|
1.Nginx Rewrite 基本标记(flags) last - 基本上都用这个Flag。 break - 中止Rewirte,不在继续匹配 redirect - 返回临时重定向的HTTP状态302 permanent - 返回永久重定向的HTTP状态301 2. 正则表达式匹配 * ~ 为区分大小写匹配 * ~* 为不区分大小写匹配 * !~和!~*分别为区分大小写不匹配及不区分大小写不匹配3. 文件及目录匹配 * -f和!-f用来判断是否存在文件 * -d和!-d用来判断是否存在目录 * -e和!-e用来判断是否存在文件或目录 * -x和!-x用来判断文件是否可执行4.Nginx 的一些可用的全局变量,可用做条件判断: $args $content_length $content_type $document_root $document_uri $host $http_user_agent $http_cookie $limit_rate $request_body_file $request_method $remote_addr $remote_port $remote_user $request_filename $request_uri $query_string $scheme $server_protocol $server_addr $server_name $server_port $uri 二.Nginx Redirect 将所有linuxtone.org与abc.linuxtone.org域名全部自跳转到[url=http://www.linuxtone.org/]http://www.linuxtone.org代码: server { listen 80; server_name linuxtone.org abc.linuxtone.org; index index.html index.php; root /data/www/wwwroot; if ($http_host !~ "^www\.linxtone\.org$") { rewrite ^(.*) http://www.linuxtone.org$1 redirect; } ........................ } 三.Nginx 目录自动加斜线:代码: if (-d $request_filename){ rewrite ^/(.*)([^/])$ http://$host/$1$2/ permanent; } 四.Nginx 防盗链代码: #Preventing hot linking of images and other file types location ~* ^.+\.(gif|jpg|png|swf|flv|rar|zip)$ { valid_referers none blocked server_names *.linuxtone.org http://localhost baidu.com; if ($invalid_referer) { rewrite ^/ ; # return 403; } }五.Nginx expires 1. 根据文件类型expires # Add expires header for static content location ~* \.(js|css|jpg|jpeg|gif|png|swf)$ { if (-f $request_filename) { root /data/www/wwwroot/bbs; expires 1d; break; } } 2.根据判断某个目录 # serve static files location ~ ^/(images|javascript|js|css|flash|media|static)/ { root /data/www/wwwroot/down; expires 30d; } 五.Nginx 访问控制 1.Nginx 身份证验证 #cd /usr/local/nginx/conf #mkdir htpasswd /usr/local/apache2/bin/htpasswd -c /usr/local/nginx/conf/htpasswd/tongji linuxtone #添加用户名为linuxtone New password: (此处输入你的密码) Re-type new password: (再次输入你的密码) Adding password for user http://count.linuxtone.org/tongji/data/index.html(目录存在/data/www/wwwroot/tongji/data/目录下) 将下段配置放到虚拟主机目录,当访问http://count.linuxtone/tongji/即提示要密验证: location ~ ^/(tongji)/ { root /data/www/wwwroot/count; auth_basic "LT-COUNT-TongJi"; auth_basic_user_file /usr/local/nginx/conf/htpasswd/tongji; }2.Nginx 禁止访问某类型的文件. 如,Nginx下禁止访问*.txt文件,配置方法如下.代码: location ~* \.(txt|doc)$ { if (-f $request_filename) { root /data/www/wwwroot/linuxtone/test; break; } }方法2:代码: location ~* \.(txt|doc)${ root /data/www/wwwroot/linuxtone/test; deny all; } 禁止访问某个目录代码: location ~ ^/(WEB-INF)/ { deny all; } 3.使用ngx_http_access_module限制ip访问 location / { deny 192.168.1.1; allow 192.168.1.0/24; allow 10.1.1.0/16; deny all; } 详细参见wiki: [url=http://wiki.codemongers.com/NginxHttpAccessModule#allow]http://wiki.codemongers.com/NginxHttpAccessModule#allow 4.Nginx 下载限制并发和速率 limit_zone one $binary_remote_addr 10m; server { listen 80; server_name down.linuxotne.org; index index.html index.htm index.php; root /data/www/wwwroot/down; #Zone limit location / { limit_conn one 1; limit_rate 20k; } .......... }5. Nginx 实现Apache一样目录列表 location / { autoindex on; } 六.Nginx Location 1.基本语法:[和上面rewrite正则匹配语法基本一致 location [=|~|~*|^~] /uri/ { … } * ~ 为区分大小写匹配 * ~* 为不区分大小写匹配 * !~和!~*分别为区分大小写不匹配及不区分大小写不匹配示例1:代码: location = / { # matches the query / only. # 只匹配 / 查询。 } 匹配任何查询,因为所有请求都已 / 开头。但是正则表达式规则和长的块规则将被优先和查询匹配 示例2:代码: location ^~ /images/ { # matches any query beginning with /images/ and halts searching, # so regular expressions will not be checked.# 匹配任何已 /images/ 开头的任何查询并且停止搜索。任何正则表达式将不会被测试。示例3:代码: location ~* \.(gif|jpg|jpeg)$ { # matches any request ending in gif, jpg, or jpeg. However, all # requests to the /images/ directory will be handled by }# 匹配任何已 gif、jpg 或 jpeg 结尾的请求。 (责任编辑:IT) |