二級域名:
RewriteCond Host: (?!/.|www|ww)(.*).xiaojudeng.com
RewriteRule (.*) http\://www.xiaojudeng.com/$1$2 [I,R]

防盜鏈:
ISAPI_Rewrite的httpd.ini內容寫的是下面內容,如果你也遇到盜鏈的困擾,建議可以参考一下:

RewriteCond Host: (.+)
RewriteCond Referer: (?!http://(?:www\.xiaojudeng\.com|www\.ifeng\.com|www\.goboyo\.com|www\.soso\.com|www\.google\.com|cache\.baidu\.com)).+
RewriteRule .*\.(?:jpg|kmz|kml|zip) /block.gif [I,O]

注釋:第二行裏面的域名是允許鏈接圖片的網站列表,目前我允許我自己的兩個站和另外bloglines、zhuaxia、google、baidu這四個網站引用我站文件,其他網站的引用被禁止。

  第三行是禁止引用的文件類型,包括jpg圖片、Google Earth的kmz和kml、zip文件。當然,還可以增加其他類型,比如gif、rar等,因为我站沒有那些文件,所以沒有添加上去。

下面是轉載的一點文章,特轉给帥哥看的。

發這個幫助文件是因为在给朋友設置主機的時候發現他們的ISAPI Rewrite的設置都有些不正確,有些甚至阻礙了站點的正常運行。就把官方自帶的英文幫助粗略的翻譯了一下。大家可以自由使用和轉載。但轉載時如果你願意請注明是 藍色 翻譯的版本。

===================
ISAPI Rewrite 配置簡介:

在NT/2000/XP和2003平台上,ISAPI Rewrite在系統帳戶下射入INETINFO進程與 IIS 以共存模式過滤器運行。所以系統帳戶應該给予對ISAPI- REWIRITE DLLS Internet匿名訪問組 可讀可執行權限 和所有的 HTTPD。INI 文件可讀權限,還應該给予系統帳戶對於所有包括 HTTPD。INI 文件的文件夾的可寫權限,這將允許產生 HTTP。 PARSE。ERRORS 日志文件,來記錄配置文件語法錯誤。對於PROXY模塊也需要額外的權限,因为它將運行於連接池或HIGH-ISPLATED 應用模式,IIS帳戶共享池和HIGH-ISOLATION池應被给予對RWHELPERE。DLL的可讀權限。缺省情況下IWAM-《計算機名》被用於所有的池,在相應的COM+應用設置中應借助COM+ADMINISTRATION MMC SNAP-IN建立池帳戶

配置文件格式化:

配置文件分为兩種: GLOBAL(服務器全局模式)和 INDIVIDUAL(站點獨立設置模式)文件,GLOBAL(服務器端全局模式)配置文件應該被放在ISAPI-REWRITE 安裝目錄中,名为 httpd.ini 。這個文件可以通過開始菜單的快捷方式訪問和配置,這個文件裏面的映射規則为全局規則,將針對所有站點起效。INDIVIDUAL(站點獨立設置模式)配置文件應該被放在虛擬站點的根目錄內,也被命名为httpd.ini文件,這裏面應該放置針對站點的映射配置設置,只針對被放置的虛擬站點有效。兩種類型的 httpd.ini 都是標准的windows ini 文件。所有的映射規則應該被放置在 [ISAPI_Rewrite] 之後。之前的文件文本將被忽略。
HTTPD.INI文件示例

[ISAPI_Rewrite]

# This is a comment

# 300 = 5 minutes

CacheClockRate 300

RepeatLimit 20

# 設置其他人沒有下載 httpd.ini 和 httpd.parse.errors 文件的權限

RewriteRule /httpd(?:\.ini|\.parse\.errors) / [F,I,O]

# Block external access to the Helper ISAPI Extension

RewriteRule .*\.isrwhlp / [F,I,O]

# 配置規則

RewriteCond Host: (.+)

RewriteCond 指令

Syntax:(句法) RewriteCond TestVerb CondPattern [Flags]

這一指令定義一個條件規則,在 RewriteRule 或者 RewriteHeader或 RewriteProxy指令前預行RewriteCond指令,後面的規則只有它的,模式匹配URI的當前狀態並且額外的條件也被應用才會被應用。

TestVerb

Specifies verb that will be matched against regular expression.

