一些学习笔记罢了。

--with-http_geoip_module

--user=www --group=www --prefix=/usr/local/nginx --with-http_stub_status_module --with-http_ssl_module --with-http_v2_module --with-http_gzip_static_module --with-http_sub_module --with-stream --with-stream_ssl_module --with-openssl=/root/lnmp1.5/src/openssl-1.0.2o --with-http_geoip_module

Nginx 安装监测

cat auto/options | grep YES

/usr/share/GeoIP/GeoIP.dat

/usr/share/GeoIP/GeoIPv6.dat

Ddos flare 文件路径

# Paths of the script and other files

PROGDIR="/usr/local/ddos"

SBINDIR="/usr/local/sbin"

PROG="$PROGDIR/ddos.sh"

IGNORE_IP_LIST="ignore.ip.list"

IGNORE_HOST_LIST="ignore.host.list"

CRON="/etc/cron.d/ddos"

# Make sure your APF version is atleast 0.96

BANS_IP_LIST="/var/lib/ddos/bans.list"

BANS_BW_IP_LIST="/var/lib/ddos/bans.bw.list"

BANS_CLOUDFLARE_IP_LIST="/var/lib/ddos/bans.cf.list"

CLOUDFLARE_PCAP="/var/lib/ddos/tcpdump.pcap"

SERVER_IP_LIST=

--

判断语句及执行

ps -ef | grep ddos |grep -v grep > /dev/null  
if [ $? != 0 ];then
      /usr/local/sbin/ddos -d > /dev/nullf
      fi

--

DDOS flare路径复述

/usr/local/sbin/ddos

ANS_IP_LIST="/var/lib/ddos/bans.list" 被ban掉ip裂变
BANS_BW_IP_LIST="/var/lib/ddos/bans.bw.list" 同
BANS_CLOUDFLARE_IP_LIST="/var/lib/ddos/bans.cf.list"
CLOUDFLARE_PCAP="/var/lib/ddos/tcpdump.pcap"
SERVER_IP_LIST=$(ifconfig |

BANS_IP_LIST="/var/lib/ddos/bans.list"

BANS_BW_IP_LIST="/var/lib/ddos/bans.bw.list"

BANS_CLOUDFLARE_IP_LIST="/var/lib/ddos/bans.cf.list"

CLOUDFLARE_PCAP="/var/lib/ddos/tcpdump.pcap"
SERVER_IP_LIST=$(ifconfig | \

Nginx安装ngx_lua_waf模块


/usr/local/src/lua-nginx-module-0.10.15```

## Beta1

./configure --user=www --group=www --prefix=/usr/local/nginx --with-http_stub_status_module --with-http_ssl_module --with-http_v2_module --with-http_gzip_static_module --with-http_sub_module --with-stream --with-stream_ssl_module --with-openssl=/root/lnmp1.5/src/openssl-1.0.2o --with-http_geoip_module --with-ld-opt='-Wl,-rpath,/usr/local/luajit/lib' --with-http_gunzip_module  --add-module=/usr/local/src/ngx_devel_kit-0.3.1rc1 --add-module=/usr/local/src/lua-nginx-module-0.10.15



## Beta2 05.19

./configure --user=www --group=www --prefix=/usr/local/nginx --with-http_stub_status_module --with-http_ssl_module --with-http_v2_module --with-http_gzip_static_module --with-http_sub_module --with-stream --with-stream_ssl_module --with-openssl=/root/lnmp1.5/src/openssl-1.0.2o --with-http_geoip_module --with-ld-opt='-Wl,-rpath,/usr/local/luajit/lib' --with-mail_ssl_module --with-stream_ssl_module --with-http_auth_request_module --with-stream_realip_module --with-stream_geoip_module  --with-google_perftools_module --add-module=/usr/local/src/ngx_devel_kit-0.3.1rc1 --add-module=/usr/local/src/lua-nginx-module-0.10.15 



## 官方解释

--prefix=/etc/nginx --sbin-path=/usr/sbin/nginx --modules-path=/usr/lib64/nginx/modules --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --pid-path=/var/run/nginx.pid --lock-path=/var/run/nginx.lock --http-client-body-temp-path=/var/cache/nginx/client_temp --http-proxy-temp-path=/var/cache/nginx/proxy_temp --http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp --http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp --http-scgi-temp-path=/var/cache/nginx/scgi_temp --user=nginx --group=nginx --with-compat --with-file-aio --with-threads --with-http_addition_module --with-http_auth_request_module --with-http_dav_module --with-http_flv_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_mp4_module --with-http_random_index_module --with-http_realip_module --with-http_secure_link_module --with-http_slice_module --with-http_ssl_module --with-http_stub_status_module --with-http_sub_module --with-http_v2_module --with-mail --with-mail_ssl_module --with-stream --with-stream_realip_module --with-stream_ssl_module --with-stream_ssl_preread_module --with-cc-opt='-O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches -m64 -mtune=generic -fPIC' --add-module=/usr/local/src/ngx_devel_kit-0.3.0 --add-module=/usr/local/src/lua-nginx-module-0.10.11 --with-ld-opt='-Wl,-rpath,/usr/local/luajit/lib'

