转自 Nginx rewrite正则匹配重写

Nginx的rewrite功能支持正则匹配重写,即将URL地址临时或永久重新指向某个新的位置,类似于重定向。这个特性有利用当网站结构做出重大调整,如之前的网站mp3资源使用URL为www.site1.org/mp3进行访问,而现在服务器上mp3目录已经被使用music目录替换,那rewrite这个功能则能够轻松实现。其次如可以将site1.org强制调整到www.site1.org,反之亦可。这个指令位于ngx_http_rewrite_module模块。本文主要描述这个指令的用法并给出演示。

一、rewrite指令语法描述

句法: rewrite regex replacement [flag];
默认: -
语境: server,location,if
  如果指定的正则表达式与请求URI匹配,则URI将按照replacement字符串中的指定进行更改。
  该rewrite指令在其在配置文件中出现的顺序顺序地执行。可以使用标志终止对伪指令的进一步处理。
  如果替换字符串以“ http://”,“ https://”或“ $scheme” 开头,则处理停止,并将重定向返回给客户端。

flag标志的作用是用于控制当匹配到对应的rewrite规则后是否继续检查后续的rewrite规则
可选flag参数可以是以下之一:

last
  一旦被当前规则匹配并重写后立即停止检查后续的其它rewrite的规则,而后通过重写后的规则重新发起请求;
break
  一旦被当前规则匹配并重写后立即停止后续的其它rewrite的规则,而后继续由nginx进行后续操作;
redirect
  如果替换字符串不以“ http://”,“ https://”或“ $scheme” 开头,则使用,返回302临时重定向;
permanent
  返回301永久重定向;

注意:一般将rewrite写在location中时都使用break标志,或者将rewrite写在if上下文中;

其他指令

rewrite_log on|off
  是否把重写过程记录在错误日志中;默认为notice级别;默认为off;

return code:
  用于结束rewrite规则,并且为客户返回状态码;可以使用的状态码有204, 400, 402-406, 500-504等;

二、基于location上下文rewrite功能演示

本机环境
  # more /etc/redhat-release
  CentOS Linux release 7.2.1511 (Core)
  # nginx -v
  nginx version: nginx/1.12.2

配置nginx
  # vim /etc/nginx/conf.d/rewrite.conf
  server {
    listen 80;
    server_name site1.orag www.site1.org;

    location / {
        root /www/site1.org;
        index index.html index.htm;
    }
  }

  # mkdir -pv /www/site1.org/images
  # echo "This is a rewrite test page.">/www/site1.org/index.html
  # cp /usr/share/backgrounds/gnome/*.jpg /www/site1.org/images/

  # vim /etc/hosts
  192.168.1.175 site1.org
  192.168.1.175 www.site1.org

  # curl http://www.site1.org
  This is a rewrite test page.

  # curl -I http://www.site1.org/images/Waves.jpg
  HTTP/1.1 200 OK
  Server: nginx/1.12.2
  Date: Wed, 01 Nov 2017 03:47:58 GMT
  Content-Type: image/jpeg
  Content-Length: 458818
  Last-Modified: Wed, 01 Nov 2017 03:43:48 GMT
  Connection: keep-alive
  ETag: "59f942f4-70042"
  Accept-Ranges: bytes

修改rewrite.conf文件,添加rewrite指令
  location / {
    root /www/site1.org;
    index index.html index.htm;
    rewrite ^/images/(.*)$ /imgs/$1 last;
  }

  # systemctl reload nginx

  # curl -I http://www.site1.org/images/Waves.jpg
  HTTP/1.1 404 Not Found
  Server: nginx/1.12.2
  Date: Wed, 01 Nov 2017 04:02:38 GMT
  Content-Type: text/html
  Content-Length: 169
  Connection: keep-alive

  # mkdir -pv /www/site1.org/imgs

  # mv /www/site1.org/images/Waves.jpg /www/site1.org/imgs/.
  # curl -I http://www.site1.org/images/Waves.jpg
  HTTP/1.1 200 OK
  Server: nginx/1.12.2
  Date: Wed, 01 Nov 2017 04:05:07 GMT
  Content-Type: image/jpeg
  Content-Length: 458818
  Last-Modified: Wed, 01 Nov 2017 03:43:48 GMT
  Connection: keep-alive
  ETag: "59f942f4-70042"
  Accept-Ranges: bytes

