对我的文件夹中的 favicon.ico 和资产的无用 GET 请求/static/正在我的 nginx 访问日志中乱七八糟。而且它是一个繁忙的服务器 - 这意味着 I/O 也被浪费了。更不用说我的fail2ban安装有时会做出扭曲的决定!
如何排除这些令人讨厌的日志行?我在 nginx 上1.4.x。
我找到了一种在apache中做到这一点的方法,但在 nginx 中却找不到。
这是我的 nginx 虚拟主机文件:
proxy_cache_path /var/cache/nginx levels=1:2 keys_zone=my_cache:10m max_size=100m inactive=6m;
upstream my_server {
server unix:/home/myuser/myfolder/myapp/myapp.sock fail_timeout=0;
}
server {
server_name example.com www.example.com;
listen 80;
return 301 https://example.com$request_uri;
}
server {
server_name www.example.com;
listen 443 ssl;
listen [::]:443 ssl;
. . . SSL related stuff . . .
. . . adding security related headers . . .
return 301 https://example.com$request_uri;
}
server {
server_name example.com;
listen 443 ssl;
listen [::]:443 ssl;
. . . SSL related stuff . . .
. . . adding security related headers . . .
charset utf-8;
underscores_in_headers on;
limit_conn conn_limit_per_ip 10;
limit_req zone=req_limit_per_ip burst=20;
# write error log file for https errors:
error_log /var/log/nginx/https-error_log warn;
location ~* \.(?:ico|css|js|gif|jpg|jpeg|png|svg|woff|ttf|eot)$ {
root /home/myuser/myfolder/myapp;
access_log off;
expires 120d;
add_header Pragma public;
add_header Cache-Control public;
}
location = /favicon.ico { access_log off; log_not_found off; }
location /static/ {
access_log off;
alias /home/myuser/myfolder/myapp;
}
location /status {
stub_status on;
allow 127.0.0.1;
allow 40.114.247.165;
deny all;
}
location / {
#proxy_pass_request_headers on;
proxy_buffering on;
proxy_buffers 24 4k;
proxy_buffer_size 2k;
proxy_busy_buffers_size 8k;
try_files $uri @https_proxy_to_app;
}
location @https_proxy_to_app {
proxy_set_header X-Forwarded-Proto https;
# additional proxy parameters
include proxy_params;
proxy_redirect off;
proxy_pass http://my_server;
}
# Error pages
error_page 500 502 503 504 /500.html;
location = /500.html {
root /home/myuser/myfolder/myapp/templates/;
}
location = /backflip.png {
root /home/myuser/myfolder/myapp/static/img/;
}
}
在 中nginx.conf,我在块中定义了以下内容http:
log_format compression '$remote_addr - $remote_user [$time_local] '
'"$request" $status $body_bytes_sent '
'"$http_referer" "$http_user_agent" "$gzip_ratio"';
access_log /var/log/nginx/access.log compression;
这是我在访问日志中看到的内容示例:
192.16.53.127 - - [24/Sep/2017:01:12:24 +0000] "GET /static/emoticons/puke1.png HTTP/1.1" 301 178 "https://example.com/page2/" "service-1460643764266048;Mozilla/5.0 (Linux; Android 6.0; QMobile X32 Power Build/MRA58K; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/55.0.2883.91 Mobile Safari/537.36" "-"
152.195.94.170 - - [24/Sep/2017:01:12:24 +0000] "GET /static/img/favicon-192.png HTTP/1.1" 301 178 "https://example.com/comment/3" "Opera/9.80 (Android; Opera /24.0.2254/69.162; U; en) Presto/2.12.423 Version/12.16" "-"
每个server块都会生成日志,每个location块都会生成日志。您不能只将一个块添加到现有配置中并期望它能够工作,而不考虑它如何与配置中的location所有其他块交互。location了解如何nginx处理更多请求。
解决您的问题的一个简单方法可能是使用全局规则来确定是否应记录请求。
例如,在您的nginx.conf文件中:
log_format compression '$remote_addr - $remote_user [$time_local] '
'"$request" $status $body_bytes_sent '
'"$http_referer" "$http_user_agent" "$gzip_ratio"';
map $request_uri $loggable {
default 1;
~*\.(ico|css|js|gif|jpg|jpeg|png|svg|woff|ttf|eot)$ 0;
}
access_log /var/log/nginx/access.log compression if=$loggable;
请参阅此文档了解更多信息。