特別定義的動詞匹配規定的表達式

TestVerb=(URL | METHOD | VERSION | HTTPHeaderName: | %ServerVariable) where:

URL – returns Request-URI of client request as described in RFC 2068 (HTTP 1.1);

返回客戶端在RFC2068中描述的需求的Request-URI

METHOD – returns HTTP method of client request (OPTIONS, GET, HEAD, POST, PUT, Delete or TRACE);

返回客戶端需求(OPTIONS, GET, HEAD, POST, PUT, Delete or TRACE)的HTTP方法

VERSION – returns HTTP version;

返回HTTP版本

HTTPHeaderName – returns value of the specified HTTP header. HTTPHeaderName can be any valid HTTP header name. Header names should include the trailing colon “:”. If specified header does not exists in a client’s request TestVerb is treated as empty string.

返回特定義的HTTP頭文件的值

HTTPHeaderName =

Accept:

Accept-Charset:

Accept-Encoding:

Accept-Language:

Authorization:

Cookie:

From:

Host:

If-Modified-Since:

If-Match:

If-None-Match:

If-Range:

If-Unmodified-Since:

Max-Forwards:

Proxy-Authorization:

Range:

Referer:

User-Agent:

Any-Custom-Header

得到更多的關於HTTP頭文件的和他們的值的信息参考RFC2068

ServerVariable 返回特定義的服務器變量的值 。例如服務器端口,全部服務器變量列表應在IIS文檔中建立,變量名應用%符預定;

CondPattern

The regular expression to match TestVerb

規則表達式匹配TestVerb

[Flags]

Flags is a comma-separated list of the following flags:

O (nOrmalize)

Normalizes string before processing. Normalization includes removing of an URL-encoding, illegal characters, etc. This flag is useful with URLs and URL-encoded headers

RewriteRule 指令

Syntax: RewriteRule Pattern FormatString [Flags]

這個指令可以不止發生一次,每個指令定義一個單獨的重寫規則,這些規則的定義命令很重要,因为這個命令在應用運行時規則是有用途的

I (ignore case)

不管大小寫強行指定字符匹配(http://www.xiaojudeng.com/),這個FLAG影響RewriteRule指令和相應的RewriteCond 指令

F (Forbidden)

對客戶端做反應,停止REWRITING進程並且發送403錯誤,注意在這種情況下FORMATSTRING 是無用的並可以設置为任何非空字符串。

L (last rule)

不應用任何重寫規則在此停止重寫進程,使用這個FLAG以阻止當前被重寫的URI被後面的規則再次重寫

N (Next iteration)

強制REWRITINGENGINE調整規則目標並且從頭重启規則檢查(所有修改將保存),重启次數由RepeatLimit指定的值限制,如果這個數值超過N FLAG將被忽略

NS (Next iteration of the same rule)

以N標記工作不從相同的規則重启規則規則進程(例如強制重复規則應用),通過RepeatLimit指令指定一個反复實行某一規則的最大數目,

P (force proxy)

強制目的URI在內部強制为代理需求並且立即通過ISAPI擴展應付代理需求,必須確認代理字符串是一個有效的URI包括協議主機等等否則代理將返回錯誤

R (explicit redirect)

強制服務器對客戶端發出重定向指示即時應答,提供目的URI的新地址,重定向規則經常是最後規則

RP (permanent redirect)

幾乎和[R]標記相同但是發布301HTTP狀態而不是302HTTP狀態代碼

U (Unmangle Log)

當URI是源需求而不是重寫需求時記載URI

O (nOrmalize)

在實行之前標准化字符串。標准化包括URL-ENCODING,不合法的字符的再移動等,這個標記對於URLS和URLS-ENDODED頭是有用的

CL (Case Lower)

小寫

CU (Case Upper)

大寫

RewriteHeader directive

Syntax: RewriteHeader HeaderName Pattern FormatString [Flags]

這個指令是RewriteRule的更概括化變種,它不僅重寫URL的客戶端需求部分,而且重寫HTTP頭,這個指令不僅用於重寫。生成,刪除任何HTTP頭,甚至改變客戶端請求的方法

HeaderName

指定將被重寫的客戶頭,可取的值與 RewriteCond 指令中TestVerb参數相同

Pattern

限定規則表達式以匹配Request-URI,

FormatString

限定將生成新的URI的FormatString

[Flags]

是一個下列FLAGS的命令分隔列表

I (ignore case)

不管大小寫強行指定字符匹配,這個FLAG影響RewriteRule指令和相應的RewriteCond 指令

F (Forbidden)

對客戶端做反應,停止REWRITING進程並且發送403錯誤,注意在這種情況下FORMATSTRING 是無用的並可以設置为任何非空字符串。

L (last rule)

不應用任何重寫規則在此停止重寫進程,使用這個FLAG以阻止當前被重寫的URI被後面的規則再次重寫

N (Next iteration)

強制REWRITINGENGINE調整規則目標並且從頭重启規則檢查(所有修改將保存),重启次數由RepeatLimit指定的值限制,如果這個數值超過N FLAG將被忽略

