推荐参考地址:
MailinglistARChives官方讨论区
http://marc.info/?l=nginx
Nginx常见应用技术指南[NginxTips]
http://bbs.linuxtone.org/thread-1685-1-1.html
本日志内容来自互联网和平日使用经验,整理一下方便日后参考。
正则表达式匹配,其中:
*~为区分大小写匹配
*~*为不区分大小写匹配
*!~和!~*分别为区分大小写不匹配及不区分大小写不匹配
文件及目录匹配,其中:
*-f和!-f用来判断是否存在文件
*-d和!-d用来判断是否存在目录
*-e和!-e用来判断是否存在文件或目录
*-x和!-x用来判断文件是否可执行
flag标记有:
*last相当于Apache里的[L]标记,表示完成rewrite
*break终止匹配,不再匹配后面的规则
*redirect返回302临时重定向地址栏会显示跳转后的地址
*permanent返回301永久重定向地址栏会显示跳转后的地址
一些可用的全局变量有,可以用做条件判断(待补全)
$args
$content_length
$content_type
$document_root
$document_uri
$host
$http_user_agent
$http_cookie
$limit_rate
$request_body_file
$request_method
$remote_addr
$remote_port
$remote_user
$request_filename
$request_uri
$query_string
$scheme
$server_protocol
$server_addr
$server_name
$server_port
$uri
结合QeePHP的例子
if(!-d$request_filename){
rewrite^/([a-z-A-Z]+)/([a-z-A-Z]+)/?(.*)$/index.php?namespace=user&controller=$1&action=$2&$3last;
rewrite^/([a-z-A-Z]+)/?$/index.php?namespace=user&controller=$1last;
break;
多目录转成参数
abc.domian.com/sort/2=>abc.domian.com/index.php?act=sort&name=abc&id=2
if($host~*(.*)\.domain\.com){
set$sub_name$1;
rewrite^/sort\/(\d+)\/?$/index.php?act=sort&cid=$sub_name&id=$1last;
}
目录对换
/123456/xxxx->/xxxx?id=123456
rewrite^/(\d+)/(.+)//$2?id=$1last;
例如下面设定nginx在用户使用ie的使用重定向到/nginx-ie目录下:
if($http_user_agent~MSIE){
rewrite^(.*)$/nginx-ie/$1break;
}
目录自动加“/”
if(-d$request_filename){
rewrite^/(.*)([^/])$http://$host/$1$2/permanent;
}
禁止htaccess
location~/\.ht{
denyall;
}
禁止多个目录
location~^/(cron|templates)/{
denyall;
break;
}
禁止以/data开头的文件
可以禁止/data/下多级目录下.log.txt等请求;
location~^/data{
denyall;
}
禁止单个目录
不能禁止.log.txt能请求
location/searchword/cron/{
denyall;
}
禁止单个文件
location~/data/sql/data.sql{
denyall;
}
给favicon.ico和robots.txt设置过期时间;
这里为favicon.ico为99天,robots.txt为7天并不记录404错误日志
location~(favicon.ico){
log_not_foundoff;
expires99d;
break;
}
location~(robots.txt){
log_not_foundoff;
expires7d;
break;
}
设定某个文件的过期时间;这里为600秒,并不记录访问日志
location^~/html/scripts/loadhead_1.js{
access_logoff;
root/opt/lampp/htdocs/web;
expires600;
break;
}
文件反盗链并设置过期时间
这里的return412为自定义的http状态码,默认为403,方便找出正确的盗链的请求
“rewrite^/http://leech.c1gstudio.com/leech.gif;”显示一张防盗链图片
“access_logoff;”不记录访问日志,减轻压力
“expires3d”所有文件3天的浏览器缓存
location~*^.+\.(jpg|jpeg|gif|png|swf|rar|zip|css|js)${
valid_referersnoneblocked*.c1gstudio.com*.c1gstudio.netlocalhost208.97.167.194;
if($invalid_referer){
rewrite^/http://leech.c1gstudio.com/leech.gif;
return412;
break;
}
access_logoff;
root/opt/lampp/htdocs/web;
expires3d;
break;
}
只充许固定ip访问网站,并加上密码
root/opt/htdocs/www;
allow208.97.167.194;
