Tag: Nginx

Let’s Encrypt+Apache虚拟主机上设置

Apache在生成证书后也需要修改一下apache的配置文件 /usr/local/apache/conf/httpd.conf ,查找httpd-ssl将前面的#去掉。
然后再执行:
Apache 2.2如下:

cat >/usr/local/apache/conf/extra/httpd-ssl.conf<<EOF
Listen 443

AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl .crl

SSLCipherSuite EECDH+CHACHA20:EECDH+CHACHA20-draft:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5
SSLProxyCipherSuite EECDH+CHACHA20:EECDH+CHACHA20-draft:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5
SSLHonorCipherOrder on

SSLProtocol all -SSLv2 -SSLv3
SSLProxyProtocol all -SSLv2 -SSLv3
SSLPassPhraseDialog builtin

SSLSessionCache "shmcb:/usr/local/apache/logs/ssl_scache(512000)"
SSLSessionCacheTimeout 300

SSLMutex "file:/usr/local/apache/logs/ssl_mutex"

SSLStrictSNIVHostCheck on
NameVirtualHost *:443
EOF

Apache 2.4如下:

cat >/usr/local/apache/conf/extra/httpd-ssl.conf<<EOF
Listen 443

AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl .crl

SSLCipherSuite EECDH+CHACHA20:EECDH+CHACHA20-draft:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5
SSLProxyCipherSuite EECDH+CHACHA20:EECDH+CHACHA20-draft:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5
SSLHonorCipherOrder on

SSLProtocol all -SSLv2 -SSLv3
SSLProxyProtocol all -SSLv2 -SSLv3
SSLPassPhraseDialog builtin

SSLSessionCache "shmcb:/usr/local/apache/logs/ssl_scache(512000)"
SSLSessionCacheTimeout 300

Mutex sysvsem default

SSLStrictSNIVHostCheck on
EOF

并在对应apache虚拟主机配置文件的最后下面添加上SSL部分的配置文件:

<VirtualHost *:443>
	DocumentRoot /home/wwwroot/www.xiaokyun.com   #网站目录
	ServerName www.xiaokyun.com:443   #域名
	ServerAdmin admin@xiaokyun.com      #邮箱
	ErrorLog "/home/wwwlogs/www.xiaokyun.com-error_log"   #错误日志
	CustomLog "/home/wwwlogs/www.xiaokyun.com-access_log" common    #访问日志
	SSLEngine on
	SSLCertificateFile /etc/letsencrypt/live/www.xiaokyun.com/fullchain.pem   #改一下里面的域名就行
	SSLCertificateKeyFile /etc/letsencrypt/live/www.xiaokyun.com/privkey.pem    #改一下里面的域名就行

<Directory "/home/wwwroot/www.xiaokyun.com">   #网站目录
	SetOutputFilter DEFLATE
	Options FollowSymLinks
	AllowOverride All
	Order allow,deny
	Allow from all
	DirectoryIndex index.html index.php
</Directory>

</VirtualHost>

需将上述配置根据自己的实际情况修改后,添加到虚拟主机配置文件最后面。注意要重启apache使其实现。
执行:

/etc/init.d/httpd restart

重启Apache使其生效。

Let’s Encrypt+Nginx虚拟主机设置

完整配置如下:

server
{
listen 443 ssl; //如果需要spdy也可以加上,lnmp1.2及其后版本都默认支持spdy,lnmp1.3 nginx 1.9.5以上版本默认支持http2
server_name www.xiaokyun.com; //这里是你的域名
index index.html index.htm index.php default.html default.htm default.php;
root /home/wwwroot/www.xiaokyun.com; //网站目录
ssl_certificate /etc/letsencrypt/live/www.xiaokyun.com/fullchain.pem; //前面生成的证书,改一下里面的域名就行,不建议更换路径
ssl_certificate_key /etc/letsencrypt/live/www.xiaokyun.com/privkey.pem; //前面生成的密钥,改一下里面的域名就行,不建议更换路径
ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH";
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:10m;

include wordpress.conf; //这个是伪静态根据自己的需求改成其他或删除
#error_page 404 /404.html;
location ~ [^/].php(/|$)
{
# comment try_files $uri =404; to enable pathinfo
try_files $uri =404;
fastcgi_pass unix:/tmp/php-cgi.sock;
fastcgi_index index.php;
include fastcgi.conf; //lnmp 1.0及之前版本替换为include fcgi.conf;
#include pathinfo.conf;
}

location ~ .*.(gif|jpg|jpeg|png|bmp|swf)$
{
expires 30d;
}

location ~ .*.(js|css)?$
{
expires 12h;
}

access_log off;
}

需将上述配置根据自己的实际情况修改后,添加到虚拟主机配置文件最后面。

添加完需要执行:

/etc/init.d/nginx reload

重新载入配置使其生效。

如果需要HSTS,可以加上

add_header Strict-Transport-Security "max-age=63072000; includeSubdomains; preload";

Nginx Rewrite (常用伪静态规则)

WordPress:

location / {
index index.html index.php;
if (-f $request_filename/index.html){
rewrite (.*) $1/index.html break;
}
if (-f $request_filename/index.php){
rewrite (.*) $1/index.php;
}
if (!-f $request_filename){
rewrite (.*) /index.php;
}
}

WordPress在二级目录:

location /wp {
if (-f $request_filename/index.php) {
rewrite (.*) $1/index.php;
}
if (!-f $request_filename){
rewrite ^/wp/(.*)$ /wp/index.php;
}
}

里面的wp改成你的二级目录名称

PHPCMS:

location / {
rewrite ^/caipu-([0-9]+)-([0-9]+)-([0-9]+).html /index.php?m=content&c=index&a=show&catid=$1&id=$2&page=$3 last;
rewrite ^/content-([0-9]+)-([0-9]+)-([0-9]+).html /index.php?m=content&c=index&a=show&catid=$1&id=$2&page=$3 last;
rewrite ^/list-([0-9]+)-([0-9]+).html /index.php?m=content&c=index&a=lists&catid=$1&page=$2 last;
rewrite ^/tag-([^.]*)-([0-9]+)-([0-9]+).html /index.php?m=content&c=tag&catid=$2&tag=$1&page=$3 last;
rewrite ^/comment-([0-9]+)-([0-9]+)-([0-9]+).html /index.php?m=comment&c=index&a=init&commentid=content_$1-$2-$3 last;
rewrite ^/([^.]*).html /index.php?m=member&c=index&a=$1 last;
}

ECSHOP:

if (!-e $request_filename)
{
rewrite "^/index.html" /index.php last;
rewrite "^/category$" /index.php last;
rewrite "^/feed-c([0-9]+).xml$" /feed.php?cat=$1 last;
rewrite "^/feed-b([0-9]+).xml$" /feed.php?brand=$1 last;
rewrite "^/feed.xml$" /feed.php last;
rewrite "^/category-([0-9]+)-b([0-9]+)-min([0-9]+)-max([0-9]+)-attr([^-]*)-([0-9]+)-(.+)-([a-zA-Z]+)(.*).html$" /category.php?id=$1&brand=$2&price_min=$3&price_max=$4&filter_attr=$5&page=$6&sort=$7&order=$8 last;
rewrite "^/category-([0-9]+)-b([0-9]+)-min([0-9]+)-max([0-9]+)-attr([^-]*)(.*).html$" /category.php?id=$1&brand=$2&price_min=$3&price_max=$4&filter_attr=$5 last;
rewrite "^/category-([0-9]+)-b([0-9]+)-([0-9]+)-(.+)-([a-zA-Z]+)(.*).html$" /category.php?id=$1&brand=$2&page=$3&sort=$4&order=$5 last;
rewrite "^/category-([0-9]+)-b([0-9]+)-([0-9]+)(.*).html$" /category.php?id=$1&brand=$2&page=$3 last;
rewrite "^/category-([0-9]+)-b([0-9]+)(.*).html$" /category.php?id=$1&brand=$2 last;
rewrite "^/category-([0-9]+)(.*).html$" /category.php?id=$1 last;
rewrite "^/goods-([0-9]+)(.*).html" /goods.php?id=$1 last;
rewrite "^/article_cat-([0-9]+)-([0-9]+)-(.+)-([a-zA-Z]+)(.*).html$" /article_cat.php?id=$1&page=$2&sort=$3&order=$4 last;
rewrite "^/article_cat-([0-9]+)-([0-9]+)(.*).html$" /article_cat.php?id=$1&page=$2 last;
rewrite "^/article_cat-([0-9]+)(.*).html$" /article_cat.php?id=$1 last;
rewrite "^/article-([0-9]+)(.*).html$" /article.php?id=$1 last;
rewrite "^/brand-([0-9]+)-c([0-9]+)-([0-9]+)-(.+)-([a-zA-Z]+).html" /brand.php?id=$1&cat=$2&page=$3&sort=$4&order=$5 last;
rewrite "^/brand-([0-9]+)-c([0-9]+)-([0-9]+)(.*).html" /brand.php?id=$1&cat=$2&page=$3 last;
rewrite "^/brand-([0-9]+)-c([0-9]+)(.*).html" /brand.php?id=$1&cat=$2 last;
rewrite "^/brand-([0-9]+)(.*).html" /brand.php?id=$1 last;
rewrite "^/tag-(.*).html" /search.php?keywords=$1 last;
rewrite "^/snatch-([0-9]+).html$" /snatch.php?id=$1 last;
rewrite "^/group_buy-([0-9]+).html$" /group_buy.php?act=view&id=$1 last;
rewrite "^/auction-([0-9]+).html$" /auction.php?act=view&id=$1 last;
rewrite "^/exchange-id([0-9]+)(.*).html$" /exchange.php?id=$1&act=view last;
rewrite "^/exchange-([0-9]+)-min([0-9]+)-max([0-9]+)-([0-9]+)-(.+)-([a-zA-Z]+)(.*).html$" /exchange.php?cat_id=$1&integral_min=$2&integral_max=$3&page=$4&sort=$5&order=$6 last;
rewrite ^/exchange-([0-9]+)-([0-9]+)-(.+)-([a-zA-Z]+)(.*).html$" /exchange.php?cat_id=$1&page=$2&sort=$3&order=$4 last;
rewrite "^/exchange-([0-9]+)-([0-9]+)(.*).html$" /exchange.php?cat_id=$1&page=$2 last;
rewrite "^/exchange-([0-9]+)(.*).html$" /exchange.php?cat_id=$1 last;
}