NS (Next iteration of the same rule)

以N標記工作不從相同的規則重启規則規則進程(例如強制重复規則應用),通過RepeatLimit指令指定一個反复實行某一規則的最大數目,

R (explicit redirect)

強制服務器對客戶端發出重定向指示即時應答,提供目的URI的新地址,重定向規則經常是最後規則

RP (permanent redirect)

幾乎和[R]標記相同但是發布301HTTP狀態而不是302HTTP狀態代碼

U (Unmangle Log)

當URI是源需求而不是重寫需求時記載URI

O (nOrmalize)

在實行之前標准化字符串。標准化包括URL-ENCODING,不合法的字符的再移動等,這個標記對於URLS和URLS-ENDODED頭是有用的

CL (Case Lower)

小寫

CU (Case Upper)

大寫



要重移動頭,FORMAT STRING模式應該生成一個空字符串,例如這一規則將從客戶請求中重移代理信息

RewriteHeader User-Agent: .* $0

並且這一規則將把OLD-URL HEADER 加入請求中。

RewriteCond URL (.*)RewriteHeader Old-URL: ^$ $1

最後一個例子將通過改變請求方法定向所有的WEBDAV請求到/WEBDAV。ASP

RewriteCond METHOD OPTIONS

RewriteRule (.*) /webdav.asp?$1

RewriteHeader METHOD OPTIONS GET

RewriteProxy directive

Syntax: RewriteProxy Pattern FormatString [Flags]

強制目的URI在內部強制为代理需求並且立即通過ISAPI擴展應付代理需求,這將允許IIS作为代理服務器並且重路由到其他站點和服務器

Pattern

限定規則表達式以匹配Request-URI,

FormatString

限定將生成新的URI的FormatString

[Flags]

是一個下列FLAGS的命令分隔列表

D (Delegate security)

代理模式將試圖以當前假冒的用戶資格登陆遠程服務器,

C (use Credentials)

代理模式將試圖一在URL或基本授權頭文件中指定的資格登陆遠程服務器,用這個標記你可以使用http://user:password@host.com/path/ syntax 作为URL

F (Follow redirects)

缺省情況下ISAPI_Rewrite 將試圖將MAP遠程服務器返回的重定向指令到本地服務器命名空間,如果遠程服務器返回重定向點到那台服務器其他的某個位置,ISAPI_Rewrite 將修改這一重定向指令指向本服務器名,這將避免用戶看到真實(內部)服務器名稱

使用F標記強制代理模式內部跟蹤遠程服務器返回的重定向指令,使用這個標記如果你根本不需要接受遠程服務器的重定向指令,在WINHTTP設置中有重定向限制以避免遠程重定向循環

I (ignore case)

不管大小寫強行指定字符匹配

U (Unmangle Log)

當URI是源需求而不是重寫需求時記載URI

O (nOrmalize)

在實行之前標准化字符串。標准化包括URL-ENCODING,不合法的字符的再移動等,這個標記對於URLS和URLS-ENDODED頭是有用的

CacheClockRate directive

Syntax: CacheClockRate Interval

這個指令只在GLOBAL配置內容中出現,如果這個指令在SITE-LEVEL內容中出現將被忽略並把錯誤信息寫入httpd.parse.errors 文件

ISAPI_Rewrite caches每次在第一次加載時配置,使用這個指令你可以限定當一個特定站點從緩存中清理的不活動周期,把這個参數設置的足夠大你可以強制 ISAPI_Rewrite 永不清理緩存,記住任何配置文件的改變將在下次請求後立即更新而忽略這個周期

Interval

限定特定配置被清理出緩存的不作为時間(以秒計),缺省值3600(1小時)

EnableConfig and DisableConfig directives

Syntax:

EnableConfig [SiteID|"Site name"]

DisableConfig [SiteID|"Site name"]

對所選站點激活或不激活SITE-LEVEL配置或者改變缺省配置,缺省SITE-LEVEL配置不激活,這個指令只出現在GLOBAL配置內容中

SiteID

Numeric metabase identifier of a site

Site name

Name of the site as it appears in the IIS console

不用参數使用這個命令將改變缺省配置到ENABLE/DISABLE配置進程

例子

下面例子將使配置僅作用於ID=1(典型是缺省站點)名字是MY SITE的站點

DisableConfig

EnableConfig 1

EnableConfig”My site”

下邊例子將激活名稱为SOMESITE配置因为它分割設置重載了缺省設置

EnableConfig”Some site”

DisableConfig

EnableRewrite and DisableRewrite directives

Syntax:

EnableRewrite [SiteID|"Site name"]

DisableRewrite [SiteID|"Site name"]

對所選站點激活或不激活重寫或者改變缺省配置,缺省重寫配置激活,這個指令只出現在GLOBAL配置內容中

SiteID

Numeric metabase identifier of a site

Site name

Name of the site as it appears in the IIS console.

