1. ngx_http_rewrite_module

1.1. set

  • Directive

    1. Syntax: set $variable value ;
    2. Default: Close
    3. Context: server,location,if

  • Instroduction

Sets a value for the specified variable. The value can contain text, variables.
If you need set variables on http block, you need use map directive.

1.2. break

  • Directive

    1. Syntax: break ;
    2. Default: Close
    3. Context: server,location,if

  • Instroduction

Stops processing the current level set of ngx_http_rewrite_module directives.

1.3. return

  • Directive

    1. Syntax: return (code [text]) | (code URL) | URL ;
    2. Default: Close
    3. Context: server,location,if

  • Instroduction

Stops processing and returns the specified code to a client. The non-standard code 444 closes a connection without sending a response header.
In addition, a URL for temporary redirect with the code 302 can be specified as the sole parameter. Such a parameter should start with the “http://“, “https://“, or “$scheme” string.

1.4. if

  • Directive

    1. Syntax: if (condition) {commands}
    2. Defautl: Close
    3. Context: server,location

  • Instroduction

If condition is true,the commands will be executed.

  • variable

If the value is empty or 0,result is false.Before 1.0.1,any string starts with “0” ,result retrun false.

  • Operators

Strings match: = , !=
Regular match: ~ , ~ , !~ , !~
File match: -f , !-f ; -d , !-d ; -e , !-e ; -x ; !-x
If a regular expression includes the “}” or “;” characters, the whole expressions should be enclosed in single or double quotes

1.5. rewrite

  • Directive

    1. Syntax: rewrite regex replacement [flags] ;
    2. Default: Close 
    3. Context: server,location,if

  • Instroduction

If the specified regular expression matches a request URI, URI is changed as specified in the replacement string. The rewrite directives are executed sequentially in order of their appearance in the configuration file.
If a replacement string starts with “http://“, “https://“, or “$scheme”, the processing stops and the redirect is returned to a client.
Flags:

  • last: stops processing the current level set of ngx_http_rewrite_module directives and starts a search for a new location matching the changed URI.
  • break: stops processing the current set of ngx_http_rewrite_module directives as with the break directive.
  • redirect: returns a temporary redirect with the 302 code; used if a replacement string does not start with “http://“, “https://“, or “$scheme”.
  • permanent: return 301 code and new URL to client.

Notice: The rewrite directive’s URI is $uri ,it doesn’t include $args.If you rewrite URL include $args,if directive is only choice.For example: 

  1. # Source: localhost/api?cmd=game_config&tdsourcetag=args 
  2. # Target: localhost/index.php?c=cmd&m=send_notice&tdsourcetag=args
  3. if ($request-uri ~ ^localhost/api\?cmd=game_config&tdsourcetag=(.+)$) {
  4.     return http://localhost/index.php?c=cmd&m=send_notice&tdsourcetag=$1 ;
  5. }

1.6. rewrite_log

  • Directive

    1. Syntax: rewrite_log on|off ;
    2. Defautl: rewrite_log off ;
    3. Context: http,server,location,if ;

  • Instroduction

Enables or disables logging of ngx_http_rewrite_module module directives processing results into the error_log at the notice level.

2. Example

2.1. rewrite flags

2.1.1. last & break

  • Nginx Configuration

[root@centos-81 conf.d]# cat rewrite.conf

  1. server {
  2.     listen 8080 default_server ;
  3.     root /opt/website/write ;
  4.     rewrite_log on ;
  5.     location /location1/ {
  6.         rewrite /location1/(.*) /test/$1 last ;
  7.         return 200 "location1\r\n" ;
  8.     }
  9.     location /location2/ {
  10.         rewrite /location2/(.*) /test/$1 break ;
  11.         return 200 "location2\r\n" ;
  12.     }
  13.     location /test/ {
  14.         return 200 "test\r\n" ;
  15.     }
  16.     location / {
  17.         return 200 "null\r\n" ;
  18.     }
  19. }

[root@centos-81 ~]# mkdir -p /opt/website/write/{location1,location2,test}
[root@centos-81 ~]# ls /opt/website/write/|awk ‘{print $1”.index” > “/opt/website/write/“$1”/index.html”}’

  • Test ```html

    rewrite后uri:/test/,last标识符会从头开始匹配/test/ location,结果符合预期

    [root@centos-81 ~]# curl -s 192.168.1.81:8080/location1/ test

rewrite后uri:/test/index.html,last标识符会从头开始匹配/test/ location,结果符合预期

[root@centos-81 ~]# curl -s 192.168.1.81:8080/location1/index.html test

rewrite后uri:/test/,break停止匹配rewrite module,不会跳出当前location,理应寻找/test/下的index.html

暂不清楚为啥返回 test

[root@centos-81 ~]# curl -s 192.168.1.81:8080/location2/ test

rewrite后uri:/test/index.html,break不会跳出当前location,返回/test/下的index.html

[root@centos-81 ~]# curl -s 192.168.1.81:8080/location2/index.html test.index

删除/test/index.html后,由于没有权限访问/test/的目录结构,返回403

[root@centos-81 nginx]# rm -f /opt/website/write/test/index.html [root@centos-81 ~]# curl -s 192.168.1.81:8080/location2/

