Nginx集成流量统计

发表于2023-08-28Zeno Chen

1.安装相关程序

pacman -S libmaxminddb mmdblookup nginx-mod-geoip2 nginx-mod-vts
mmdblookup --file  /usr/share/GeoIP/GeoLite2-City.mmdb --ip 223.104.146.1

2.增加配置

nano -w /etc/nginx/nginx.conf

...
load_module /usr/lib/nginx/modules/ngx_http_cache_purge_module.so;
load_module /usr/lib/nginx/modules/ngx_http_geoip2_module.so;
load_module /usr/lib/nginx/modules/ngx_http_vhost_traffic_status_module.so;
...

...
http {

    ##
    # GeoIP
    ##
    geoip2 /usr/share/GeoIP/GeoLite2-Country.mmdb {
        auto_reload 5m;
        $geoip2_metadata_country_build metadata build_epoch;
        $geoip2_data_country_name default=unknow source=$http_x_forwarded_for country names en;
        $geoip2_data_country_code default=unknow source=$http_x_forwarded_for country iso_code;
    }

    geoip2 /usr/share/GeoIP/GeoLite2-City.mmdb {
        auto_reload 5m;
        # 洲
        $geoip2_continent_code default=unknow source=$http_x_forwarded_for continent code;
        # 国家
        $geoip2_country default=unknow source=$http_x_forwarded_for country names en;
        $geoip2_country_code default=unknow source=$http_x_forwarded_for country iso_code;
        # 省份
        $geoip2_region default=unknow source=$http_x_forwarded_for subdivisions 0 names en;
        $geoip2_region_code default=unknow source=$http_x_forwarded_for subdivisions 0 iso_code;
        # 城市
        $geoip2_city default=unknow source=$http_x_forwarded_for city names en;
        # 邮编
        $geoip2_postal_code default=unknow source=$http_x_forwarded_for postal code;
        # 精度
        $geoip2_latitude default=unknow source=$http_x_forwarded_for location latitude;
        # 纬度
        $geoip2_longitude default=unknow source=$http_x_forwarded_for location longitude;
        # 时区
        $geoip2_timezone default=unknow source=$http_x_forwarded_for location time_zone;
    }

    geoip2 /usr/share/GeoIP/GeoLite2-ASN.mmdb {
        auto_reload 5m;
        $geoip2_asn default=unknow source=$http_x_forwarded_for autonomous_system_number;
        $geoip2_organization default=unknow source=$http_x_forwarded_for autonomous_system_organization;
    }

    # 这里生成允许/拒绝列表
    map $$geoip2_region_code $denied_region {
        default no;
        HB yes;
        JS yes;
    }

    vhost_traffic_status_zone;
    vhost_traffic_status_filter_by_set_key $geoip2_data_country_code country::*;
...

3.配置监控的主机

    vhost_traffic_status_filter_by_set_key $geoip2_data_country_code country::$server_name;

    location /status {
        auth_basic "View The Status";
        auth_basic_user_file /etc/nginx/password;
        vhost_traffic_status_display;
        vhost_traffic_status_display_format html;
    }

4.状态页密码保护

echo "user:" >> /etc/nginx/password
openssl passwd -apr1 >> /etc/nginx/password

关于Zeno Chen

本人涉及的领域较多,杂而不精 程序设计语言: Perl, Java, PHP, Python; 数据库系统: MySQL,Oracle; 偶尔做做电路板的开发,主攻STM32单片机
此条目发表在Linux分类目录。将固定链接加入收藏夹。