不使用参數這個命令將全部激活或者不激活

RepeatLimit directive

Syntax: RepeatLimit Limit

這個指令可以出現在GLOBAL和SITE-LEVEL配置文件中,如果出現在GLOBAL配置文件中竟改變GLOBAL對於所有站點的限制,出現在SITE-LEVEL配置中竟只改變對於這個站點的限制並且這個限制不能超過GLOBAL限制

ISAPI_Rewrite在實行規則時允許循環,這個指令允許限制最大可能循環的數量,可以設置为0或1而不支持循環,

LIMIT

限制最大循環數量,缺省32

RFStyle directive

Syntax: RFStyle Old | New

Configuration Utility

ISAPI_Rewrite Full包括配置功用(可以在 ISAPI_Rewrite 程序組中启動),它允許你瀏覽測試狀態並輸入注冊碼(如果在安裝過程中沒有注冊),並且調整部分與代理模式操作相關的產品功能,UTILITY是由三個頁面組成的屬性表

Trial page允許你瀏覽TIRAL狀態並輸入注冊碼(如果在安裝過程中沒有注冊)

Settings page

這頁包含對下列参數的編輯框

Helper URL

這個参數影響過滤器和代理模塊之間的聯系方式,它即可以是以點做前綴的文件擴展名(如 .isrwhlp)也可以是絕對路徑,

第一種情況下擴展名將追加在初始請求URI上並且代理模塊竟通過SCRIPT MAP激活,缺省擴展名isrwhlp在安裝進程中加在global script map 中,如果你改變這個擴展名或者你的應用不繼承global script map 設置你應該手動添加向script map 所需求的入口。這個應該有如下参數

Executable: An absolute path to the rwhelper.dll in the short form

Extension: Desired extension (.isrwhlp is default)

Verbs radio button: All Verbs

Script engine checkbox: Checked

Check that file exists checkbox: Unchecked

我們已經創建了一個WSH script proxycfg.vbs ,可以簡單在一個a script maps中注冊,她位於安裝文件夾並且可以在命令行一如下方式運行

cscript proxycfg.vbs [-r] [MetabasePath]

Optional -r 強制注冊擴展名

Optional MetabasePath parameter allows specification of the first metabase key to process. By default it is “/localhost/W3SVC”.

要在所有現存的 script maps 中注冊你可以以如下命令行激活 script

cscript proxycfg.vbs -r



第二種情況下你應該提供一個URI作为’Helper URL’的值(http://www.xiaojudeng.com/),你也應該map 一個 ISAPI_Rewrite的安裝文件夾作为美意個站點的虛擬文件家

注意:根據顧客反應,IIS5(也許包括IIS4)對長目錄名有問題。所以我們強烈推薦使用短目錄名

Worker threads limit

這個参數限制在代理擴展線程池中工作線程數,缺省为0意味着這個限制等於處理器數量乘以2

Active threads limit

這個参數限制當前運行線程數,這個數量不可大於”Worker threads limit”. 缺省0意思是等於處理器數量

Queue size 這個参數定義最大請求數量,如果你曾經看到Queue timeout expired” 信息在 the Application event log中你可以增加這個参數

Queue timeout

這個参數定義你在內部請求隊列中防止新請求的最大等待時間,如果你曾經看到Queue timeout expired” 信息在 the Application event log中你可以增加這個参數

Connect timeout

以毫秒設定代理模塊連接超時

Send timeout

以毫秒設定代理模塊發送超時

Receive timeout

以毫秒設定代理模塊發送超時

About page.

It contains copyright information and a link to the ISAPI_Rewrite’s web site.

Regular expression syntax

這一部分覆蓋了 ISAPI_Rewrite規定的表達句法

Literals

所有字符都是原意除了 “.”, “*”, “?”, “+”, “(”, “)”, “{”, “}”, “[", "]“, “^” and “$”.,這些字符在用“\”處理時是原意,原意指一個字符匹配自身

Wildcard

The dot character “.” matches any single character except null character and newline character

以下为句法

Repeats

A repeat is an expression that is repeated an arbitrary number of times. An expression followed by “*” can be repeated any number of times including zero. An expression followed by “+” can be repeated any number of times, but at least once. An expression followed by “?” may be repeated zero or one times only. When it is necessary to specify the minimum and maximum number of repeats explicitly, the bounds operator “{}” may be used, thus “a{2}” is the letter “a” repeated exactly twice, “a{2,4}” represents the letter “a” repeated between 2 and 4 times, and “a{2,}” represents the letter “a” repeated at least twice with no upper limit. Note that there must be no white-space inside the {}, and there is no upper limit on the values of the lower and upper bounds. All repeat expressions refer to the shortest possible previous sub-expression: a single character; a character set, or a sub-expression grouped with “()” for example.