SHOPEX:

location / {
if (!-e $request_filename) {
rewrite ^/(.+.(html|xml|json|htm|php|jsp|asp|shtml))$ /index.php?$1 last;
}
}

SaBlog 2.0:(感谢追寻36[正冰]博客提供)

# 只带月份的归档
rewrite "^/date/([0-9]{6})/?([0-9]+)?/?$" /index.php?action=article&setdate=$1&page=$2 last;
# 无分类翻页
rewrite ^/page/([0-9]+)?/?$ /index.php?action=article&page=$1 last;
# 分类
rewrite ^/category/([0-9]+)/?([0-9]+)?/?$ /index.php?action=article&cid=$1&page=$2 last;
rewrite ^/category/([^/]+)/?([0-9]+)?/?$ /index.php?action=article&curl=$1&page=$2 last;
# 归档、高级搜索
rewrite ^/(archives|search|article|links)/?$ /index.php?action=$1 last;
# 全部评论、标签列表、引用列表 带分页
rewrite ^/(comments|tagslist|trackbacks|article)/?([0-9]+)?/?$ /index.php?action=$1&page=$2 last;
# tags
rewrite ^/tag/([^/]+)/?([0-9]+)?/?$ /index.php?action=article&item=$1&page=$2 last;
# 文章
rewrite ^/archives/([0-9]+)/?([0-9]+)?/?$ /index.php?action=show&id=$1&page=$2 last;
# RSS rewrite ^/rss/([0-9]+)?/?$ /rss.php?cid=$1 last;
rewrite ^/rss/([^/]+)/?$ /rss.php?url=$1 last;
# 用户 rewrite ^/uid/([0-9]+)/?([0-9]+)?/?$ /index.php?action=article&uid=$1&page=$2 last;
rewrite ^/user/([^/]+)/?([0-9]+)?/?$ /index.php?action=article&user=$1&page=$2 last;
# 地图文件
rewrite sitemap.xml sitemap.php last;
# 自定义链接
rewrite ^(.*)/([0-9a-zA-Z-_]+)/?([0-9]+)?/?$ $1/index.php?action=show&alias=$2&page=$3 last;

Discuz 7:

rewrite ^/archiver/((fid|tid)-[w-]+.html)$ /archiver/index.php?$1 last;
rewrite ^/forum-([0-9]+)-([0-9]+).html$ /forumdisplay.php?fid=$1&page=$2 last;
rewrite ^/thread-([0-9]+)-([0-9]+)-([0-9]+).html$ /viewthread.php?tid=$1&extra=page%3D$3&page=$2 last;
rewrite ^/space-(username|uid)-(.+).html$ /space.php?$1=$2 last;
rewrite ^/tag-(.+).html$ /tag.php?name=$1 last;

