Nginx rewrite正则匹配重写
Nginx的rewrite功能支持正则匹配重写,即将URL地址临时或永久重新指向某个新的位置,类似于重定向。这个特性有利用当网站结构做出重大调整,如之前的网站mp3资源使用URL为www.site1.org/mp3进行访问,而现在服务器上mp3目录已经被使用music目录替换,那rewrite这个功能则能够轻松实现。其次如可以将site1.org强制调整到www.site1.org,反之亦可。这个指令位于ngx_http_rewrite_module模块。本文主要描述这个指令的用法并给出演示。
一、rewrite指令语法描述
句法: rewrite regex replacement [flag];
默认: -
语境: server,location,if
如果指定的正则表达式与请求URI匹配,则URI将按照replacement字符串中的指定进行更改。
该rewrite指令在其在配置文件中出现的顺序顺序地执行。可以使用标志终止对伪指令的进一步处理。
如果替换字符串以“ http://”,“ https://”或“ $scheme” 开头,则处理停止,并将重定向返回给客户端。
flag标志的作用是用于控制当匹配到对应的rewrite规则后是否继续检查后续的rewrite规则
可选flag参数可以是以下之一:
last
一旦被当前规则匹配并重写后立即停止检查后续的其它rewrite的规则,而后通过重写后的规则重新发起请求;
break
一旦被当前规则匹配并重写后立即停止后续的其它rewrite的规则,而后继续由nginx进行后续操作;
redirect
如果替换字符串不以“ http://”,“ https://”或“ $scheme” 开头,则使用,返回302临时重定向;
permanent
返回301永久重定向;
注意:一般将rewrite写在location中时都使用break标志,或者将rewrite写在if上下文中;
其他指令
rewrite_log on|off
是否把重写过程记录在错误日志中;默认为notice级别;默认为off;
return code:
用于结束rewrite规则,并且为客户返回状态码;可以使用的状态码有204, 400, 402-406, 500-504等;
二、基于location上下文rewrite功能演示
本机环境
# more /etc/redhat-release
CentOS Linux release 7.2.1511 (Core)
# nginx -v
nginx version: nginx/1.12.2
配置nginx
# vim /etc/nginx/conf.d/rewrite.conf
server {
listen 80;
server_name site1.orag www.site1.org;
location / {
root /www/site1.org;
index index.html index.htm;
}
}
# mkdir -pv /www/site1.org/images
# echo "This is a rewrite test page.">/www/site1.org/index.html
# cp /usr/share/backgrounds/gnome/*.jpg /www/site1.org/images/
# vim /etc/hosts
192.168.1.175 site1.org
192.168.1.175 www.site1.org
# curl http://www.site1.org
This is a rewrite test page.
# curl -I http://www.site1.org/images/Waves.jpg
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Wed, 01 Nov 2017 03:47:58 GMT
Content-Type: image/jpeg
Content-Length: 458818
Last-Modified: Wed, 01 Nov 2017 03:43:48 GMT
Connection: keep-alive
ETag: "59f942f4-70042"
Accept-Ranges: bytes
修改rewrite.conf文件,添加rewrite指令
location / {
root /www/site1.org;
index index.html index.htm;
rewrite ^/images/(.*)$ /imgs/$1 last;
}
# systemctl reload nginx
# curl -I http://www.site1.org/images/Waves.jpg
HTTP/1.1 404 Not Found
Server: nginx/1.12.2
Date: Wed, 01 Nov 2017 04:02:38 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive
# mkdir -pv /www/site1.org/imgs
# mv /www/site1.org/images/Waves.jpg /www/site1.org/imgs/.
# curl -I http://www.site1.org/images/Waves.jpg
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Wed, 01 Nov 2017 04:05:07 GMT
Content-Type: image/jpeg
Content-Length: 458818
Last-Modified: Wed, 01 Nov 2017 03:43:48 GMT
Connection: keep-alive
ETag: "59f942f4-70042"
Accept-Ranges: bytes
# curl -I http://www.site1.org/imgs/Waves.jpg ##这种方式可以访问
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Wed, 01 Nov 2017 04:06:17 GMT
Content-Type: image/jpeg
Content-Length: 458818
Last-Modified: Wed, 01 Nov 2017 03:43:48 GMT
Connection: keep-alive
ETag: "59f942f4-70042"
Accept-Ranges: bytes
模拟rewrite导致的http 500错误
再次对rewrite.conf文件做如下修改,
location / {
root /www/site1.org;
index index.html index.htm;
rewrite ^/images/(.*)$ /imgs/$1 last;
rewrite ^/imgs/(.*)$ /images/$1 ;
}
# systemctl restart nginx
# curl -I http://www.site1.org/imgs/Waves.jpg
HTTP/1.1 500 Internal Server Error
Server: nginx/1.12.2
Date: Wed, 01 Nov 2017 05:23:16 GMT
Content-Type: text/html
Content-Length: 193
Connection: close
# curl -I http://www.site1.org/images/Waves.jpg
HTTP/1.1 500 Internal Server Error
Server: nginx/1.12.2
Date: Wed, 01 Nov 2017 05:23:28 GMT
Content-Type: text/html
Content-Length: 193
Connection: close
通过上述的测试可知,出现了死循环导致的500错误。
Nginx官方给出的参考样例:
server {
... ##rewrite指令位于server上下文
rewrite ^(/download/.*)/media/(.*)\..*$ $1/mp3/$2.mp3 last;
##将/download目录中包含media目录下的任意文件请求重定向为donwload/任意/mp3/任意.mp3
rewrite ^(/download/.*)/audio/(.*)\..*$ $1/mp3/$2.ra last;
##将/download目录中包含audio目录下的任意文件请求重定向为donwload/任意/mp3/任意.mp3
return 403;
...
}
location /download/ { ##rewrite指令位于location上下文
rewrite ^(/download/.*)/media/(.*)\..*$ $1/mp3/$2.mp3 break;
##该last标志应该被替换 break,否则nginx将使10个周期返回500个错误
rewrite ^(/download/.*)/audio/(.*)\..*$ $1/mp3/$2.ra break;
return 403;
}
三、基于if条件判断rewrite功能演示
# vi /etc/nginx/conf.d/rewrite.conf
server {
listen 80;
server_name site1.orag www.site1.org;
if ($host != 'www.site1.org' ) {
rewrite ^/(.*)$ http://www.site1.org/$1 permanent;
}
location / { ##Author : Leshami
root /www/site1.org; ##Blog : http://blog.csdn.net/leshami
index index.html index.htm;
rewrite ^/images/(.*)$ /imgs/$1 last;
rewrite ^/imgs/(.*)$ /images/$1 ;
}
}
# systemctl reload nginx.service
本地测试(修改本地host文件)
# curl http://site1.org
<html> ##返回301状态码
<head><title>301 Moved Permanently</title></head>
<body bgcolor="white">
<center><h1>301 Moved Permanently</h1></center>
<hr><center>nginx/1.12.2</center>
</body>
</html>
Windows环境测试
通过修改Windows机器Host文件后,添加如下条目
192.168.1.175 centos7-router.com
192.168.1.175 www.centos7-router.com
打开浏览器,通过域名的方式进行访问http://site1.org会自动跳转到http://www.site1.org(演示略)
四、将http重写至https
在非全站https时,对于有些敏感的数据需有走https,那也可以通过rewrite方式实现
如下示例,假定https://www.site1.org/user目录下包含敏感信息,按可按如下方式rewrite
location ^~ /user {
rewrite ^/ https://www.site1.org$request_uri? permanent;
}
全站https
server {
listen 80;
server_name site1.orag www.site1.org;
access_log /var/log/nginx/http-access.log;
error_log /var/log/nginx/http-error.log;
rewrite ^/ https://www.site1.org$request_uri;
}
上述演示略
本作品采用 知识共享署名-相同方式共享 4.0 国际许可协议 进行许可。