Examples:

“ba*” will match all of “b”, “ba”, “baaa” etc.

“ba+” will match “ba” or “baaaa” for example but not “b”.

“ba?” will match “b” or “ba”.

“ba{2,4}” will match “baa”, “baaa” and “baaaa”.

Non-greedy repeats

Non-greedy repeats are possible by appending a ‘?’ after the repeat; a non-greedy repeat is one which will match the shortest possible string.

For example to match html tag pairs one could use something like:

“<\s*tagname[^>]*>(.*?)<\s*/tagname\s*>”

In this case $1 will contain the text between the tag pairs, and will be the shortest possible matching string.

Parenthesis

Parentheses serve two purposes, to group items together into a sub-expression, and to mark what generated the match. For example the expression “(ab)*” would match all of the string “ababab”. All sub matches marked by parenthesis can be back referenced using \N or $N syntax. It is permissible for sub-expressions to match null strings. Sub-expressions are indexed from left to right starting from 1, sub-expression 0 is the whole expression.

Non-Marking Parenthesis

Sometimes you need to group sub-expressions with parenthesis, but don’t want the parenthesis to spit out another marked sub-expression, in this case a non-marking parenthesis (?:expression) can be used. For example the following expression creates no sub-expressions:

“(?:abc)*”

Alternatives

Alternatives occur when the expression can match either one sub-expression or another, each alternative is separated by a “|”. Each alternative is the largest possible previous sub-expression; this is the opposite behaviour from repetition operators.

Examples:

“a(b|c)” could match “ab” or “ac”.

“abc|def” could match “abc” or “def”.

Sets

A set is a set of characters that can match any single character that is a member of the set. Sets are delimited by “[" and "]” and can contain literals, character ranges, character classes, collating elements and equivalence classes. Set declarations that start with “^” contain the compliment of the elements that follow.

Examples:

Character literals:

“[abc]” will match either of “a”, “b”, or “c”.

“[^abc] will match any character other than “a”, “b”, or “c”.

Character ranges:

“[a-z]” will match any character in the range “a” to “z”.

“[^A-Z]” will match any character other than those in the range “A” to “Z”.

Character classes

Character classes are denoted using the syntax “[:classname:]” within a set declaration, for example “[[:space:]]” is the set of all whitespace characters. The available character classes are:

alnum Any alpha numeric character.

alpha Any alphabetical character a-z and A-Z. Other characters may also be included depending upon the locale.

blank Any blank character, either a space or a tab.

cntrl Any control character.

digit Any digit 0-9.

graph Any graphical character.

lower Any lower case character a-z. Other characters may also be included depending upon the locale.

print Any printable character.

punct Any punctuation character.

space Any whitespace character.

upper Any upper case character A-Z. Other characters may also be included depending upon the locale.

xdigit Any hexadecimal digit character, 0-9, a-f and A-F.

word Any word character – all alphanumeric characters plus the underscore.

unicode Any character whose code is greater than 255, this applies to the wide character traits classes only.

There are some shortcuts that can be used in place of the character classes:

\w in place of [:word:]

\s in place of [:space:]

\d in place of [:digit:]

\l in place of [:lower:]

\u in place of [:upper:]

Collating elements

Collating elements take the general form [.tagname.] inside a set declaration, where tagname is either a single character, or a name of a collating element, for example [[.a.]] is equivalent to [a], and [[.comma.]] is equivalent to [,]. ISAPI_Rewrite supports all the standard POSIX collating element names, and in addition the following digraphs: “ae”, “ch”, “ll”, “ss”, “nj”, “dz”, “lj”, each in lower, upper and title case variations. Multi-character collating elements can result in the set matching more than one character, for example [[.ae.]] would match two characters, but note that [^[.ae.]] would only match one character.

Equivalence classes

Equivalenceclassestakethegeneralform[=tagname=] inside a set declaration, where tagname is either a single character, or a name of a collating element, and matches any character that is a member of the same primary equivalence class as the collating element [.tagname.]. An equivalence class is a set of characters that collate the same, a primary equivalence class is a set of characters whose primary sort key are all the same (for example strings are typically collated by character, then by accent, and then by case; the primary sort key then relates to the character, the secondary to the accentation, and the tertiary to the case). If there is no equivalence class corresponding to tagname, then [=tagname=] is exactly the same as [.tagname.].

