检测nginx允许打开文件数量:
```for pid in `ps aux |grep nginx |grep -v grep|awk '{print $2}'`; do cat /proc/${pid}/limits |grep 'Max open files'; done```
释放linux内存中的缓存,一般不需要这么做:
```echo 1 > /proc/sys/vm/drop_caches
echo 3 > /proc/sys/vm/drop_caches```
检测nginx是否502,是的话就重启nginx,可加入crontab定时检测。
```#!/bin/bash
CheckURL="http://www.yoursite.com"
STATUS_CODE=`curl -o /dev/null -m 10 --connect-timeout 10 -s -w %{http_code} $CheckURL`
#echo "$CheckURL Status Code:\t$STATUS_CODE"
if [ "$STATUS_CODE" = "502" ]; then
/etc/init.d/php-fpm restart
fi```
自动压缩网站目录下的js和css的脚本,可以用来配合nginx启用gzip_static,运行方式,把脚本保存为gzip.sh,然后运行
```gzip.sh /path/网站目录```
下面是脚本:
```#!/bin/bash
PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:~/bin
export PATH
ScriptName=${0##*/}
function print_usage() {
echo "Please Use $ScriptName <directory>."
}
## Check the number of arguments.
if [ $# -ne 1 ]; then
print_usage
exit 1
fi
## $1 - the static file directory.
function gzip_static_files() {
filelist=`find $1 -maxdepth 88 \( -name "*.css" -o -name "*.js" -o -name "*.html" \) -type f`
for file in $filelist
do
gzip -5 -f -c $file > $file.gz
done
}
# gzip_static_files
gzip_static_files $1
exit 0```
csf配合nginx防cc,单ip超过100个连接直接加入nginx黑名单,并添加到防火墙黑名单。
```#!/bin/bash
#Collecting list of ip addresses connected to port 80
#netstat -plan|grep :80|grep ESTABLISHED|awk {'print $5'}|cut -d: -f 1|sort|uniq -c|sort -nk 1 > /root/iplist
netstat -plan|grep :80|awk {'print $5'}|cut -d: -f 1|sort|uniq -c|sort -nk 1 > /root/iplist
#Limit the no of connections
LIMIT=100;
for ip in `cat /root/iplist |awk '{print $2}'`;do
if [ `grep $ip /root/iplist | awk '{print $1}'` -gt $LIMIT ]
then
echo "100 connection from $ip... `grep $ip /root/iplist | awk '{print $1}'` number of connections... Blocking $ip";
#Blocking the ip ...
CHECK_IF_LOCALIP=0;
/sbin/ifconfig | grep $ip > /dev/null;
if [ $? -ne $CHECK_IF_LOCALIP ]
then {
FLAG=0;
grep $ip /etc/csf/csf.deny > /dev/null;
if [ $? -ne $FLAG ]
then
iptables -I INPUT -s $ip -j DROP;
/usr/sbin/csf -d $ip;
else
echo " Ipaddress $ip is already blocked ";
fi
}
else
echo " Sorry, the ip $ip cannot be blocked since this is a local ip of the server ";
fi
fi
done```