Rewrite Rule in Nginx to Block a Specific URL - nginx

I would like to block a specific URL from being access and return a 444 Error.
Example:
if ( $request_uri ~ https://subdomain.domain.com/abc/xyzdirector/login.do ) {
return 444;
}
Now this works fine, the issue is if I type the following URL in my browser and change ANY of the capitalization in the sub-directories, it does not work:
Example:
https://subdomain.domain.com/ABC/xyzdirector/login.d
https://subdomain.domain.com/abc/XYZdirector/login.d
https://subdomain.domain.com/abc/xyzdirecTOR/login.d
https://subdomain.domain.com/Abc/XyzDirector/login.d
When I do this, the url gets forwarded and servered.
How do I block this?

You want a case-insensitive regex location:
location ~* ^/abc/xyzdirector/login\.do$ {
return 444;
}
If you have any other regex locations in your config, make sure you put this one above any others that may match this url.

Related

how to make nginx location match path both with slash and without slash?

currently i have this location in my nginx file, it does not work with http://mydomain/ab/cd. How can i make the browser to go to the same page when user type both http://mydomain/ab/cd and http://mydomain/ab/cd/?
location /ab/cd/ {
}
The fastest, in terms of performance, is simply two exact locations:
location = /ab/cd {
...
}
location = /ab/cd/ {
...
}
You can try
location ~* ^/ab/cd(|\/) {...}
It is a prefix matching regex that checks if it has trailing slash or not.

Nginx location block with if but where is the else?

Need to redirect a url with variable to another domain name. The following code works when it matches but fails when it does not match.
For example it works when the request is https://old.example.com/test/place?id=2
Fails when the request is for https://old.example.com/test/place?id=1
Need https://old.example.com/test/place?id=1 to just pass through and only catch id=2.
What is missing in the configuration? What did I miss?
location = /test/place {
if ($request_uri ~ ^/test/place\?id=2) {
return 301 https://new.example.com/test/place?id=2;
}
}
Found the solution with the help from the nginx mailing list member, Patrick. Here is the link to the conversation.
The mailing list link to the solution
The final solution is as follows.
if ( $request_uri = "/test/place?id=2" ) {
rewrite ^ https://new.example.com${uri}?${args}? last;
}

Nginx rewtire question mark

I use Windows 7 for developing web sites. Now I have a problem on rewrite an url. Try to change a question mark to an underscore, but nothings seems to work.
location /site/ {
rewrite "^skript.php([?]{1})(.*)$" skript.php_$2;
}
Url should be "skript.php_$args.
Solution needed.
The ? is the delimiter for the query string. The rewrite and location directives use a normalised URI which already has the query string removed and placed into $args.
There are a number of ways to append _$args to the URI, depending on what you are trying to achieve. For example:
location = /foo.php {
rewrite ^ $uri_$args?;
}
Or:
location = /foo.php {
return 301 $uri_$args;
}
Or:
rewrite ^/foo.php$ $uri_$args?;
See this and this for details.

Nginx rewrite: how to change URL from dynamic to static

I'm configuring nginx as reverse proxy.
I need to change (rewrite?) the URLs, example: when the request (to nginx Reverse Proxy) is "http://example.com/test/?username=test1;password=passwdtest1" it will must "modified" to the main server as "http://example.com/test/?username=production;password=passwdproduction1".
Consider that in the original request the fields "username=test1;password=passwdtest1" are not always the same (they changes), instead the "modified" to the main server are always the same.
Others example to be more clear:
"/test/?username=test1;password=passwdtest1" -> "/test/?username=production;password=passwdproduction1"
"/test/?username=test1876;password=somepasswd" -> "/test/?username=production;password=passwdproduction1"
"/test/?username=somevalues;password=somepasswdvalue" -> "/test/?username=production;password=passwdproduction1"
So, independently to what are the values of "?username=somevalues;password=somepasswdvalue" it should always become "?username=production;password=passwdproduction1".
Thanks for your help!
A little late on the answer but this should work for you:
location ~* /test/? {
if ($arg_username ~ "^$|\s+") { return 404; }
if ($arg_password ~ "^$|\s+") { return 404; }
rewrite ^ /test?username=production&password=passwdproduction1? permanent;
}
The code above checks if it is within the example.com/test path. If it is it will check if the user name or the password variable are present and not empty in the query string. In case if any isn't present or is empty it will return a 404 else it will redirect you to the preferred url.
By the way, instead of the semicolon in your example urls I would use an ampersand (&).

Return with changing number in source url

When user visits:
/profile.php?mode=viewprofile&u=[NUMBER FROM 1 TO 4000]
I want nginx to return:
/memberlist.php?mode=viewprofile&u=[SAME NUMBER]
How can I do it? Thank you for help.
The problem is that you need to match /profile.php and mode=viewprofile which is not trivial nginx. There are a number of ways to achieve it.
You could replicate the location ~\.php$ block and add the conditional redirection there:
location = /profile.php {
if ($arg_mode = viewprofile) {
return 301 /memberlist.php?$args;
}
... # add location ~\.php$ stuff here
}
Alternatively, check the $request_uri (which contains the original URI including query string), early in the server block:
if ($request_uri ~ "^/profile\.php\?mode=viewprofile&") {
return 301 /memberlist.php?$args;
}
See this caution on the use of the if statement.

Resources