重要提示:先备份!先备份!先备份!
服务器:Debian12 2H4G
phpmyadmin端口自行替换
代码
# 2H4G服务器 OpenResty 1.27.1.2 终极最终稳定版(PHP8.4适配+零语法错误)
# 核心原则:零错误+全平台兼容+硬件适配+极致性能,严格遵循OpenResty 1.27.1.2官方规范
# 适配环境:OpenResty 1.27.1.2 + PHP8.4 + MariaDB 11.3.2 + 2核4G内存 + 宝塔面板
# 全局核心进程配置
worker_processes 2; # 工作进程数=CPU核心数,消除上下文切换
worker_cpu_affinity 01 10; # CPU亲和性绑定,提升缓存命中率
error_log /www/wwwlogs/nginx_error.log crit; # 仅记录严重错误,降低IO压力
pid /www/server/nginx/logs/nginx.pid; # 宝塔默认PID路径,兼容面板管理
worker_rlimit_nofile 65535; # 单个进程最大文件描述符,满足高并发
worker_rlimit_core 0; # 禁用核心转储,节省磁盘空间
# TCP/UDP流处理模块(按需启用)
stream {
log_format tcp_format '$time_local|$remote_addr|$protocol|$status|$bytes_sent|$bytes_received|$session_time|$upstream_addr|$upstream_bytes_sent|$upstream_bytes_received|$upstream_connect_time';
access_log /www/wwwlogs/tcp-access.log tcp_format buffer=32k flush=5s; # 流模块日志语法正确
error_log /www/wwwlogs/tcp-error.log warn;
include /www/server/panel/vhost/nginx/tcp/*.conf;
tcp_nodelay on;
}
# 事件驱动模型(无重复指令,全平台兼容)
events
{
use epoll; # Linux最优IO模型,全版本兼容
worker_connections 12000; # 单进程并发连接数(总24000,适配4G内存)
multi_accept on; # 批量接收新连接,减少系统调用
accept_mutex off; # 关闭互斥锁,多核CPU高效分配
worker_aio_requests 1024; # 异步IO请求上限(兼容低内核版本)
}
# HTTP核心模块(修正access_log语法,删除所有冲突/不兼容指令)
http
{
include mime.types;
#include luawaf.conf; # WAF按需启用,默认注释
include proxy.conf; # 引入宝塔代理基础配置,避免重复声明
default_type application/octet-stream;
charset utf-8; # 统一字符集,避免乱码
server_names_hash_bucket_size 256;
server_names_hash_max_size 1024; # 提升多域名解析效率
# 请求头/连接优化(适配PHP8.4快响应特性)
client_header_buffer_size 32k; # 精简请求头缓冲区,够用不浪费
large_client_header_buffers 2 64k; # 大请求头缓冲区精简,避免冗余
client_header_timeout 10s; # 请求头超时,快速释放无效连接
client_body_timeout 15s; # 请求体超时,避免资源占用
client_max_body_size 100m; # 适配大文件上传,兼容PHP8.4上传特性
send_timeout 10s; # 发送响应超时,释放僵死连接
# 网络传输优化(全平台兼容,无特殊依赖)
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 20s; # 长连接超时精简,省资源
keepalive_requests 2000; # 单长连接最大请求数,提升复用率
reset_timedout_connection on; # 主动关闭超时连接,释放资源
lingering_time 3s; # 连接关闭延迟,平衡数据完整性
# 静态文件处理优化(通用缓存,无兼容问题)
open_file_cache max=20000 inactive=60s; # 缓存文件描述符,提升静态资源速度
open_file_cache_valid 30s; # 缓存有效性检查间隔
open_file_cache_min_uses 2; # 最少2次访问才缓存,避免无效缓存
open_file_cache_errors on; # 缓存错误状态,减少重复IO
# PHP8.4-FPM交互极致优化(无参数冲突,全平台兼容)
fastcgi_connect_timeout 180; # 适配PHP8.4快执行,缩短超时(原300s冗余)
fastcgi_send_timeout 180;
fastcgi_read_timeout 180;