403 Forbidden

nginx

  1. <a name="R591X"></a>
  2. #### 2.1.2. Redirect
  4. - **Nginx Configuration**
  5. ```nginx
  6. server {
  7.     listen 8080 default_server ;
  8.     root /opt/website/write ;
  9.     location /location1/ {
  10.         if ($uri ~ ^/location1/(.*)$) {
  11.             return http://$host:8080/test/$1 ;
  12.         }
  13.         return 200 "location1\r\n" ;
  14.     }
  15.     location /location2/ {
  16.         rewrite /location2/(.*) /test/$1 redirect ;
  17.         return 200 "location2\r\n" ;
  18.     }
  19.     location /location3/ {
  20.         rewrite /location3/(.*) /test/$1 permanent ;
  21.         return 200 "location2\r\n" ;
  22.     }
  23.     location /test/ {
  24.         return 200 "test\r\n" ;
  25.     }
  26. }
  • Test

[root@centos-81 ~]# curl -vL 192.168.1.81:8080/location1/ # code 302

  1. > GET /location1/ HTTP/1.1
  2. > User-Agent: curl/7.29.0
  3. > Host: 192.168.1.81:8080
  4. > Accept: */*
  5. > 
  6. < HTTP/1.1 302 Moved Temporarily
  7. ......
  8. < Location: http://192.168.1.81:8080/test/
  9. ......
  10. > GET /test/ HTTP/1.1
  11. > User-Agent: curl/7.29.0
  12. > Host: 192.168.1.81:8080
  13. > Accept: */*
  14. > 
  15. < HTTP/1.1 200 OK
  16. < Server: nginx
  17. < Date: Mon, 08 Jul 2019 00:06:17 GMT
  18. < Content-Type: application/octet-stream
  19. < Content-Length: 6
  20. < Connection: keep-alive
  21. < Keep-Alive: timeout=55
  22. < 
  23. test

[root@centos-81 ~]# curl -vL 192.168.1.81:8080/location2/ # code 302

  1. > GET /location2/ HTTP/1.1 
  2. > User-Agent: curl/7.29.0
  3. > Host: 192.168.1.81:8080
  4. > Accept: */*
  5. > 
  6. < HTTP/1.1 302 Moved Temporarily
  7. ......
  8. < Location: http://192.168.1.81:8080/test/
  9. ......
  10. < 
  11. > GET /test/ HTTP/1.1
  12. > User-Agent: curl/7.29.0
  13. > Host: 192.168.1.81:8080
  14. > Accept: */*
  15. > 
  16. < HTTP/1.1 200 OK
  17. ......
  18. < 
  19. test

[root@centos-81 ~]# curl -vL 192.168.1.81:8080/location3/ # code 301

  1. > GET /location3/ HTTP/1.1
  2. > User-Agent: curl/7.29.0
  3. > Host: 192.168.1.81:8080
  4. > Accept: */*
  5. > 
  6. < HTTP/1.1 301 Moved Permanently
  7. < Server: nginx
  8. ......
  9. < Location: http://192.168.1.81:8080/test/
  10. ......
  11. < 
  12. > GET /test/ HTTP/1.1
  13. > User-Agent: curl/7.29.0
  14. > Host: 192.168.1.81:8080
  15. > Accept: */*
  16. > 
  17. < HTTP/1.1 200 OK
  18. ......
  19. < 
  20. test

2.1.3. No flags

  • Nginx Configuration

    1. server {
    2.   listen 8080 default_server ;
    3.   root /opt/website/write ;
    4.   location /location1/ {
    5.       rewrite /location1/(.*) /test/$1 ;
    6.       return 200 "location1\r\n" ;
    7.   }
    8.   location /location2/ {
    9.       rewrite /location2/(.*) /test/$1 ;
    10.   }
    11.   location /location3/ {
    12.       rewrite /location3/(.*) http://$host:8080/test/$1 ;
    13.       return 200 "location3\r\n" ;
    14.   }
    15.   location /test/ {
    16.       return 200 "test\r\n" ;
    17.   }
    18. }

  • Test

    1. [root@centos-81 ~]# curl -L 192.168.1.81:8080/location1/
    2. location1
    3. [root@centos-81 ~]# curl -L 192.168.1.81:8080/location1/index.html
    4. location1
    5. [root@centos-81 ~]# curl -L 192.168.1.81:8080/location2/
    6. test
    7. [root@centos-81 ~]# curl -L 192.168.1.81:8080/location2/index.html
    8. test

