nginx rewrite Regular expression matching
Case matching
~ for case-sensitive matching
~* for case-insensitive matching
!~ and !~* for case-sensitive mismatch and case-insensitive mismatch
file and directory matching
-f and !-f is used to judge whether a file exists
-d and !-d are used to judge whether a directory exists
-e and !-e are used to judge whether a file or directory exists
-x and !-x are used to judge whether the file is executable
flag
last is equivalent to the [L] tag in Apache, indicating that the rewrite
break is completed to terminate the matching, and the following rules are no longer matched.
redirect Returns a 302 temporary redirect and the address bar will display the redirected address.
permanent Returns 301 permanent redirect and the address bar will display the redirected address.
Several use cases for logging:
1) location / { }: matches any query since all requests start with /. But the regex rules will be preferentially matched against the query.
2) location =/ {}: only matches /
3) location ~* \.(gif|jpg|jpeg)$
{
rewrite \.(gif|jpg)$ /logo.png;
}: location is case-insensitive, matches Any file ending in gif, jpg, jpeg.
Several examples:
multi-directory conversion parameter
requirements: abc.domian.com/sort/2 => abc.domian.com/index.php?act=sort&name=abc&id=2
Rule configuration:
if ($host ~* (. *)\.domain\.com) {
set $sub_name $1;
rewrite ^/sort\/(\d+)\/?$ /index.php?act=sort&cid=$sub_name&id=$1 last;
}
Directory Swap
Requirements : /123456/xxxx -> /xxxx?id=123456
Rule configuration:
rewrite ^/(\d+)/(.+)/ /$2?id=$1 last;
Another automatic rewrite optimized for browsers, here the rewrite The directory can exist;
for example, to set nginx to redirect to the /nginx-ie directory when users use ie, the
rules are as follows:
if ($http_user_agent ~ MSIE) {
rewrite ^(.*)$ /nginx-ie/$1 break;
}
The directory automatically adds "/", this function is generally completed automatically by the browser
if (-d $request_filename){
rewrite ^/(.*)([^/])$ http://$host/$1$2/ permanent;
}
The following may have nothing to do with generalized rewrite rewrite
Prohibit htaccess
location ~/\.ht {
deny all ;
}
Prohibit multiple directories
location ~ ^/(cron|templates)/ {
deny all; break;
} Prohibit files starting with /data, you can prohibit .log.txt and other requests for location ~ ^
in multi-level directories under /data/
/data {
deny all;
}
Prohibit a single file
location ~ /data/sql/data.sql {
deny all;
}
Set the expiration time for favicon.ico and robots.txt; here is 99 days for favicon.ico, and robots.txt is 7 days without logging 404 error log
location ~(favicon.ico) {
log_not_found off;
expires 99d;
break;
}
location ~(robots.txt) {
log_not_found off;
expires 7d;
break;
}
Set the browser cache expiration time for a file; here is 600 seconds, and access logs are not recorded
location ^~ /html/scripts/loadhead_1.js {
access_log off;
expires 600;
break;
}
Nginx can also customize the shelf life of a certain type of file. For details, see the code below:
location ~* \.(js|css|jpg|jpeg|gif|png|swf )$ {
if (-f $request_filename) {
expires 1h;
break;
}
}
//The above code sets the shelf life of files such as js|css|jpg|jpeg|gif|png|swf to one hour.
Anti-leech settings:
Anti-leech: If your website is a download website, the download step should be to find the download address through your homepage before downloading. In order to prevent some netizens from directly accessing the download address without downloading through the homepage, we can Using the method of anti-leech, the specific code is as follows:
location ~* \.(gif|jpg|swf)$ {
valid_referers none blocked start.igrow.cn sta.igrow.cn;
if ($invalid_referer) {
rewrite ^/ http://$host/logo.png;
}
}
file anti-hotlinking and set expiration time --<more hotlinks This request will also open the picture of your site, so set the cache time, you will not request and download this picture every time you hotlink >
location ~* ^.+\.(jpg|jpeg|gif|png|swf |rar|zip|css|js)$ {
valid_referers none blocked *.jjonline.cn *.jjonline.com.cn *.lanwei.org *.jjonline.org localhost 42.121.107.189;
if ($invalid_referer) {
rewrite ^/ http://img.jjonline.cn/forbid.gif;
return 417;
break;
}
access_log off;
break;
}
Note:
return 417 here is a custom http status code, the default is 403, which is convenient for passing the nginx log file Find out the correct hotlink request address
"rewrite ^/ http://img.jjonline.cn/forbid.gif;" shows an anti-leech picture
"access_log off;" does not record access logs, reducing stress
"expires 3d" all files 3 days of browser cache
only Allow a fixed ip to access the website and add a password; this is compared to the application with permission authentication in the line
location \ {
allow 22.27.164.25; #allowed ipd
deny all;
auth_basic "KEY"; #authentication some settings
auth_basic_user_file htpasswd;
}
Note: There are also various changes in the application of location, and the writing here is aimed at the root directory.
