Implementation of Nginx forwarding matching rules
- 2020-05-24 06:49:22
- OfStack
1. Regular expression matching
~ matches for case sensitivity ~* is case insensitive ! ~ and! ~* are case sensitive mismatches and case insensitive mismatches, respectively2. File and directory matching
- f and! -f is used to determine if a file exists - d and! -d is used to determine if a directory exists - e and! -e is used to determine if a file or directory exists - x and! -x is used to determine whether a file is executable3. The last parameter of rewrite instruction is marked with flag, and is marked with flag
last is equivalent to the [L] tag in apache, which means rewrite. After the rule matching of break is completed, the match is terminated and the subsequent rule is no longer matched. redirect returns a 302 temporary redirect, and the browser address displays the URL address after the jump. permanent returns a 301 permanent redirect, and the browser address displays the URL address after the jump.
URI was rewritten using last and break, leaving the browser address bar unchanged.
Also, there is a slight difference between the two. The alias directive must be marked with last. When using the proxy_pass directive, you need to use the break flag. The Last flag, upon completion of this rewrite rule, will be applied to the server{... The} tag re-initiates the request, and the break tag terminates the match after this rule match is completed.
If we will be similar
URL/photo/123456
Redirected to
/path/to/photo/12/1234/123456.png
rewrite "/photo/([0-9]{2})([0-9]{2})([0-9]{2})"
rewrite "/path/to/photo/$1/$1$2/$1$2$3.png" ;
4. Instructions related to NginxRewrite rules
1. break instruction
Environment: server, location, if
This directive completes the current rule set and no longer processes the rewrite directive.
2. if instruction
Environment: server, location
This directive is used to check whether a condition is met and, if so, to execute the statement in curly braces. The If directive does not support nesting and does not support multiple conditions
&
&
And |, |.
3. return instruction
Grammar: returncode
Environment: server, location, if
This instruction is used to terminate the execution of the rule and return a status code to the client.
Example: if the accessed URL ends in ".sh "or".bash ", a 403 status code is returned
location ~ .*\.(sh|bash)?$
{
return 403;
}
4. rewrite instruction
Grammar:
rewriteregex replacement flag
Environment: server, location, if
This directive redirects URI based on an expression, or modifies a string. The instructions are executed according to the order in the configuration file. Note that the rewrite expression is only valid for relative paths. If you want to match the hostname, you should use the if statement, as shown below:
if( $host ~* www\.(.*) )
{
set $host_without_www $1;
rewrite ^(.*)$ http://$host_without_www$1permanent;
}
5. Set instruction
Grammar: setvariable value;
Default: none
Environment: server, location, if
This directive is used to define a variable and assign a value to it. The value of a variable can be a combination of text, variables, and text variables.
set$varname "hello world";
6, Uninitialized_variable_warn instruction
Grammar: uninitialized_variable_warnon | off
Environment: http, server, location, if
This directive is used to turn on and off warnings for uninitialized variables, with the default value being on.
5. Example of Rewrite rule writing for Nginx
1. Redirect to an html file when the accessed file or directory does not exist
if( !-e $request_filename )
{
rewrite ^/(.*)$ index.htmllast;
}
2. Directory swap /123456/xxxx ====
>
/xxxx?id=123456
rewrite ^/(\d+)/(.+)/ /$2?id=$1 last;3. If the client is using the IE browser, redirect to the /ie directory
if( $http_user_agent ~ MSIE)
{
rewrite ^(.*)$ /ie/$1 break;
}
4. Multiple directories are not allowed to be accessed
location ~ ^/(cron|templates)/
{
deny all;
break;
}
5. Disallow access to files starting with /data
location ~ ^/data
{
deny all;
}
6, blocking access to. sh. flv,. mp3 file suffix
location ~ .*\.(sh|flv|mp3)$
{
return 403;
}
7. Set the browser cache time for certain types of files
location ~ .*\.(sh|bash)?$
{
return 403;
}
8. Set expiration times for favicon.ico and robots.txt
This is favicon.ico for 99 days, robots.txt for 7 days and does not log 404 errors
location ~(favicon.ico) {
log_not_found off;
expires 99d;
break;
}
location ~(robots.txt) {
log_not_found off;
expires 7d;
break;
}
9. Set the expiration time of a file; This is 600 seconds and no access logs are logged
location ^~ /html/scripts/loadhead_1.js {
access_log off;
root /opt/lampp/htdocs/web;
expires 600;
break;
}
10. File anti-hotlinking and set the expiration time
Here, return412 is a custom http status code, which defaults to 403, so as to find out the correct hotlinking request
location ~ .*\.(sh|bash)?$
{
return 403;
}
11. Only fixed ip is allowed to visit the website, with password
location ~ .*\.(sh|bash)?$
{
return 403;
}
12. Convert the files in the multi-level directory into one file to enhance the effect of seo
/job-123-456-789.html
Point to the
/job/123/456/789.html
location ~ .*\.(sh|bash)?$
{
return 403;
}
13. Redirection when files and directories do not exist:
location ~ .*\.(sh|bash)?$
{
return 403;
}
14. Point a folder in the root directory to a level 2 directory
Such as
/shanghaijob/
Point to the
/area/shanghai/
If you change last to permanent, the browser address bar will appear to be
/location/shanghai/
rewrite ^/([0-9a-z]+)job/(.*)$ /area/$1/$2last;
One problem with the above example is that it will not match when accessing /shanghai
rewrite ^/([0-9a-z]+)job$ /area/$1/ last;
rewrite ^/([0-9a-z]+)job/(.*)$ /area/$1/$2last;
such
/shanghai
It's also accessible, but the relative links in the page are not available,
Such as
./list_1.html
The real address is
/path/to/photo/12/1234/123456.png0
Will become
/list_1.html
, leading to unreachable.
