Rewrite和常用指令
rewrite 常用正则表达式说明 小括号()之间匹配的内容,可以在后面通过$1来引用,$2表示的是前面第二个()里的内容。正则里 面容易让人困惑的是转义特殊字符。
一、rewrite实例
rewrite语法
- last 本条规则匹配完成后,继续向下匹配新的location URI规则
- break 本条规则匹配完成后终止,不再匹配后面的任何规则
- redirect 302临时重定向
- permanent 301永久重定向
一、目录重定向
# www.rewrite.com/old/old.html定向到www.rewrite.com/new/new.html
[root@web-nginx conf.d]# cat rewrite.conf
server {
listen 80;
server_name www.rewrite.com;
location /old {
root /html/rewrite;
index old.html index.htm;
rewrite .* /new/new.html permanent;
}
location /new {
root /html/rewrite;
index new.html index.htm;
}
}
[root@web-nginx conf.d]# tree /html
/html
└── rewrite
├── index.html
├── new
│ └── new.html
└── old
└── old.html
3 directories, 3 files
二、目录重定向
- /html/rewrite/
- old/old.html
- new/new.html
http://www.rewrite.com/old/old.html重定向到http://www.rewrite.com/new/old.html
server {
listen 80;
server_name www.rewrite.com;
location /old {
root /html/rewrite;
index old.html index.htm;
rewrite ^/old/(.*)$ /new/$1 permanent;
}
location /new {
root /html/rewrite;
index old.html index.htm;
}
}
[root@web-nginx conf.d]# tree /html
/html
└── rewrite
├── index.html
├── new
│ └── old.html //hello new/old.html
└── old
└── old.html //hello old/old.html
三、目录重定向
server {
listen 80;
server_name www.rewrite.com;
location /old {
root /html/rewrite;
rewrite ^/old/(.*).html$ http://$host/new/login.html?user=$1;
}
location /new {
root /html/rewrite;
index new.html index.htm;
}
}
四、指定目录跳到新目录
server {
listen 80;
server_name www.rewrite.com;
location /old {
root /html/rewrite;
rewrite ^/old/([a-z]+)(.*)$ /new/$1 permanent;
}
location /new {
root /html/rewrite;
index new.html index.htm;
}
}
五、80跳转到443
server {
listen 80;
listen 443 ssl;
server_name www.test.com;
ssl_protocols TLSv1.2 TLSv1.1 TLSv1;
ssl_certificate /html/test.com.crt;
ssl_certificate_key /html/test.com.key;
ssl_prefer_server_ciphers on;
#自动跳转到HTTPS (可选)
if ($server_port = 80) {
rewrite ^(.*)$ https://$host$1 permanent;
}
location / {
root /html/rewrite;
index index.html index.htm index.php;
}
}
二、if指令
| =和!= | 判断变量或字符是否相等 |
|---|---|
| ~ | 区分大小写正则表达式匹配 |
| ~* | 不区分大小写的正则表达式匹配 |
| !~ | 区分大小写的正则表达式不匹配 |
| -f和!-f | 判断文件是否存在 |
| -d和!-d | 判断目录是否存在 |
| -e和!-e | 判断文件或目录是否存在 |
| -x和!-x | 判断文件是否可执行 |
1.域名重定向
# # http://www.rewrite.com重定向到http://www.baidu.com
# /etc/nginx/conf.d/xxx.conf
server {
listen 8088;
server_name www.rewrite.com;
#域名跳转
location / {
root /html/rewrite;
index index.html;
if ($host ~* www.rewrite.com){
rewrite .* http://jd.com permanent;
}
}
# 子目录跳转
location /old {
root /html/rewrite;
if ($host ~* www.rewrite.com){
rewrite .* http://jd.com permanent;
}
}
}
server {
listen 80;
server_name www.rewrite.com;
# 带参数域名跳转www.rewrite.com/my/index跳转到www.baidu.com/my/index
# 传送/my/index
# location / {
# root /html/rewrite;
# index index.html;
#
# if ($host ~* www.rewrite.com){
# rewrite .* http://www.baidu.com$request_uri permanent;
# }
# }
# 匹配网站指定目录www.rewrite.com/old/old.html跳转到www.baidu.com
# location /old {
# root /html/rewrite;
# if ($host ~* www.rewrite.com){
# rewrite .* http://www.baidu.com permanent;
# }
# }
location /old {
root /html/rewrite;
if ($host ~* www.rewrite.com){