fastcgi_buffer_size 64k; # 响应头缓冲区,适配PHP8.4响应大小
fastcgi_buffers 4 128k; # 响应体缓冲区(总512k)
fastcgi_busy_buffers_size 256k; # 严格遵循规则:<512k-128k=384k,无冲突
fastcgi_temp_file_write_size 256k; # 与busy缓冲区一致,避免IO冲突
fastcgi_intercept_errors on;
fastcgi_cache off; # 2H4G内存有限,禁用fastcgi缓存
fastcgi_cache_valid any 0s; # 显式禁用缓存,规范配置
# PHP8.4进程池适配参数
fastcgi_param PHP_FCGI_MAX_REQUESTS 10000; # 适配PHP-FPM最大请求数,减少进程重启
# Gzip压缩优化(平衡CPU与带宽,全平台兼容)
gzip on;
gzip_min_length 1024; # 1024字节以下不压缩,省CPU
gzip_buffers 8 16k; # 缓冲区拆分,提升压缩效率
gzip_http_version 1.1;
gzip_comp_level 2; # 压缩级别2,CPU占用降低30%
gzip_types text/plain application/javascript application/x-javascript text/javascript text/css application/xml application/json image/jpeg image/gif image/png font/ttf font/otf image/svg+xml application/xml+rss text/x-js application/php; # 新增PHP类型压缩
gzip_vary on;
gzip_proxied expired no-cache no-store private auth;
gzip_disable "MSIE [1-6]\.|Opera/[1-9]\."; # 扩展兼容禁用列表
gzip_static on; # 优先使用预压缩文件,减少实时压缩
# 并发限流优化(防御攻击+稳定服务,无依赖)
limit_conn_zone $binary_remote_addr zone=perip:10m;
limit_conn_zone $server_name zone=perserver:10m;
limit_conn perip 25; # 单IP并发25,兼顾体验与安全
limit_conn perserver 300; # 服务器总并发300,适配2核CPU
limit_req_zone $binary_remote_addr zone=req_limit:10m rate=40r/s; # 单IP每秒40请求
limit_req zone=req_limit burst=15 nodelay; # 突发请求缓冲,避免正常请求被拦
# 安全与稳定性优化(全平台通用)
server_tokens off;
add_header X-Frame-Options SAMEORIGIN; # 防点击劫持
add_header X-XSS-Protection "1; mode=block"; # 防XSS攻击
add_header X-Content-Type-Options nosniff; # 防MIME嗅探
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; # HSTS(HTTPS场景启用)
access_log off; # 关闭全局HTTP访问日志,减少IO
# phpMyAdmin站点配置(修正access_log语法,安全+优化)
server
{
listen 4434;
server_name phpmyadmin;
index index.php index.html index.htm;
root /www/server/phpmyadmin;
# 安全限制
location ~ /tmp/ { return 403; }
location ~ /\. { deny all; }
allow 127.0.0.1;
allow ::1;
deny all;
# PHP解析(适配PHP8.4)
include enable-php.conf;
# 静态资源缓存
location ~* \.(gif|jpg|jpeg|png|bmp|swf|ico|svg)$ {
expires 30d;
add_header Cache-Control "public, max-age=2592000";
}
location ~* \.(js|css)$ {
expires 12h;
add_header Cache-Control "public, max-age=43200";
}
# 修正access_log语法:指定默认格式combined,参数跟在格式后
access_log /www/wwwlogs/phpmyadmin-access.log combined buffer=16k flush=10s;
}
# 引入宝塔虚拟主机配置(必须在最后,优先级最低)
include /www/server/panel/vhost/nginx/*.conf;
}© 版权声明
文章版权归作者所有,未经允许请勿转载。
THE END
暂无评论内容