To include a literal “-” in a set declaration then: make it the first character after the opening “[" or "[^", the endpoint of a range, a collating element, or precede it with an escape character as in "[\-]“. To include a literal “[" or "]” or “^” in a set then make them the endpoint of a range, a collating element, or precede with an escape character.

Line anchors

An anchor is something that matches the null string at the start or end of a line: “^” matches the null string at the start of a line, “$” matches the null string at the end of a line.

Back references

A back reference is a reference to a previous sub-expression that has already been matched, the reference is to what the sub-expression matched, not to the expression itself. A back reference consists of the escape character “\” followed by a digit “1″ to “9″, “\1″ refers to the first sub-expression, “\2″ to the second etc. For example the expression “(.*)\1″ matches any string that is repeated about its mid-point for example “abcabc” or “xyzxyz”. A back reference to a sub-expression that did not participate in any match, matches the null string. In ISAPI_Rewrite all back references are global for entire RewriteRule and corresponding RewriteCond directives. Sub matches are numbered up to down and left to right beginning from the first RewriteCond directive of the corresponding RewriteRule directive, if there is one.

Forward Lookahead Asserts

There are two forms of these; one for positive forward lookahead asserts, and one for negative lookahead asserts:

“(?=abc)” matches zero characters only if they are followed by the expression “abc”.

“(?!abc)” matches zero characters only if they are not followed by the expression “abc”.

Word operators

The following operators are provided for compatibility with the GNU regular expression library.

“\w” matches any single character that is a member of the “word” character class, this is identical to the expression “[[:word:]]”.

“\W” matches any single character that is not a member of the “word” character class, this is identical to the expression “[^[:word:]]”.

“\<” matches the null string at the start of a word.

“\>” matches the null string at the end of the word.

“\b” matches the null string at either the start or the end of a word.

“\B” matches a null string within a word.

Escape operator

The escape character “\” has several meanings.

The escape operator may introduce an operator for example: back references, or a word operator.

The escape operator may make the following character normal, for example “\*” represents a literal “*” rather than the repeat operator.

Single character escape sequences:

The following escape sequences are aliases for single characters:

Escape sequence Character code Meaning

\a 0×07 Bell character.

\t 0×09 Tab character.

\v 0×0B Vertical tab.

\e 0×1B ASCII Escape character.

\0dd 0dd An octal character code, where dd is one or more octal digits.

\xXX 0xXX A hexadecimal character code, where XX is one or more hexadecimal digits.

\x{XX} 0xXX A hexadecimal character code, where XX is one or more hexadecimal digits, optionally a unicode character.

\cZ z-@ An ASCII escape sequence control-Z, where Z is any ASCII character greater than or equal to the character code for ‘@’.

Miscellaneous escape sequences:

The following are provided mostly for perl compatibility, but note that there are some differences in the meanings of \l \L \u and \U:

Escape sequence Meaning

\w Equivalent to [[:word:]].

\W Equivalent to [^[:word:]].

\s Equivalent to [[:space:]].

\S Equivalent to [^[:space:]].

\d Equivalent to [[:digit:]].

\D Equivalent to [^[:digit:]].

\l Equivalent to [[:lower:]].

\L Equivalent to [^[:lower:]].

\u Equivalent to [[:upper:]].

\U Equivalent to [^[:upper:]].

\C Any single character, equivalent to ‘.’.

\X Match any Unicode combining character sequence, for example “a\x 0301″ (a letter a with an acute).

\Q The begin quote operator, everything that follows is treated as a literal character until a \E end quote operator is found.

\E The end quote operator, terminates a sequence begun with \Q.

What gets matched?

The regular expression will match the first possible matching string, if more than one string starting at a given location can match then it matches the longest possible string. In cases where their are multiple possible matches all starting at the same location, and all of the same length, then the match chosen is the one with the longest first sub-expression, if that is the same for two or more matches, then the second sub-expression will be examined and so on. Note that ISAPI_Rewrite uses MATCH algorithm. The result is matched only if the expression matches the whole input sequence. For example:

RewriteCond URL ^/somedir/.* #will match any request to somedir directory and subdirectories, while

RewriteCond URL ^/somedir/ #will match only request to the root of the somedir.

