# nginx 常用全局变量 | 变量 | 说明 | | :-------- | :----- | |$args |请求中的参数,如www.123.com/1.php?a=1&b=2的$args就是a=1&b=2 | |$content_length |HTTP请求信息里的"Content-Length" | |$conten_type | HTTP请求信息里的"Content-Type" | |$document_root|nginx虚拟主机配置文件中的root参数对应的值| |$document_uri|当前请求中不包含指令的URI,如www.123.com/1.php?a=1&b=2的$document_uri就是1.php,不包含后面的参数| |$host|主机头,也就是域名| |$http_user_agent|客户端的详细信息,也就是浏览器的标识,用curl -A可以指定| |$http_cookie|客户端的cookie信息| |$limit_rate|如果nginx服务器使用limit_rate配置了显示网络速率,则会显示,如果没有设置, 则显示0| |$remote_addr|客户端的公网ip| |$remote_port|客户端的port| |$remote_user|如果nginx有配置认证,该变量代表客户端认证的用户名| |$request_body_file|做反向代理时发给后端服务器的本地资源的名称| |$request_method|请求资源的方式,GET/PUT/DELETE等| |$request_filename|当前请求的资源文件的路径名称,相当于是$document_root/$document_uri的组合| |$request_uri|请求的链接,包括$document_uri和$args| |$scheme|请求的协议,如ftp,http,https| |$server_protocol|客户端请求资源使用的协议的版本,如HTTP/1.0,HTTP/1.1,HTTP/2.0等| |$server_addr|服务器IP地址| |$server_name|服务器的主机名| |$server_port|服务器的端口号| |$uri|和$document_uri相同| |$http_referer|客户端请求时的referer,通俗讲就是该请求是通过哪个链接跳过来的,用curl -e可以指定| ### $args ```bash [root@localhost vhosts]# cat 123.com.conf server { listen 80; server_name 123.com; root /data/wwwroot/123.com; index index.html index.php; rewrite_log on; return 200 $args; } [root@localhost vhosts]# curl -x127.0.0.1:80 123.com/2.html?a=1 a=1 [root@localhost vhosts]# curl -x127.0.0.1:80 123.com/2.html?a=1\&b-2 a=1&b-2 ``` ### $content_length ```bash [root@localhost vhosts]# curl -x127.0.0.1:80 123.com/2.html?a=1\&b-2 -I HTTP/1.1 200 OK Server: nginx/1.23.1 Date: Thu, 18 Aug 2022 03:54:00 GMT Content-Type: text/html Content-Length: 7 Connection: keep-alive ``` ### $document_root ```bash [root@localhost vhosts]# cat 123.com.conf server { listen 80; server_name 123.com; root /data/wwwroot/123.com; index index.html index.php; rewrite_log on; return 200 $document_root; } [root@localhost vhosts]# curl -x127.0.0.1:80 123.com/2.html /data/wwwroot/123.com ``` ### $http_user_agent ```bash [root@localhost vhosts]# cat 123.com.conf server { listen 80; server_name 123.com; root /data/wwwroot/123.com; index index.html index.php; rewrite_log on; return 200 $http_user_agent; } [root@localhost vhosts]# curl -A "fix" -x127.0.0.1:80 123.com/2.html fix ``` ## 实战 ### 域名跳转(域名重定向) #### 不带任何条件 ```bash server{ listen 80; server_name www.aminglinux.com; rewrite /(.*) http://www.aming.com/$1 permanent; ....... } # 测试 [root@localhost vhosts]# cat return.com.conf server { listen 80; server_name return.com; root /data/wwwroot/return.com; index index.html index.php; rewrite /(.*) http://123.com/$1 permanent; } [root@localhost vhosts]# curl -x127.0.0.1:80 return.com/1.html -I HTTP/1.1 301 Moved Permanently Server: nginx/1.23.1 Date: Thu, 18 Aug 2022 04:43:25 GMT Content-Type: text/html Content-Length: 169 Connection: keep-alive Location: http://123.com/1.html ``` #### 带条件 ```bash server{ listen 80; server_name www.aminglinux.com aminglinux.com; if ($host != 'www.aminglinux.com') { rewrite /(.*) http://www.aminglinux.com/$1 permanent; } ....... } # 测试 [root@localhost vhosts]# cat return.com.conf server { listen 80; server_name return.com www.return.com; root /data/wwwroot/return.com; index index.html index.php; if ($host != return.com) { rewrite /(.