    [root@centos-81 ~]# curl -IL 192.168.1.81:8080/location3/

    1. HTTP/1.1 302 Moved Temporarily
    2. Server: nginx
    3. Date: Mon, 08 Jul 2019 00:23:02 GMT
    4. Content-Type: text/html
    5. Content-Length: 154
    6. Connection: keep-alive
    7. Keep-Alive: timeout=55
    8. Location: http://192.168.1.81:8080/test/
    9. Expires: Tue, 09 Jul 2019 00:23:02 GMT
    10. Cache-Control: max-age=86400
    11. >
    12. HTTP/1.1 200 OK
    13. Server: nginx
    14. Date: Mon, 08 Jul 2019 00:23:02 GMT
    15. Content-Type: application/octet-stream
    16. Content-Length: 6
    17. Connection: keep-alive
    18. Keep-Alive: timeout=55

    [root@centos-81 ~]# curl -IL 192.168.1.81:8080/location3/index.html

    1. HTTP/1.1 302 Moved Temporarily
    2. Server: nginx
    3. Date: Mon, 08 Jul 2019 00:23:07 GMT
    4. Content-Type: text/html
    5. Content-Length: 154
    6. Connection: keep-alive
    7. Keep-Alive: timeout=55
    8. Location: http://192.168.1.81:8080/test/index.html
    9. Expires: Tue, 09 Jul 2019 00:23:07 GMT
    10. Cache-Control: max-age=86400
    11. >
    12. HTTP/1.1 200 OK
    13. Server: nginx
    14. Date: Mon, 08 Jul 2019 00:23:07 GMT
    15. Content-Type: text/html
    16. Content-Length: 6
    17. Connection: keep-alive
    18. Keep-Alive: timeout=55
    19. Expires: Tue, 09 Jul 2019 00:23:07 GMT
    20. Cache-Control: max-age=86400

    2.2. Domian Name Redirect

    2.2.1. different server directive(better)

  • Nginx Configuration ```nginx server { listen 80 ; server_name www.heyingsheng.com ; rewrite ^(.*)$ ${scheme}://www.heyang.com$1 permanent ; }

server { listen 80 default_server ; server_name *.heyang.com ; location / { return 200 “heyang.com root dir \r\n” ; } }

  2. - **Test**
  4. [root@centos-81 ~]# curl -I www.heyingsheng.com
  5. ```http
  6. HTTP/1.1 301 Moved Permanently
  7. Server: nginx
  8. Date: Mon, 08 Jul 2019 12:40:59 GMT
  9. Content-Type: text/html
  10. Content-Length: 178
  11. Connection: keep-alive
  12. Keep-Alive: timeout=55
  13. Location: http://www.heyang.com/
  14. Expires: Tue, 09 Jul 2019 12:40:59 GMT
  15. Cache-Control: max-age=86400

2.2.2. Use sname directive

  • Nginx Configuration

    1. server {
    2.   listen 80 default_server ;
    3.   server_name *.heyang.com www.heyingsheng.com ;
    4.   if ($host = "www.heyingsheng.com") {
    5.       rewrite ^(.*)$ ${scheme}://www.heyang.com$1 permanent ;
    6.   }
    7.   location / {
    8.       return 200 "heyang.com root dir \r\n" ;
    9.   }
    10. }

  • Test

[root@centos-81 ~]# curl -I www.heyingsheng.com

  1. HTTP/1.1 301 Moved Permanently
  2. Server: nginx
  3. Date: Mon, 08 Jul 2019 12:51:34 GMT
  4. Content-Type: text/html
  5. Content-Length: 178
  6. Connection: keep-alive
  7. Keep-Alive: timeout=55
  8. Location: http://www.heyang.com/
  9. Expires: Tue, 09 Jul 2019 12:51:34 GMT
  10. Cache-Control: max-age=86400

2.3. Match User-Agent

  • Nginx Configuration

    1. server {
    2.   listen 80 default_server ;
    3.   server_name *.heyang.com www.heyingsheng.com ;
    4.   if ($http_user_agent ~ "MSIE [4-6]") {
    5.      return 200 "Browser is not supported!\r\n" ; 
    6.   }
    7.   location / {
    8.       return 200 "heyang.com root dir \r\n" ;
    9.   }
    10. }

  • Test

    1. [root@centos-81 ~]# curl -A "User-Agent:Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)" www.heyang.com
    2. Browser is not supported!
    3. [root@centos-81 ~]# curl -A "User-Agent:Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0" www.heyang.com
    4. heyang.com root dir

    2.4. Forbidden Access

  • Nginx Configuration

    1. server {
    2.   listen 80 default_server ;
    3.   server_name *.heyang.com www.heyingsheng.com ;
    4.   location / {
    5.       return 200 "heyang.com root dir \r\n" ;
    6.   }
    7.   location ~* \.(sh|py)$ {
    8.       return 403 "Forbidden!\r\n" ;
    9.   }
    10. }

  • Test

    1. [root@centos-81 ~]# curl -s www.heyang.com/aa/bb.py
    2. Forbidden!
    3. [root@centos-81 ~]# curl -s www.heyang.com/aa/bb.php
    4. heyang.com root dir