allow222.33.1.2;
allow231.152.49.4;
denyall;
auth_basic"C1G_ADMIN";
auth_basic_user_filehtpasswd;
将多级目录下的文件转成一个文件,增强seo效果
/job-123-456-789.html指向/job/123/456/789.html
rewrite^/job-([0-9]+)-([0-9]+)-([0-9]+)\.html$/job/$1/$2/jobshow_$3.htmllast;
将根目录下某个文件夹指向2级目录
如/shanghaijob/指向/area/shanghai/
如果你将last改成permanent,那么浏览器地址栏显是/location/shanghai/
rewrite^/([0-9a-z]+)job/(.*)$/area/$1/$2last;
上面例子有个问题是访问/shanghai时将不会匹配
rewrite^/([0-9a-z]+)job$/area/$1/last;
rewrite^/([0-9a-z]+)job/(.*)$/area/$1/$2last;
这样/shanghai也可以访问了,但页面中的相对链接无法使用,
如./list_1.html真实地址是/area/shanghia/list_1.html会变成/list_1.html,导至无法访问。
那我加上自动跳转也是不行咯
(-d$request_filename)它有个条件是必需为真实目录,而我的rewrite不是的,所以没有效果
if(-d$request_filename){
rewrite^/(.*)([^/])$http://$host/$1$2/permanent;
}
知道原因后就好办了,让我手动跳转吧
rewrite^/([0-9a-z]+)job$/$1job/permanent;
rewrite^/([0-9a-z]+)job/(.*)$/area/$1/$2last;
文件和目录不存在的时候重定向:
if(!-e$request_filename){
proxy_passhttp://127.0.0.1;
}
域名跳转
server
{
listen80;
server_namejump.c1gstudio.com;
indexindex.htmlindex.htmindex.php;
root/opt/lampp/htdocs/www;
rewrite^/http://www.c1gstudio.com/;
access_logoff;
}
多域名转向
server_namewww.c1gstudio.comwww.c1gstudio.net;
indexindex.htmlindex.htmindex.php;
root/opt/lampp/htdocs;
if($host~"c1gstudio\.net"){
rewrite^(.*)http://www.c1gstudio.com$1permanent;
}
三级域名跳转
if($http_host~*"^(.*)\.i\.c1gstudio\.com$"){
rewrite^(.*)http://top.c1gstudio.com$1;
break;
}
域名镜向
server
{
listen80;
server_namemirror.c1gstudio.com;
indexindex.htmlindex.htmindex.php;
root/opt/lampp/htdocs/www;
rewrite^/(.*)http://www.c1gstudio.com/$1last;
access_logoff;
}
某个子目录作镜向
location^~/zhaopinhui{
rewrite^.+http://zph.c1gstudio.com/last;
break;
}
discuzucenterhome(uchome)rewrite
rewrite^/(space|network)-(.+)\.html$/$1.php?rewrite=$2last;
rewrite^/(space|network)\.html$/$1.phplast;
rewrite^/([0-9]+)$/space.php?uid=$1last;
discuz7rewrite
rewrite^(.*)/archiver/((fid|tid)-[\w\-]+\.html)$$1/archiver/index.php?$2last;
rewrite^(.*)/forum-([0-9]+)-([0-9]+)\.html$$1/forumdisplay.php?fid=$2&page=$3last;
rewrite^(.*)/thread-([0-9]+)-([0-9]+)-([0-9]+)\.html$$1/viewthread.php?tid=$2&extra=page\%3D$4&page=$3last;
rewrite^(.*)/profile-(username|uid)-(.+)\.html$$1/viewpro.php?$2=$3last;
rewrite^(.*)/space-(username|uid)-(.+)\.html$$1/space.php?$2=$3last;
rewrite^(.*)/tag-(.+)\.html$$1/tag.php?name=$2last;
给discuz某版块单独配置域名
server_namebbs.c1gstudio.comnews.c1gstudio.com;
location=/{
if($http_host~news\.c1gstudio.com$){
rewrite^.+http://news.c1gstudio.com/forum-831-1.htmllast;
break;
}
}
discuzucenter头像rewrite优化
location^~/ucenter{