  # curl -I http://www.site1.org/imgs/Waves.jpg ##这种方式可以访问
  HTTP/1.1 200 OK
  Server: nginx/1.12.2
  Date: Wed, 01 Nov 2017 04:06:17 GMT
  Content-Type: image/jpeg
  Content-Length: 458818
  Last-Modified: Wed, 01 Nov 2017 03:43:48 GMT
  Connection: keep-alive
  ETag: "59f942f4-70042"
 Accept-Ranges: bytes

模拟rewrite导致的http 500错误
再次对rewrite.conf文件做如下修改,

  location / {
    root /www/site1.org;
    index index.html index.htm;
    rewrite ^/images/(.*)$ /imgs/$1 last;
    rewrite ^/imgs/(.*)$ /images/$1 ;
  }

  # systemctl restart nginx
  # curl -I http://www.site1.org/imgs/Waves.jpg
  HTTP/1.1 500 Internal Server Error
  Server: nginx/1.12.2
  Date: Wed, 01 Nov 2017 05:23:16 GMT
  Content-Type: text/html
  Content-Length: 193
  Connection: close

  # curl -I http://www.site1.org/images/Waves.jpg
  HTTP/1.1 500 Internal Server Error
  Server: nginx/1.12.2
  Date: Wed, 01 Nov 2017 05:23:28 GMT
  Content-Type: text/html
  Content-Length: 193
  Connection: close

通过上述的测试可知,出现了死循环导致的500错误。
Nginx官方给出的参考样例:
  server {
    ... ##rewrite指令位于server上下文
  rewrite ^(/download/.*)/media/(.*)\..*$ $1/mp3/$2.mp3 last;
  ##将/download目录中包含media目录下的任意文件请求重定向为donwload/任意/mp3/任意.mp3

  rewrite ^(/download/.*)/audio/(.*)\..*$ $1/mp3/$2.ra last;
  ##将/download目录中包含audio目录下的任意文件请求重定向为donwload/任意/mp3/任意.mp3

  return 403;
    ...
  }

  location /download/ { ##rewrite指令位于location上下文
  rewrite ^(/download/.*)/media/(.*)\..*$ $1/mp3/$2.mp3 break;
  ##该last标志应该被替换 break,否则nginx将使10个周期返回500个错误
  rewrite ^(/download/.*)/audio/(.*)\..*$ $1/mp3/$2.ra break;
  return 403;
  }

三、基于if条件判断rewrite功能演示

  # vi /etc/nginx/conf.d/rewrite.conf
    server {
        listen 80;
        server_name site1.orag www.site1.org;

      if ($host != 'www.site1.org' ) {
          rewrite ^/(.*)$ http://www.site1.org/$1 permanent;
        }

    location / { ##Author : Leshami
        root /www/site1.org; ##Blog : http://blog.csdn.net/leshami
        index index.html index.htm;
        rewrite ^/images/(.*)$ /imgs/$1 last;
        rewrite ^/imgs/(.*)$ /images/$1 ;
    }
  }

  # systemctl reload nginx.service

本地测试(修改本地host文件)
  # curl http://site1.org
  <html> ##返回301状态码
  <head><title>301 Moved Permanently</title></head>
  <body bgcolor="white">
  <center><h1>301 Moved Permanently</h1></center>
  <hr><center>nginx/1.12.2</center>
  </body>
  </html>

Windows环境测试
通过修改Windows机器Host文件后,添加如下条目
  192.168.1.175 centos7-router.com
  192.168.1.175 www.centos7-router.com

打开浏览器,通过域名的方式进行访问http://site1.org会自动跳转到http://www.site1.org(演示略)

四、将http重写至https

在非全站https时,对于有些敏感的数据需有走https,那也可以通过rewrite方式实现
如下示例,假定https://www.site1.org/user目录下包含敏感信息,按可按如下方式rewrite

  location ^~ /user {
  rewrite ^/ https://www.site1.org$request_uri? permanent;
  }

全站https
  server {
    listen 80;
    server_name site1.orag www.site1.org;
    access_log /var/log/nginx/http-access.log;
    error_log /var/log/nginx/http-error.log;

    rewrite ^/ https://www.site1.org$request_uri;
  }

上述演示略