沉冰浮水

沉冰浮水

做最终到的事,成为最终成为的人!
github
bilibili
mastodon
zhihu
douban
Home作品集Archives

"Notes". Overview of available variables in .htaccess and nginx.conf.

#笔记#Apache#Nginx#折腾112
AI Translation
This post is translated from Chinese into English through AI.View Original
AI-generated summary
This is a blog post discussing the variables available in the .htaccess and nginx.conf files. It provides a table listing the variables and their explanations. It also includes links to documentation on mod_rewrite in Apache and a tutorial on .htaccess. The post further explains regular expression matching, file and directory matching, and the flag options for the rewrite directive. It also provides examples of using conditions and variables in Nginx configurations to allow access based on user agent or IP address.

Even though my search ability is not low, I still struggle to quickly find many things.

.htaccessnginx.confDescription
%{REQUEST_SCHEME}$schemehttp /https
%{HTTP_HOST}$hostdomain / ip
%{REQUEST_URI}$request_uripart after host/
%{REQUEST_FILENAME}$request_filenameseems to be the same as uri
%{QUERY_STRING}$argsquery string (part after ?)
%{HTTP_USER_AGENT}$http_user_agentclient UA
%{REMOTE_ADDR}$remote_addrvisitor's IP

$scheme://$host/or%{REQUEST_SCHEME}://%{HTTP_HOST}/can directly concatenate the current URL.

mod_rewrite Reference_Apache Chinese Documentation:

https://www.apachehttpd.com/mod/mod_rewrite.html

Htaccess - THE Ultimate .htaccess tutorial with 100's of Examples:

https://www.askapache.com/htaccess/#Htaccess_Variables

I. Regular expression matching, where:

  • ~ is for case-sensitive matching;
  • ~* is for case-insensitive matching;
  • !~ and !~* are for case-sensitive and case-insensitive non-matching, respectively;

II. File and directory matching, where:

  • -f and !-f are used to check if a file exists;
  • -d and !-d are used to check if a directory exists;
  • -e and !-e are used to check if a file or directory exists;
  • -x and !-x are used to check if a file is executable;

III. The last parameter of the rewrite directive is the flag, which can be:

  • last initiates a new request for the rewritten URI, the final effect depends on whether the new request can match another rule; "similar to [L] flag in Apache"
  • break the current directive specifies the final URI;
  • redirect returns a 302 temporary redirect, the browser address will display the redirected URL;
  • permanent returns a 301 permanent redirect, the browser address will display the redirected URL;

In 2022, I just learned that you can't directly use "and" or "or" operations in Nginx configuration?

# Used to view the visiting IP, for testing only
location ~* ^/ip/[\d-]+ {
    # default_type cannot be used inside if
    default_type    text/plain;
    return 200      "${remote_addr}";
}

# Match a certain path
# if ($uri ~* ^/SomePath) {
    # ………………
# }

# -----------------

# Default is 0
set $pass 0;

# Set $pass to 1 if any condition is met;
# equivalent to "or" operation;

# Check UA
if ($http_user_agent ~* Edg/\d+) {
    set $pass 1;
}

# Check IP
if ($remote_addr ~* 172.*) {
    set $pass 1;
}

# Deny access if not equal to 1
if ($pass != 1) {
    return 403;
}

# -----------------

set $flag 0;

# All conditions must be met;
# equivalent to "and" operation;

# Check UA
if ($http_user_agent ~* Edg/\d+) {
    set $flag "${flag}1";
}

# Check IP
if ($remote_addr ~* 172.*) {
    set $flag "${flag}1";
}

# Deny access if the result does not match
if ($flag != "011") {
    return 403;
}

Nginx implementation to only allow search engines or specified IP addresses to access:

# Frozen Ice and Floating Water (wdssmq)
location / {
    set $pass 0;
    # Check UA
    if ($http_user_agent ~* (Baiduspider|YisouSpider|360Spider|HaosouSpider|bingbot|Sosospider|Sosoimagespider|Bytespider|Sogou web spider|Sogou inst spider|Sogou News Spider|Sogou Pic Spider|Sogou Video Spider|Googlebot|Googlebot-Image|AdsBot-Google-Mobile)) {
        set $pass 1;
    }
    # Check IP
    if ($remote_addr ~* (123.123.123.123|192.168.0.\d+)) {
        set $pass 1;
    }
    # Deny access if not equal to 1
    if ($pass != 1) {
        return 403;
    }
    # Other rules for pseudo-static and so on
}
Loading...
Ownership of this post data is guaranteed by blockchain and smart contracts to the creator alone.