Then I can't add automatic jump
(-d $request_filename)
It has a condition that is required for the real directory, and my rewrite is not, so it has no effect
location ~ .*\.(sh|bash)?$
{
return 403;
}
It's easy to do when you know why. Let me jump manually
rewrite ^/([0-9a-z]+)job$ /$1job/permanent;
rewrite ^/([0-9a-z]+)job/(.*)$ /area/$1/$2last;
15, domain name jump
server{
listen 80;
server_name jump.linuxidc.com;
index index.html index.htm index.php;
root /opt/lampp/htdocs/www;
rewrite ^/ http://www.linuxidc.com/;
access_log off;
}16. Multiple domain name switching
server_name www.linuxidc.comwww.linuxidc.net;
index index.html index.htm index.php;
root /opt/lampp/htdocs;
if ($host ~ "linuxidc\.net") {
rewrite ^(.*) http://www.linuxidc.com$1permanent;
}
6. nginx global variable
arg_PARAMETER # This variable contains GET If there are variables in the request PARAMETER When the value of the.
args # This variable is equal to the request line (GET request ) , such as: foo=123&bar=blahblah;
binary_remote_addr #2 Base client address.
body_bytes_sent # Sent in response body Number of bytes. This data is accurate even if the connection is broken.
content_length # In the request header Content-length Field.
content_type # In the request header Content-Type Field.
cookie_COOKIE #cookie COOKIE The value of the variable
document_root # Current request in root A value specified in an instruction.
document_uri # with uri The same.
host # Request the host header field, otherwise the server name.
hostname #Set to themachine's hostname as returned by gethostname
http_HEADER
is_args # If you have args Parameter, this variable is equal to" ? ", otherwise equal to" " , a null value.
http_user_agent # The client agent information
http_cookie # The client cookie information
limit_rate # This variable can limit the connection rate.
query_string # with args The same.
request_body_file # The client requests the temporary file name of the principal information.
request_method # The action requested by the client, usually GET or POST .
remote_addr # The client's IP Address.
remote_port # Client port.
remote_user # Have already been Auth Basic Module The authenticated user name.
request_completion # If the request ends, set to OK. When the request does not end or if the request is not at the end of the request chain 1 Hour is null (Empty) .
request_method #GET or POST
request_filename # The current requested file path, by root or alias Command and URI Request generation.
request_uri # Contains the original of the request parameter URI , without the host name, as in:" /foo/bar.php?arg=baz ". It cannot be modified.
scheme #HTTP Methods (such as: http . https ).
server_protocol # Request to use the protocol, usually HTTP/1.0 or HTTP/1.1 .
server_addr # Server address at completion 1 This value can be determined after the next system call.
server_name # Server name.
server_port # The port number at which the request arrives at the server. 7. Correspondence between Apache and Nginx rules
RewriteCond of Apache corresponds to if of Nginx
RewriteRule of Apache corresponds to rewrite of Nginx
The [R] of Apache corresponds to the redirect of Nginx
The [P] of Apache corresponds to the last of Nginx
The [R,L] of Apache corresponds to the redirect of Nginx
[P,L] of Apache corresponds to last of Nginx
The [PT,L] of Apache corresponds to last of Nginx
For example, allow the specified domain name to visit this site, other domain name 1 law to www.ofstack.com
Apache:
RewriteCond %{HTTP_HOST} !^(.*?)\.aaa\.com$[NC]
RewriteCond %{HTTP_HOST} !^localhost$
RewriteCond %{HTTP_HOST}!^192\.168\.0\.(.*?)$
RewriteRule ^/(.*)$ //www.ofstack.com[R,L]
Example of Nginx filtering:
if( $host ~* ^(.*)\.aaa\.com$ )
{
set $allowHost ' 1';
}
if( $host ~* ^localhost )
{
set $allowHost ' 1';
}
if( $host ~* ^192\.168\.1\.(.*?)$ )
{
set $allowHost ' 1';
}
if( $allowHost !~ ' 1' )
{
rewrite ^/(.*)$ //www.ofstack.comredirect ;
}
conclusion
Back-end development is a career that is closest to the full stack. The front-end is not enough to write the page JS at the top of the back-end, and it does not matter to maintain the server at the back end if there is no operation and maintenance. In a word, a good back-end can cover all aspects.