Discuz X:

location / {
rewrite ^([^.]*)/topic-(.+).html$ $1/portal.php?mod=topic&topic=$2 last;
rewrite ^([^.]*)/article-([0-9]+)-([0-9]+).html$ $1/portal.php?mod=view&aid=$2&page=$3 last;
rewrite ^([^.]*)/forum-(w+)-([0-9]+).html$ $1/forum.php?mod=forumdisplay&fid=$2&page=$3 last;
rewrite ^([^.]*)/thread-([0-9]+)-([0-9]+)-([0-9]+).html$ $1/forum.php?mod=viewthread&tid=$2&extra=page%3D$4&page=$3 last;
rewrite ^([^.]*)/group-([0-9]+)-([0-9]+).html$ $1/forum.php?mod=group&fid=$2&page=$3 last;
rewrite ^([^.]*)/space-(username|uid)-(.+).html$ $1/home.php?mod=space&$2=$3 last;
rewrite ^([^.]*)/([a-z]+)-(.+).html$ $1/$2.php?rewrite=$3 last;
if (!-e $request_filename) {
return 404;
}
}

Typecho:

location / {
index index.html index.php;
if (-f $request_filename/index.html){
rewrite (.*) $1/index.html break;
}
if (-f $request_filename/index.php){
rewrite (.*) $1/index.php;
}
if (!-f $request_filename){
rewrite (.*) /index.php;
}
}

PHPWind:

location / {
rewrite ^(.*)-htm-(.*)$ $1.php?$2 last;
rewrite ^(.*)/simple/([a-z0-9_]+.html)$ $1/simple/index.php?$2 last;
}

DEDECMS:

location / {
rewrite "^/index.html$" /index.php last;
rewrite "^/list-([0-9]+).html$" /plus/list.php?tid=$1 last;
rewrite "^/list-([0-9]+)-([0-9]+)-([0-9]+).html$" /plus/list.php?tid=$1&totalresult=$2&PageNo=$3 last;
rewrite "^/view-([0-9]+)-1.html$" /plus/view.php?arcID=$1 last;
rewrite "^/view-([0-9]+)-([0-9]+).html$" /plus/view.php?aid=$1&pageno=$2 last;
rewrite "^/tags.html$" /tags.php last;
rewrite "^/tag-([0-9]+)-([0-9]+).html$" /tags.php?/$1/$2/ last;
break;
}

Nginx Url Rewrite

Nginx Rewrite规则相关指令
Nginx Rewrite规则相关指令有if、rewrite、set、return、break等,其中rewrite是最关键的指令。一个简单的Nginx Rewrite规则语法如下:

rewrite ^/b/(.*).html /play.php?video=$1 break;

如果加上if语句,示例如下:

if (!-f $request_filename)
rewrite ^/img/(.*)$ /site/$host/images/$1 last;

Nginx与Apache的Rewrite规则实例对比

简单的Nginx和Apache 重写规则区别不大,基本上能够完全兼容。例如:

Apache Rewrite 规则:

RewriteRule ^/(mianshi|xianjing)/$ /zl/index.php?name=$1 [L]
RewriteRule ^/ceshi/$ /zl/ceshi.php [L]
RewriteRule ^/(mianshi)_([a-zA-Z]+)/$ /zl/index.php?name=$1_$2 [L]
RewriteRule ^/pingce([0-9]*)/$ /zl/pingce.php?id=$1 [L]

Nginx Rewrite 规则:

rewrite ^/(mianshi|xianjing)/$ /zl/index.php?name=$1 last;
rewrite ^/ceshi/$ /zl/ceshi.php last;
rewrite ^/(mianshi)_([a-zA-Z]+)/$ /zl/index.php?name=$1_$2 last;
rewrite ^/pingce([0-9]*)/$ /zl/pingce.php?id=$1 last;

由以上示例可以看出,Apache的Rewrite规则改为Nginx的Rewrite规则,其实很简单:Apache的RewriteRule指令换成Nginx的rewrite指令,Apache的[L]标记换成Nginx的last标记,中间的内容不变。

如果Apache的Rewrite规则改为Nginx的Rewrite规则后,使用nginx -t命令检查发现nginx.conf配置文件有语法错误,那么可以尝试给条件加上引号。例如一下的Nginx Rewrite规则会报语法错误:

rewrite ^/([0-9]{5}).html$ /x.jsp?id=$1 last;