Redirect when files and directories do not exist
if (!-e $request_filename) {
#proxy_pass http://127.0.0.1; #Here is the jump to the proxy ip, which has a listening web server
rewrite ^/ http://www.jjonline.cn/none.html; #Jump to this page
#return 404; #Return directly to the 404 code, and then look for the 404.html file specified by root
}
Domain name jump
server {
listen 80;
server_name jump.jjonline.cn ;#Multi-level domain names that need to be jumped
index index.html index.htm index.php; #The name of the entry index file
root /var/www/public_html/; #The root directory of this site
rewrite ^/ http://www.jjonline.cn/;
#rewrite to this address, function performance: enter jump.jjonline.cn on the browser and press Enter, there will be no prompt directly to www.jjonline.cn
access_log off;
}
Multi-domain forwarding to
server {
listen 80;
server_name www.jjonline.cn www.jjonline.org;
index index.html index.htm index.php;
root /var/www/public_html/;
if ($host ~ “jjonline\. org”) {
rewrite ^(.*) http://www.jjonline.cn$1 permanent;
}
}
Third-level domain name jump
if ($http_host ~* “^(.*)\.i\.jjonline\.cn$”) {
rewrite ^(.*) http://demo.jjonline.cn$1;
break;
}
domain mirroring
server {
listen 80;
server_name mirror.jjonline.cn;
index index.html index.htm index.php;
root /var/www/public_html;
rewrite ^/(.*) http://www.jjonline.cn/$1 last;
access_log off;
}
A subdirectory is used as a mirror, the example here is the demo subdirectory
location ^~ /demo {
rewrite ^.+ http://demo.jjonline.cn/ last;
break;
}
The following is the rewrite method attached to this blog , the rewrite location of the emlog system
~ {
if (!-e $request_filename) {
rewrite ^/(.+)$ /index.php last;
}
}
Case matching
~ for case-sensitive matching
~* for case-insensitive matching
!~ and !~* for case-sensitive mismatch and case-insensitive mismatch
file and directory matching
-f and !-f is used to judge whether a file exists
-d and !-d are used to judge whether a directory exists
-e and !-e are used to judge whether a file or directory exists
-x and !-x are used to judge whether the file is executable
flag
last is equivalent to the [L] tag in Apache, indicating that the rewrite
break is completed to terminate the matching, and the following rules are no longer matched.
redirect Returns a 302 temporary redirect and the address bar will display the redirected address.
permanent Returns 301 permanent redirect and the address bar will display the redirected address.
Several use cases for logging:
1) location / { }: matches any query since all requests start with /. But the regex rules will be preferentially matched against the query.
2) location =/ {}: only matches /
3) location ~* \.(gif|jpg|jpeg)$
{
rewrite \.(gif|jpg)$ /logo.png;
}: location is case-insensitive, matches Any file ending in gif, jpg, jpeg.
Several examples:
multi-directory conversion parameter
requirements: abc.domian.com/sort/2 => abc.domian.com/index.php?act=sort&name=abc&id=2
Rule configuration:
if ($host ~* (. *)\.domain\.com) {
set $sub_name $1;
rewrite ^/sort\/(\d+)\/?$ /index.php?act=sort&cid=$sub_name&id=$1 last;
}
Directory Swap
Requirements : /123456/xxxx -> /xxxx?id=123456
Rule configuration:
rewrite ^/(\d+)/(.+)/ /$2?id=$1 last;
Another automatic rewrite optimized for browsers, here the rewrite The directory can exist;
for example, to set nginx to redirect to the /nginx-ie directory when users use ie, the
rules are as follows:
if ($http_user_agent ~ MSIE) {
rewrite ^(.*)$ /nginx-ie/$1 break;
}
The directory automatically adds "/", this function is generally completed automatically by the browser
if (-d $request_filename){
rewrite ^/(.*)([^/])$ http://$host/$1$2/ permanent;
}
The following may have nothing to do with generalized rewrite rewrite
Prohibit htaccess
location ~/\.ht {
deny all ;
}
Prohibit multiple directories
location ~ ^/(cron|templates)/ {
deny all; break;
} Prohibit files starting with /data, you can prohibit .log.txt and other requests for location ~ ^
in multi-level directories under /data/
/data {
deny all;
}
Prohibit a single file
location ~ /data/sql/data.sql {
deny all;
}
Set the expiration time for favicon.ico and robots.txt; here is 99 days for favicon.ico, and robots.txt is 7 days without logging 404 error log
location ~(favicon.ico) {
log_not_found off;
expires 99d;
break;
}
location ~(robots.txt) {
log_not_found off;
expires 7d;
break;
}
Set the browser cache expiration time for a file; here is 600 seconds, and access logs are not recorded
location ^~ /html/scripts/loadhead_1.js {
access_log off;
expires 600;
break;
}
Nginx can also customize the shelf life of a certain type of file. For details, see the code below:
location ~* \.(js|css|jpg|jpeg|gif|png|swf )$ {
if (-f $request_filename) {
expires 1h;
break;
}
}
//The above code sets the shelf life of files such as js|css|jpg|jpeg|gif|png|swf to one hour.