rewrite .* http://www.baidu.com$request_uri permanent;
}
}
}
# www.rewrite.com/old/old.html转到www.baidu.com/old/old.html //此处因为配置为固定目录,参数已固定,跳转到www.baidu.com后面的参数也是固定的
# http://www.rewrite.com/old/index.html
# $1:/old/
# $2:index.html
# http://$host$1$2
location /old {
root /html/rewrite;
index index.html index.hml;
if (-d $request_filename){
rewrite ^(.*) http://$host$1$2 permanent;
}
}
三、set指令
set 指令是用于定义一个变量,并且赋值
应用:server, location, if
old.rewrite.com重定向www.rewrite.com/old
new.rewrite.com重定向www.rewrite.com/new
在客户端上
[root@proxy-nginx conf.d]# tail -5 /etc/hosts
192.168.133.160 www.rewrite.com rewrite.com
192.168.133.160 old.rewrite.com
192.168.133.160 new.rewrite.com
服务端
[root@web-nginx conf.d]# vim /etc/nginx/conf.d/rewrite.conf
server {
listen 80;
server_name www.rewrite.com;
location / {
root /html/rewrite;
index index.html index.htm index.php;
if ($host ~* "^rewrite.com$|^www.rewrite.com$"){
break;
}
if ($host ~* "^(.*).rewrite.com$" ){
set $user $1;
rewrite .* http://rewrite.com/$user permanent;
}
}
location /old {
root /html/rewrite;
index index.html index.htm index.php;
}
location /new {
root /html/rewrite;
index index.html index.htm index.php;
}
}
[root@web-nginx conf.d]# tree /html/
/html/
└── rewrite
├── index.html
├── new
│ ├── index.html
│ └── old.html
└── old
└── index.html
四、return指令
return返回状态码给客户端
应用:server, location, if
禁止访问.sh后缀文件,返回403
server {
listen 80;
server_name www.return.com;
location / {
root /html/rewrite;
index index.html index.htm index.php;
}
location ~* .sh$ {
return 403;
}
}
80跳转到443
购买ssl证书
# 生成tsa密钥,输入密码
[root@web-nginx html]# openssl genrsa -des3 -out server.key 1024
# 删除密码
[root@web-nginx html]# openssl rsa -in server.key -out server.key
# 生成CSR(证书签名请求),common name要与域名一致
[root@web-nginx html]# openssl req -new -key server.key -out server.csr
#生成自签名证书
[root@web-nginx html]# openssl x509 -req -days 3650 -in server.csr -signkey server.key -out server.crt
[root@web-nginx conf.d]# vim return.conf
server {
listen 80;
server_name www.return.com;
access_log /var/log/nginx/http_access.log main;
return 301 https://www.return.com$request_uri;
}
server {
listen 443 ssl;
server_name www.return.com;
access_log /var/log/nginx/https_access.log main;
ssl on;
ssl_certificate /html/server.crt;
ssl_certificate_key /html/server.key;
location / {
root /html/rewrite;
index index.html index.htm index.php;
}
}
五、break指令
应用场景:
- break,隐藏真实文件服务器
- last ,接口地址改写
break:重写规则后,不在匹配后面的location,包括当前规则break指令后面命令也不再执行。
last:重写规则后,使用重写后的规则继续匹配下面的location,
[root@web-nginx conf.d]# cat return.conf
server {
listen 80;
server_name www.return.com;
access_log /var/log/nginx/http_access.log main;
location / {
root /html/rewrite;
index index.html index.htm index.php;
}
location /break {
root /html/rewrite;
rewrite .* /last/index.html break;
}
location /last {
root /html/rewrite;
rewrite .* /test/index.html last;
}
location /test {
root /html/rewrite;
rewrite .* /break/index.html break;
}
}
六、location指令
= 表示精确匹配,优先级也是最高的
^~ 表示 url 以某个常规字符串开头,理解为匹配url路径即可
~ 表示区分大小写的正则匹配
~* 表示不区分大小写的正则匹配
!~ 表示区分大小写不匹配的正则
!~* 表示不区分大小写不匹配的正则
/ 通用匹配,任何请求都会匹配到
@ 内部服务跳转
优先级:
= ^~ ~|~*|!~|!~* /