加上引号就正确了:

rewrite “^/([0-9]{5}).html$” /x.jsp?id=$1 last;

Apache与Nginx的Rewrite规则在URL跳转时有细微的区别:

Apache Rewrite 规则:

RewriteRule ^/html/tagindex/([a-zA-Z]+)/.*$ /$1/ [R=301,L]

Nginx Rewrite 规则:

rewrite ^/html/tagindex/([a-zA-Z]+)/.*$ http://$host/$1/ permanent;

以上示例中,我们注意到,Nginx Rewrite 规则的置换串中增加了“http://$host”,这是在Nginx中要求的。

另外,Apache与Nginx的Rewrite规则在变量名称方面也有区别,例如:

Apache Rewrite 规则:

RewriteRule ^/user/login/$ /user/login.php?login=1&forward=http://%{HTTP_HOST} [L]

Nginx Rewrite 规则:

rewrite ^/user/login/$ /user/login.php?login=1&forward=http://$host last;

Apache与Nginx Rewrite 规则的一些功能相同或类似的指令、标记对应关系:

Apache的RewriteCond指令对应Nginx的if指令;
Apache的RewriteRule指令对应Nginx的rewrite指令;
Apache的[R]标记对应Nginx的redirect标记;
Apache的[P]标记对应Nginx的last标记;
Apache的[R,L]标记对应Nginx的redirect标记;
Apache的[P,L]标记对应Nginx的last标记;
Apache的[PT,L]标记对应Nginx的last标记;

允许指定的域名访问本站,其他域名一律跳转到http://www.aaa.com

Apache Rewrite 规则:

RewriteCond %{HTTP_HOST} ^(.*?).xiaokyun.com$
RewriteCond %{HTTP_HOST} !^qita.xiaokyun.com$
RewriteCond %{DOCUMENT_ROOT}/market/%1/index.htm -f
RewriteRule ^/wu/$ /market/%1/index.htm [L]

Nginx的if指令不支持嵌套,也不支持AND、OR等多条件匹配,相比于Apache的RewriteCond,显得麻烦一些,但是,我们可以通过下一页的Nginx配置写法来实现这个示例:

Nginx Rewrite 规则:

if ($host ~* ^(.*?).xiaokyun.com$) set $var_wupin_city $1;
set $var_wupin ‘1′;

if ($host ~* ^qita.xiaokyun.com$)
set $var_wupin ‘0′;

if (!-f $document_root/market/$var_wupin_city/index.htm)
set $var_wupin ‘0′;

if ($var_wupin ~ ‘1′)
rewrite ^/wu/$ /market/$var_wupin_city/index.htm last;
}

rewrite 的语法

语法: rewrite regex replacement flag

默认: none

作用域: server, location, if

This directive changes URI in accordance with the regular expression and the replacement string. Directives are carried out in order of appearance in the configuration file.

这个指令根据表达式来更改URI,或者修改字符串。指令根据配置文件中的顺序来执行。

Be aware that the rewrite regex only matches the relative path instead of the absolute URL. If you want to match the hostname, you should use an if condition, like so:

注意重写表达式只对相对路径有效。如果你想配对主机名,你应该使用if语句。

rewrite只是会改写路径部分的东东,不会改动用户的输入参数,因此这里的if规则里面,你无需关心用户在浏览器里输入的参数,rewrite后会自动添加的,因此,我们只是加上了一个?号和后面我们想要的一个小小的参数 ***https=1就可以了。

nginx的rewrite规则参考:

~ 为区分大小写匹配
~* 为不区分大小写匹配
!~和!~*分别为区分大小写不匹配及不区分大小写不匹

-f和!-f用来判断是否存在文件
-d和!-d用来判断是否存在目录
-e和!-e用来判断是否存在文件或目录
-x和!-x用来判断文件是否可执行

last 相当于Apache里的[L]标记,表示完成rewrite,呵呵这应该是最常用的
break 终止匹配, 不再匹配后面的规则
redirect 返回302临时重定向 地址栏会显示跳转后的地址
permanent 返回301永久重定向 地址栏会显示跳转后的地址

$args
$content_length
$content_type
$document_root
$document_uri
$host
$http_user_agent
$http_cookie
$limit_rate
$request_body_file
$request_method
$remote_addr
$remote_port
$remote_user
$request_filename
$request_uri
$query_string
$scheme
$server_protocol
$server_addr
$server_name
$server_port
$uri