*) http://123.com/$1 permanent; } } [root@localhost vhosts]# curl -x127.0.0.1:80 return.com -I HTTP/1.1 403 Forbidden Server: nginx/1.23.1 Date: Thu, 18 Aug 2022 04:48:31 GMT Content-Type: text/html Content-Length: 153 Connection: keep-alive [root@localhost vhosts]# curl -x127.0.0.1:80 www.return.com -I HTTP/1.1 301 Moved Permanently Server: nginx/1.23.1 Date: Thu, 18 Aug 2022 04:48:38 GMT Content-Type: text/html Content-Length: 169 Connection: keep-alive Location: http://123.com/ ``` #### http跳转到https ```bash server{ listen 80; server_name www.aminglinux.com; rewrite /(.*) https://www.aminglinux.com/$1 permanent; ....... } # 测试 [root@localhost vhosts]# cat return.com.conf server { listen 80; server_name return.com www.return.com; root /data/wwwroot/return.com; index index.html index.php; rewrite /(.*) https://retrun.com/$1 permanent; } [root@localhost vhosts]# curl -x127.0.0.1:80 www.return.com -I HTTP/1.1 301 Moved Permanently Server: nginx/1.23.1 Date: Thu, 18 Aug 2022 04:51:39 GMT Content-Type: text/html Content-Length: 169 Connection: keep-alive Location: https://retrun.com/ ``` #### 域名访问二级目录 ```bash server{ listen 80; server_name bbs.aminglinux.com; rewrite /(.*) http://www.aminglinux.com/bbs/$1 last; ....... } # 测试 [root@localhost vhosts]# cat return.com.conf server { listen 80; server_name return.com www.return.com; root /data/wwwroot/return.com; index index.html index.php; rewrite /(.*) http://retrun.com/123/$1 permanent; } [root@localhost vhosts]# curl -x127.0.0.1:80 www.return.com/1.html -I HTTP/1.1 301 Moved Permanently Server: nginx/1.23.1 Date: Thu, 18 Aug 2022 04:59:24 GMT Content-Type: text/html Content-Length: 169 Connection: keep-alive Location: http://retrun.com/123/1.html ``` #### 静态请求分离 ```bash server{ listen 80; server_name www.aminglinux.com; location ~* ^.+.(jpg|jpeg|gif|css|png|js)$ { rewrite /(.*) http://img.aminglinux.com/$1 permanent; } ....... } #或者: server{ listen 80; server_name www.aminglinux.com; if ( $uri ~* 'jpg|jpeg|gif|css|png|js$') { rewrite /(.*) http://img.aminglinux.com/$1 permanent; } ....... } # 测试 [root@localhost vhosts]# !cat cat return.com.conf server { listen 80; server_name return.com www.return.com; root /data/wwwroot/return.com; index index.html index.php; if ($uri ~* 'jpg|css$') { rewrite /(.*) http://img.123.com/123/$1 permanent; } } [root@localhost vhosts]# curl -x127.0.0.1:80 www.return.com/1.html -I HTTP/1.1 200 OK Server: nginx/1.23.1 Date: Thu, 18 Aug 2022 05:08:56 GMT Content-Type: text/html Content-Length: 9 Last-Modified: Tue, 16 Aug 2022 05:33:08 GMT Connection: keep-alive ETag: "62fb2c14-9" Accept-Ranges: bytes [root@localhost vhosts]# curl -x127.0.0.1:80 www.return.com/1.html.jpg -I HTTP/1.1 301 Moved Permanently Server: nginx/1.23.1 Date: Thu, 18 Aug 2022 05:09:05 GMT Content-Type: text/html Content-Length: 169 Connection: keep-alive Location: http://img.123.com/123/1.html.jpg [root@localhost vhosts]# curl -x127.0.0.1:80 www.return.com/1.html.css -I HTTP/1.1 301 Moved Permanently Server: nginx/1.23.1 Date: Thu, 18 Aug 2022 05:09:10 GMT Content-Type: text/html Content-Length: 169 Connection: keep-alive Location: http://img.123.com/123/1.html.css ``` ### 防盗链 ```bash server{ listen 80; server_name www.aminglinux.com; location ~* ^.