Special note about “pathological” regular expressions

ISAPI_Rewrite uses a very powerful regular expressions engine Regex++ written by Dr. John Maddock. But as any real thing it’s not ideal: There exists some “pathological” expressions which may require exponential time for matching; these all involve nested repetition operators, for example attempting to match the expression “(a*a)*b” against N letter a’s requires time proportional to 2N. These expressions can (almost) always be rewritten in such a way as to avoid the problem, for example “(a*a)*b” could be rewritten as “a*b” which requires only time linearly proportional to N to solve. In the general case, non-nested repeat expressions require time proportional to N2, however if the clauses are mutually exclusive then they can be matched in linear time – this is the case with “a*b”, for each character the matcher will either match an “a” or a “b” or fail, where as with “a*a” the matcher can’t tell which branch to take (the first “a” or the second) and so has to try both.

Boost 1.29.0 Regex++ could detect “pathological” regular expressions and terminate theirs matching. When a rule fails ISAPI_Rewrite sends “500 Internal Server error – Rule Failed” status to a client to indicate configuration error. Also the failed rule is disabled to prevent performance losses

Format string syntax

In format strings, all characters are treated as literals except: “(”, “)”, “$”, “\”, “?”, “:”.

To use any of these as literals you must prefix them with the escape character \

The following special sequences are recognized:

Grouping:

Use the parenthesis characters ( and ) to group sub-expressions within the format string, use \( and \) to represent literal ‘(’ and ‘)’.

Sub-expression expansions:

The following perl like expressions expand to a particular matched sub-expression:

$` Expands to all the text from the end of the previous match to the start of the current match, if there was no previous match in the current operation, then everything from the start of the input string to the start of the match.

$’ Expands to all the text from the end of the match to the end of the input string.

$& Expands to all of the current match.

$0 Expands to all of the current match.

$N Expands to the text that matched sub-expression N.

Conditional expressions:

Conditional expressions allow two different format strings to be selected dependent upon whether a sub-expression participated in the match or not:

?Ntrue_expression:false_expression

Executes true_expression if sub-expression N participated in the match, otherwise executes false_expression.

Example: suppose we search for “(while)|(for)” then the format string “?1WHILE:FOR” would output what matched, but in upper case

Escape sequences:

The following escape sequences are also allowed:

\a The bell character.

\f The form feed character.

\n The newline character.

\r The carriage return character.

\t The tab character.

\v A vertical tab character.

\x A hexadecimal character – for example \x0D.

\x{} A possible unicode hexadecimal character – for example \x{1A0}

\cx The ASCII escape character x, for example \c@ is equivalent to escape-@.

\e The ASCII escape character.

\dd An octal character constant, for example \10

Examples例子

Emulating host-header-based virtual sites on a single site

例如你在兩個域名注冊www.xiaojudeng.com 和 www.jiamengku.com,現在你可以創建兩個不同的站點而使用單一的物理站點。把以下規則加入到你的httpd.ini 文件

[ISAPI_Rewrite]

#Fix missing slash char on folders

RewriteCond Host: (.*)

RewriteRule ([^.?]+[^.?/]) http\://$1$2/ [I,R]

#Emulate site1

RewriteCond Host: (?:www\.)?site1\.com

RewriteRule (.*) /site1$1 [I,L]

#Emulate site2

RewriteCond Host: (?:www\.)?site2\.com

RewriteRule (.*) /site2$1 [I,L]

現在你可以把你的站點放在/site1 和 /site2 目錄中.

或者你可以應用更多的類規則:

[ISAPI_Rewrite]

#Fix missing slash char on folders

RewriteCond Host: (.*)

RewriteRule ([^.?]+[^.?/]) http\://$1$2/ [I,R]

RewriteCond Host: (www\.)?(.+)

RewriteRule (.*) /$2$3

为站點應該命名目錄为 /somesite1.com, /somesite2.info, etc.

Using loops (Next flag) to convert request parameters

假如你希望有物理URL如 http://www.myhost.com/foo.asp?a=A&b=B&c=C 使用請求如 http://www.myhost.com/foo.asp/a/A/b/B/c/C 参數數量可以從兩個請求之間變化

至少有兩個解决辦法。你可以簡單的为每一可能的参數數量添加一個分隔規則或者你可以使用一個技術說明如下面的例子

ISAPI_Rewrite]

RewriteRule (.*?\.asp)(\?[^/]*)?/([^/]*)/([^/]*)(.*) $1(?2$2&:\?)$3=$4$5 [NS,I]

這個規則將從請求的URL中抽取一個参數追加在請求字符的末尾並且從頭重启規則進程。所以它將循環直到所有参數被移動到适當的位置,或者直到超過RepeatLimit

也存在許多這個規則的變種。但使用不同的分隔字符,例如。使用URLS如http://www.myhost.com/foo.asp~a~A~b~B~c~C 可以應中下面的規則:

ISAPI_Rewrite]

RewriteRule (.*?\.asp)(\?[^~]*)?~([^~]*)~([^~]*)(.*) $1(?2$2&:\?)$3=$4$5 [NS,I]