结合QeePHP的例子

if (!-d $request_filename) {
rewrite ^/([a-z-A-Z]+)/([a-z-A-Z]+)/?(.*)$ /index.php?namespace=user&amp;controller=$1&amp;action=$2&amp;$3 last;
rewrite ^/([a-z-A-Z]+)/?$ /index.php?namespace=user&amp;controller=$1 last;
break;

多目录转成参数
abc.xiaokyun.com/sort/2 => abc.xiaokyun.com/index.php?act=sort&name=abc&id=2

if ($host ~* (.*).xiaokyun.com) {
set $sub_name $1;
rewrite ^/sort/(d+)/?$ /index.php?act=sort&cid=$sub_name&id=$1 last;
}

目录对换
/123456/xxxx -> /xxxx?id=123456

rewrite ^/(d+)/(.+)/ /$2?id=$1 last;

例如下面设定nginx在用户使用ie的使用重定向到/nginx-ie目录下:

if ($http_user_agent ~ MSIE) {
rewrite ^(.*)$ /nginx-ie/$1 break;
}

目录自动加“/”

if (-d $request_filename){
rewrite ^/(.*)([^/])$ http://$host/$1$2/ permanent;
}

禁止htaccess

location ~/.ht {
deny all;
}

禁止多个目录

location ~ ^/(cron|templates)/ {
deny all;
break;
}

禁止以/data开头的文件
可以禁止/data/下多级目录下.log.txt等请求;

location ~ ^/data {
deny all;
}

禁止单个目录
不能禁止.log.txt能请求

location /searchword/cron/ {
deny all;
}

禁止单个文件

location ~ /data/sql/data.sql {
deny all;
}

给favicon.ico和robots.txt设置过期时间;
这里为favicon.ico为99天,robots.txt为7天并不记录404错误日志

location ~(favicon.ico) {
log_not_found off;
expires 99d;
break;
}

location ~(robots.txt) {
log_not_found off;
expires 7d;
break;
}

设定某个文件的过期时间;这里为600秒,并不记录访问日志

location ^~ /html/scripts/loadhead_1.js {
access_log off;
root /opt/lampp/htdocs/web;
expires 600;
break;
}

文件反盗链并设置过期时间
这里的return 412 为自定义的http状态码,默认为403,方便找出正确的盗链的请求
“rewrite ^/ http://leech.xiaokyun.com/leech.gif;”显示一张防盗链图片
“access_log off;”不记录访问日志,减轻压力
“expires 3d”所有文件3天的浏览器缓存

location ~* ^.+.(jpg|jpeg|gif|png|swf|rar|zip|css|js)$ {
valid_referers none blocked *.test.xiaokyun.com *.app.xiaokyun.com localhost 208.97.167.194;
if ($invalid_referer) {
rewrite ^/ http://leech.xiaokyun.com/leech.gif;
return 412;
break;
}
access_log off;
root /opt/lampp/htdocs/web;
expires 3d;
break;
}

只充许固定ip访问网站,并加上密码

root /opt/htdocs/www;
allow 208.97.167.194;
allow 222.33.1.2;
allow 231.152.49.4;
deny all;
auth_basic “C1G_ADMIN”;
auth_basic_user_file htpasswd;

将多级目录下的文件转成一个文件,增强seo效果
/job-123-456-789.html 指向/job/123/456/789.html

rewrite ^/job-([0-9]+)-([0-9]+)-([0-9]+).html$ /job/$1/$2/jobshow_$3.html last;

将根目录下某个文件夹指向2级目录
如/shanghaijob/ 指向 /area/shanghai/
如果你将last改成permanent,那么浏览器地址栏显是/location/shanghai/

rewrite ^/([0-9a-z]+)job/(.*)$ /area/$1/$2 last;

上面例子有个问题是访问/shanghai 时将不会匹配

rewrite ^/([0-9a-z]+)job$ /area/$1/ last;
rewrite ^/([0-9a-z]+)job/(.*)$ /area/$1/$2 last;

这样/shanghai 也可以访问了,但页面中的相对链接无法使用,
如./list_1.html真实地址是/area/shanghia/list_1.html会变成/list_1.html,导至无法访问。