命令行

netstat -an | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -n 查看后台连接情况
nohup ${python_ver} server.py m>> /home/ipConect.log 2>&1 &
nohup netstat -an | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -n>> /home/ipConect.log 2>&1 &

查看软件运行状态 并看pid

ps -ef | grep nginx |grep -v grep

ddos 其他说明档案

/etc/logrotate.d/ddos
./etc/init.d/ddos
./etc/ddos
./var/lib/ddos
./usr/local/sbin/ddos
./usr/local/ddos

#自由意志

#502 error pages 设置开始

` error_page 500 502 503 504 /50x.html;

​ location = /50x.html {

​ }

​ #502 error pages 设置结束

判断命令


if [ $? != 0 ];then

​       lnmp nginx restart > /dev/nullf


​       fi

1diyic ./configure

nginx binary file: "/usr/local/nginx/sbin/nginx"
nginx modules path: "/usr/local/nginx/modules"
nginx configuration prefix: "/usr/local/nginx/conf"
nginx configuration file: "/usr/local/nginx/conf/nginx.conf"
nginx pid file: "/usr/local/nginx/logs/nginx.pid"
nginx error log file: "/usr/local/nginx/logs/error.log"
nginx http access log file: "/usr/local/nginx/logs/access.log"
nginx http client request body temporary files: "client_body_temp"
nginx http proxy temporary files: "proxy_temp"
nginx http fastcgi temporary files: "fastcgi_temp"
nginx http uwsgi temporary files: "uwsgi_temp"
nginx http scgi temporary files: "scgi_temp"

2dierci

nginx path prefix: "/usr/local/nginx"

  nginx binary file: "/usr/local/nginx/sbin/nginx"

  nginx modules path: "/usr/local/nginx/modules"

  nginx configuration prefix: "/usr/local/nginx/conf"

  nginx configuration file: "/usr/local/nginx/conf/nginx.conf"

  nginx pid file: "/usr/local/nginx/logs/nginx.pid"

  nginx error log file: "/usr/local/nginx/logs/error.log"

  nginx http access log file: "/usr/local/nginx/logs/access.log"

  nginx http client request body temporary files: "client_body_temp"

  nginx http proxy temporary files: "proxy_temp"

  nginx http fastcgi temporary files: "fastcgi_temp"

  nginx http uwsgi temporary files: "uwsgi_temp"

  nginx http scgi temporary files: "scgi_temp"
  /usr/local/nginx



lua_package_path "/usr/local/nginx/waf/?.lua";

lua_shared_dict limit 10m;

init_by_lua_file /usr/local/nginx/waf/init.lua;

access_by_lua_file /usr/local/nginx/waf/waf.lua;
--prefix=/etc/nginx --sbin-path=/usr/sbin/nginx --modules-path=/usr/lib64/nginx/modules --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --pid-path=/var/run/nginx.pid --lock-path=/var/run/nginx.lock --http-client-body-temp-path=/var/cache/nginx/client_temp --http-proxy-temp-path=/var/cache/nginx/proxy_temp --http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp --http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp --http-scgi-temp-path=/var/cache/nginx/scgi_temp --user=nginx --group=nginx --with-compat --with-file-aio --with-threads --with-http_addition_module --with-http_auth_request_module --with-http_dav_module --with-http_flv_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_mp4_module --with-http_random_index_module --with-http_realip_module --with-http_secure_link_module --with-http_slice_module --with-http_ssl_module --with-http_stub_status_module --with-http_sub_module --with-http_v2_module --with-mail --with-mail_ssl_module --with-stream --with-stream_realip_module --with-stream_ssl_module --with-stream_ssl_preread_module --with-cc-opt='-O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches -m64 -mtune=generic -fPIC' --add-module=/usr/local/src/ngx_devel_kit-0.3.0 --add-module=/usr/local/src/lua-nginx-module-0.10.11 --with-ld-opt='-Wl,-rpath,/usr/local/luajit/lib'
最后修改:2019 年 08 月 03 日 11 : 40 PM