Running servers behind IIS

假如我們有一個內網服務器運行IIS而幾個公司服務器運行其他平台,這些服務器不能從INTERNET直接進入,而只能從我們公司的網络進入,有一個簡單的例子可以使用代理標記映射其他服務器到IIS命名空間:

[ISAPI_Rewrite]

RewriteProxy /mappoint(.+) http\://sitedomain$1 [I,U]

Moving sites from UNIX to IIS

這個規則可以幫助你把URL從 /~username 改變到 /username 和從 /file.html 改變到 /file.htm. 這個在你僅僅把你的站從UNIX移動到IIS並且保持搜索引擎和其他外部頁面對老頁面的連接時是有用的

[ISAPI_Rewrite]

#redirecting to update old links

RewriteRule (.*)\.html $1.htm

RewriteRule /~(.*) http\://myserver/$1 [R]

Moving site location

許多網管問這样的問題:他們要重定向所有的請求到一個新的網络服務器,當你需要建立一個更新的站點取代老的的時候經常出現這样的問題,解决方案是用ISAPI_Rewrite 於老服務器中

[ISAPI_Rewrite]

#redirecting to update old links

RewriteRule (.+) http\://newwebserver$1 [R]

Browser-dependent content

Dynamically generated robots.txt

robots.txt是一個搜索引擎用來發現能不能被索引的文件,但是为一個大站創建一個有許多動態內容的這個文件是很复雜的工作,我們可以寫一個robots.asp script

現在使用單一規則生成 robots.txt

[ISAPI_Rewrite]

RewriteRule /robots\.txt /robots.asp

Making search engines to index dynamic pages

站點的內容存儲在XML文件中,在服務器上有一個/XMLProcess.asp 文件處理XML文件並返回HTML到最終用戶,URLS到文檔有如下形式

http://www.mysite.com/XMLProcess.asp?xml=/somdir/somedoc.xml

但是許多公共引擎不能索引此類文檔,因为URLS包含問號(文檔動態生成),

ISAPI_Rewrite可以完全消除這個問題

[ISAPI_Rewrite]

RewriteRule /doc(.*)\.htm /XMLProcess.asp\?xml=$1.xml

現在使用如同http://www.mysite.com/doc/somedir/somedoc.htm的URL進入文檔,搜索引擎將不知道不是somedoc.htm 文件並且內容是動態生成的

Negative expressions (NOT

有時當模式不匹配你需要應用規則,這種情況下你可以使用在規則表達式中稱为Forward Lookahead Asserts

例如你需要不使用IE把所有用戶移動到別的地點

[ISAPI_Rewrite]

# Redirect all non Internet Explorer users

# to another location

RewriteCond User-Agent: (?!.*MSIE).*

RewriteRule (.*) /nonie$1

Dynamic authentification

例如我們在站點上有一些成員域,我們在這個域上需要密碼保護文件而我們不喜歡用BUILT-IN服務器安全,這個情況下可以建立一個ASP腳本(稱为proxy.asp),這個腳本將代理所有請求到成員域並且檢查請求允許,這裏有一個簡單的模板你可以放進你自己的授權代碼

現在我們要通過配置 ISAPI_Rewrite 通過這個頁面代理請求:

[ISAPI_Rewrite]

# Proxy all requests through proxy.asp

RewriteRule /members(.+) /proxy.asp\?http\://mysite.com/members$1

保護圖片 防止盜鏈
Blocking inline-images (stop hot linking

假設我們在http://www.xiaojudeng.com/下有些頁面調用一些GIF、jpg、png圖片,不允許別人盜鏈引用到他們自己的頁面上,因为這样大大增加了服務器流量。
當然我們不能100%保護圖片,但我們至少可以在得到瀏覽器發出的HTTP Referer header的地方限制這種情況,因为這個可以判斷是否我們自己的站點調用了我們自己的圖片。

[ISAPI_Rewrite]

RewriteCond Host: (.+)

RewriteCond Referer: (?!http://\1.*).*

RewriteRule .*\.(?:gif|jpg|png) /block.gif [I,O]

注:ISAPI_Rewrite分精簡(Lite)和完全(Full)版.精簡版不支持對每個虛擬主機站點進行重寫,只能進行全局處理.不過對於有服務器的朋友,精簡版也就夠啦.精簡版下載地址:http://www.helicontech.com/download/,就是那Lite Version (free)啦。

本文由小桔燈分類信息網www.xiaojudeng.com原創,轉載請注明出處.

創作者介紹
創作者 shadow 的頭像
shadow

資訊園

shadow 發表在 痞客邦 留言(0) 人氣()