那我加上自动跳转也是不行咯
(-d $request_filename)它有个条件是必需为真实目录,而我的rewrite不是的,所以没有效果

if (-d $request_filename){
rewrite ^/(.*)([^/])$ http://$host/$1$2/ permanent;
}

知道原因后就好办了,让我手动跳转吧

rewrite ^/([0-9a-z]+)job$ /$1job/ permanent;
rewrite ^/([0-9a-z]+)job/(.*)$ /area/$1/$2 last;

文件和目录不存在的时候重定向:

if (!-e $request_filename) {
proxy_pass http://127.0.0.1;
}

域名跳转

server
{
listen 80;
server_name jump.xiaokyun.com;
index index.html index.htm index.php;
root /opt/lampp/htdocs/www;
rewrite ^/ http://www.xiaokyun.com/;
access_log off;
}

多域名转向

server_name www.test.xiaokyun.com/ www.xiaokyun.com/;
index index.html index.htm index.php;
root /opt/lampp/htdocs;
if ($host ~ “c1gstudio.net”) {
rewrite ^(.*) http://www.test.xiaokyun.com$1/ permanent;
}

三级域名跳转

if ($http_host ~* “^(.*).i.xiaokyun.com$”) {
rewrite ^(.*) http://top.xiaokyun.com$1/;
break;
}

域名镜向

server
{
listen 80;
server_name mirror.test.xiaokyun.com;
index index.html index.htm index.php;
root /opt/lampp/htdocs/www;
rewrite ^/(.*) http://www.xiaokyun.com/$1 last;
access_log off;
}

某个子目录作镜向

location ^~ /zhaopinhui {
rewrite ^.+ http://zph.xiaokyun.com/ last;
break;
}

discuz ucenter home (uchome) rewrite

rewrite ^/(space|network)-(.+).html$ /$1.php?rewrite=$2 last;
rewrite ^/(space|network).html$ /$1.php last;
rewrite ^/([0-9]+)$ /space.php?uid=$1 last;

discuz 7 rewrite

rewrite ^(.*)/archiver/((fid|tid)-[w-]+.html)$ $1/archiver/index.php?$2 last;
rewrite ^(.*)/forum-([0-9]+)-([0-9]+).html$ $1/forumdisplay.php?fid=$2&page=$3 last;
rewrite ^(.*)/thread-([0-9]+)-([0-9]+)-([0-9]+).html$ $1/viewthread.php?tid=$2&extra=page%3D$4&page=$3 last;
rewrite ^(.*)/profile-(username|uid)-(.+).html$ $1/viewpro.php?$2=$3 last;
rewrite ^(.*)/space-(username|uid)-(.+).html$ $1/space.php?$2=$3 last;
rewrite ^(.*)/tag-(.+).html$ $1/tag.php?name=$2 last;

给discuz某版块单独配置域名

server_name bbs.test.xiaokyun.com news.test.xiaokyun.com;

location = / {
if ($http_host ~ news.xiaokyun.com$) {
rewrite ^.+ http://news.xiaokyun.com/forum-831-1.html last;
break;
}
}

discuz ucenter 头像 rewrite 优化

location ^~ /ucenter {
location ~ .*.php?$
{
#fastcgi_pass unix:/tmp/php-cgi.sock;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
include fcgi.conf;
}

location /ucenter/data/avatar {
log_not_found off;
access_log off;
location ~ /(.*)_big.jpg$ {
error_page 404 /ucenter/images/noavatar_big.gif;
}
location ~ /(.*)_middle.jpg$ {
error_page 404 /ucenter/images/noavatar_middle.gif;
}
location ~ /(.*)_small.jpg$ {
error_page 404 /ucenter/images/noavatar_small.gif;
}
expires 300;
break;
}
}

jspace rewrite

location ~ .*.php?$
{
#fastcgi_pass unix:/tmp/php-cgi.sock;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
include fcgi.conf;
}

location ~* ^/index.php/
{
rewrite ^/index.php/(.*) /index.php?$1 break;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
include fcgi.conf;
}

apache-nginx-url-rewrite-convert

Apache(.htaccess):

RewriteEngine On
RewriteBase /
RewriteRule ^()$ index.php [NC,L]
Rewritecond %{REQUEST_URI} !(^/?.*..*$) [NC]
RewriteRule (.*)$ $1.php [NC]

nginx:

location / {
root /htdocs/;
index index.php index.html index.htm;
rewrite ^/()$ /index.php last;
rewrite /(.*)$ /$1.php;
}