location~.*\.php?$
{
#fastcgi_passunix:/tmp/php-cgi.sock;
fastcgi_pass127.0.0.1:9000;
fastcgi_indexindex.php;
includefcgi.conf;
}
location/ucenter/data/avatar{
log_not_foundoff;
access_logoff;
location~/(.*)_big\.jpg${
error_page404/ucenter/p_w_picpaths/noavatar_big.gif;
}
location~/(.*)_middle\.jpg${
error_page404/ucenter/p_w_picpaths/noavatar_middle.gif;
}
location~/(.*)_small\.jpg${
error_page404/ucenter/p_w_picpaths/noavatar_small.gif;
}
expires300;
break;
}
}
jspacerewrite
location~.*\.php?$
{
#fastcgi_passunix:/tmp/php-cgi.sock;
fastcgi_pass127.0.0.1:9000;
fastcgi_indexindex.php;
includefcgi.conf;
}
location~*^/index.php/
{
rewrite^/index.php/(.*)/index.php?$1break;
fastcgi_pass127.0.0.1:9000;
fastcgi_indexindex.php;
includefcgi.conf;
}
wordpre***ewrite
location/{
indexindex.htmlindex.php;
if(-f$request_filename/index.html){
rewrite(.*)$1/index.htmlbreak;
}
if(-f$request_filename/index.php){
rewrite(.*)$1/index.php;
}
if(!-e$request_filename)
{
rewrite(.*)/index.php;
}
}
2010-1-11更新
discuzx1.5rewrite
rewrite^([^\.]*)/topic-(.+)\.html$$1/portal.php?mod=topic&topic=$2last;
rewrite^([^\.]*)/article-([0-9]+)-([0-9]+)\.html$$1/portal.php?mod=view&aid=$2&page=$3last;
rewrite^([^\.]*)/forum-(\w+)-([0-9]+)\.html$$1/forum.php?mod=forumdisplay&fid=$2&page=$3last;
rewrite^([^\.]*)/thread-([0-9]+)-([0-9]+)-([0-9]+)\.html$$1/forum.php?mod=viewthread&tid=$2&extra=page%3D$4&page=$3last;
rewrite^([^\.]*)/group-([0-9]+)-([0-9]+)\.html$$1/forum.php?mod=group&fid=$2&page=$3last;
rewrite^([^\.]*)/space-(username|uid)-(.+)\.html$$1/home.php?mod=space&$2=$3last;
rewrite^([^\.]*)/([a-z]+)-(.+)\.html$$1/$2.php?rewrite=$3last;
if(!-e$request_filename){
return404;
}
动态参数rewrite
以discuz7.2到discuzx1.5为例
if($query_string~*tid=([0-9]+)){
set$id$1;
rewrite"^(.*)/viewthread.php$"$1/forum.php?mod=viewthread&tid=$id&extra=page%3D&page=1last;
}
if($query_string~*gid=([0-9]+)){
set$id$1;
rewrite"^(.*)/index.php$"$1/forum.php?gid=$idlast;
}
rewrite^([^\.]*)/archiver/$$1/forum.php?archiver=1last;
2011-4-21更新
nginx嵌套if
nginx不支持ifand和多层嵌套if,让我头痛很久,需要通过其它方法实现.
下面是把访问镜像网站cnc.c1gstudio.com的爬虫转到www站.
set$needrewrite'';
if($http_user_agent~*(baiduspider|googlebot|soso|bing|sogou|yahoo|sohu-search|yodao|YoudaoBot|robozilla|msnbot|MJ12bot|NHN|Twiceler)){
set$needrewrite'o';
}
if($host~cnc\.c1gstudio\.com){
set$needrewrite"${needrewrite}k";
}
if($needrewrite=ok){
#return403;
rewrite^(.*)http://www.c1gstudio.com$1permanent;
}
reloadnginx后可以用curl来做测试
curl-I-A“soso”cnc.c1gstudio.com
apache转nginx规则工具
http://www.ubuntuset.com/apache2nginx