+.(jpg|jpeg|gif|css|png|js|rar|zip|flv)$ { valid_referers none blocked server_names *.aminglinux.com aminglinux.com *.aming.com aming.com; if ($invalid_referer) { rewrite /(.*) http://img.aminglinux.com/images/forbidden.png; } } ....... } #说明:*这里是通配,跟正则里面的*不是一个意思,none指的是referer不存在的情况(curl -e 测试), blocked指的是referer头部的值被防火墙或者代理服务器删除或者伪装的情况, 该情况下,referer头部的值不以http://或者https://开头(curl -e 后面跟的referer不以http://或者https://开头)。 #或者: location ~* ^.+.(jpg|jpeg|gif|css|png|js|rar|zip|flv)$ { valid_referers none blocked server_names *.aminglinux.com *.aming.com aminglinux.com aming.com; if ($invalid_referer) { return 403; } } ``` ### 伪静态 ```bash location / { rewrite ^([^\.]*)/topic-(.+)\.html$ $1/portal.php?mod=topic&topic=$2 last; rewrite ^([^\.]*)/forum-(\w+)-([0-9]+)\.html$ $1/forum.php?mod=forumdisplay&fid=$2&page=$3 last; rewrite ^([^\.]*)/thread-([0-9]+)-([0-9]+)-([0-9]+)\.html$ $1/forum.php?mod=viewthread&tid=$2&extra=page%3D$4&page=$3 last; rewrite ^([^\.]*)/group-([0-9]+)-([0-9]+)\.html$ $1/forum.php?mod=group&fid=$2&page=$3 last; rewrite ^([^\.]*)/space-(username|uid)-(.+)\.html$ $1/home.php?mod=space&$2=$3 last; rewrite ^([^\.]*)/(fid|tid)-([0-9]+)\.html$ $1/index.php?action=$2&value=$3 last; } ``` ### rewrite多个条件的并且 ```bash location /{ set $rule 0; if ($document_uri !~ '^/abc') { set $rule "${rule}1"; } if ($http_user_agent ~* 'ie6|firefox') { set $rule "${rule}2"; } if ($rule = "012") { rewrite /(.*) /abc/$1 redirect; } } ``` -------------------------------------------- ## location ### 安装第三方模块 echo-nginx-module ```bash # 使用git安装模块 yum install -y git # 克隆源码 cd /usr/local/src/ git clone https://github.com/openresty/echo-nginx-module.git #或者下载源码上传到服务器 unzip echo-nginx-module-master.zip # 进入nginx安装目录 cd nginx-1.23.1 # 查看nginx安装目录和已安装模块 nginx -V # 加载第三方模块 ./configure --prefix=/usr/local/nginx --with-http_ssl_module --add-module=/usr/local/src/echo-nginx-module # 编译安装 make && make install # 重启nginx systemctl restart nginx # 验证 server { listen 80; server_name lwz.com; root /data/www; index index.html index.php; location = "/10.html" { echo "10"; } } # 请求 curl -x127.0.0.1:80 lwz.com/10.html 10 ``` ### location语法 nginx location语法规则:`location [=|~|~*|^~] /uri/ { … }` nginx的location匹配的变量是`$uri` |符号|说明| |:--:|:--| |=|表示精确匹配| |^~ |表示uri以指定字符或字符串开头| |~ |表示区分大小写的正则匹配| |~* |表示不区分大小写的正则匹配| |/ |通用匹配,任何请求都会匹配到| **优先级规则** = 高于 ^~ 高于 ~* 等于 ~ 高于 / ```bash location = "/12.jpg" { ... } 如: www.aminglinux.com/12.jpg 匹配 www.aminglinux.com/abc/12.jpg 不匹配 location ^~ "/abc/" { ... } 如: www.aminglinux.com/abc/123.html 匹配 www.aminglinux.com/a/abc/123.jpg 不匹配 location ~ "png" { ... } 如: www.aminglinux.com/aaa/bbb/ccc/123.png 匹配 www.aminglinux.com/aaa/png/123.html 匹配 location ~* "png" { ... } 如: www.aminglinux.com/aaa/bbb/ccc/123.PNG 匹配 www.aminglinux.com/aaa/png/123.html 匹配 location /admin/ { ... } 如: www.aminglinux.com/admin/aaa/1.php 匹配 www.aminglinux.com/123/admin/1.php 不匹配 ``` > 小常识: > 有些资料上介绍location支持不匹配 !~, 如: `location !~ 'png'{ ... }` 这是错误的,location不支持 !~ > 如果有这样的需求,可以通过if来实现, 如: `if ($uri !~ 'png') { ... }` > 注意:location优先级小于if