_agent == wget or remote_addr = ip # is_matched 值为 01 001 # 当条件为 http_user_agent == wget and remote_addr = ip # is_matched 值为 0101 if ($is_matched = "01"){ return 403; } 
  1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26  # http map $http_x_forwarded_for$client_real_ip { "" $remote_addr; ~^(?P[0-9\.]+),?.*$ $firstAddr; } set$is_allow 0; # location,server if ( $client_real_ip ~* '^(203)\.(93)\.(97)\.(.*)$' ) { set $is_allow 1; } if ($client_real_ip ~ '172.31.11.111|127.0.0.1'){ set $is_allow 1; } if ($client_real_ip ~* "172\.31\.(25[0-5]|2[0-4]\d|[0-1]\d{2}|[1-9]?\d)\.(25[0-5]|2[0-4]\d|[0-1]\d{2}|[1-9]?\d)" ) { set $is_allow 1; } # and 实现 if ($is_allow = "1" ){ return 200; } return 502; 
 1 2 3 4 5 6 7 8  location /frps/ { proxy_pass http://$host:$server_port/; proxy_set_header Host $host:$server_port; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For$proxy_add_x_forwarded_for; proxy_redirect / /frps/; #rewrite ^/frps/(.*)$/$1 break; } 
  1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22   location /owa { alias /pathto/owa; index index.php index.html index.htm; } location ~ /owa/.+.php.*${ if ($fastcgi_script_name ~ /owa/(.+.php.*)$) { set$valid_fastcgi_script_name $1; } fastcgi_pass 127.0.0.1:9000; fastcgi_index index.php; fastcgi_connect_timeout 150; fastcgi_read_timeout 150; fastcgi_send_timeout 150; fastcgi_buffer_size 256k; fastcgi_buffers 16 256k; fastcgi_busy_buffers_size 512k; fastcgi_temp_file_write_size 512k; fastcgi_param SCRIPT_FILENAME /pathto/owa/$valid_fastcgi_script_name; #fastcgi_param SCRIPT_FILENAME /pathto/\$fastcgi_script_name; include fastcgi_params; }