Anti-leech settings:
Anti-leech: If your website is a download website, the download step should be to find the download address through your homepage before downloading. In order to prevent some netizens from directly accessing the download address without downloading through the homepage, we can Using the method of anti-leech, the specific code is as follows:
location ~* \.(gif|jpg|swf)$ {
valid_referers none blocked start.igrow.cn sta.igrow.cn;
if ($invalid_referer) {
rewrite ^/ http://$host/logo.png;
}
}
file anti-hotlinking and set expiration time --<more hotlinks This request will also open the picture of your site, so set the cache time, you will not request and download this picture every time you hotlink >
location ~* ^.+\.(jpg|jpeg|gif|png|swf |rar|zip|css|js)$ {
valid_referers none blocked *.jjonline.cn *.jjonline.com.cn *.lanwei.org *.jjonline.org localhost 42.121.107.189;
if ($invalid_referer) {
rewrite ^/ http://img.jjonline.cn/forbid.gif;
return 417;
break;
}
access_log off;
break;
}
Note:
return 417 here is a custom http status code, the default is 403, which is convenient for passing the nginx log file Find out the correct hotlink request address
"rewrite ^/ http://img.jjonline.cn/forbid.gif;" shows an anti-leech picture
"access_log off;" does not record access logs, reducing stress
"expires 3d" all files 3 days of browser cache
only Allow a fixed ip to access the website and add a password; this is compared to the application with permission authentication in the line
location \ {
allow 22.27.164.25; #allowed ipd
deny all;
auth_basic "KEY"; #authentication some settings
auth_basic_user_file htpasswd;
}
Note: There are also various changes in the application of location, and the writing here is aimed at the root directory.
Redirect when files and directories do not exist
if (!-e $request_filename) {
#proxy_pass http://127.0.0.1; #Here is the jump to the proxy ip, which has a listening web server
rewrite ^/ http://www.jjonline.cn/none.html; #Jump to this page
#return 404; #Return directly to the 404 code, and then look for the 404.html file specified by root
}
Domain name jump
server {
listen 80;
server_name jump.jjonline.cn ;#Multi-level domain names that need to be jumped
index index.html index.htm index.php; #The name of the entry index file
root /var/www/public_html/; #The root directory of this site
rewrite ^/ http://www.jjonline.cn/;
#rewrite to this address, function performance: enter jump.jjonline.cn on the browser and press Enter, there will be no prompt directly to www.jjonline.cn
access_log off;
}
Multi-domain forwarding to
server {
listen 80;
server_name www.jjonline.cn www.jjonline.org;
index index.html index.htm index.php;
root /var/www/public_html/;
if ($host ~ “jjonline\. org”) {
rewrite ^(.*) http://www.jjonline.cn$1 permanent;
}
}
Third-level domain name jump
if ($http_host ~* “^(.*)\.i\.jjonline\.cn$”) {
rewrite ^(.*) http://demo.jjonline.cn$1;
break;
}
domain mirroring
server {
listen 80;
server_name mirror.jjonline.cn;
index index.html index.htm index.php;
root /var/www/public_html;
rewrite ^/(.*) http://www.jjonline.cn/$1 last;
access_log off;
}
A subdirectory is used as a mirror, the example here is the demo subdirectory
location ^~ /demo {
rewrite ^.+ http://demo.jjonline.cn/ last;
break;
}
The following is the rewrite method attached to this blog , the rewrite location of the emlog system
~ {
if (!-e $request_filename) {
rewrite ^/(.+)$ /index.php last;
}
}