Discuz!x3.5 nginx 伪静态规则安全写法之一

1. location ~ / {
   
2. # 1. 主题页重写
   
3. # 原: rewrite ^([^\.]*)/topic-(.+)\.html$ $1/portal.php?mod=topic&topic=$2 last;
   
4. rewrite ^(?<prefix>[^\.]*)/topic-(?<topic>.+)\.html$ $prefix/portal.php?mod=topic&topic=$topic last;
   
5. 
   
6. # 2. 文章页重写
   
7. # 原: rewrite ^([^\.]*)/article-([0-9]+)-([0-9]+)\.html$ $1/portal.php?mod=view&aid=$2&page=$3 last;
   
8. rewrite ^(?<prefix>[^\.]*)/article-(?<aid>[0-9]+)-(?<page>[0-9]+)\.html$ $prefix/portal.php?mod=view&aid=$aid&page=$page last;
   
9. 
   
10. # 3. 论坛列表页重写
    
11. # 原: rewrite ^([^\.]*)/forum-(\w+)-([0-9]+)\.html$ $1/forum.php?mod=forumdisplay&fid=$2&page=$3 last;
    
12. rewrite ^(?<prefix>[^\.]*)/forum-(?<fid>\w+)-(?<page>[0-9]+)\.html$ $prefix/forum.php?mod=forumdisplay&fid=$fid&page=$page last;
    
13. 
    
14. # 4. 帖子详情页重写
    
15. # 原: rewrite ^([^\.]*)/thread-([0-9]+)-([0-9]+)-([0-9]+)\.html$ $1/forum.php?mod=viewthread&tid=$2&extra=page%3D$4&page=$3 last;
    
16. rewrite ^(?<prefix>[^\.]*)/thread-(?<tid>[0-9]+)-(?<page>[0-9]+)-(?<extra_page>[0-9]+)\.html$ $prefix/forum.php?mod=viewthread&tid=$tid&extra=page%3D$extra_page&page=$page last;
    
17. 
    
18. # 5. 群组页重写
    
19. # 原: rewrite ^([^\.]*)/group-([0-9]+)-([0-9]+)\.html$ $1/forum.php?mod=group&fid=$2&page=$3 last;
    
20. rewrite ^(?<prefix>[^\.]*)/group-(?<fid>[0-9]+)-(?<page>[0-9]+)\.html$ $prefix/forum.php?mod=group&fid=$fid&page=$page last;
    
21. 
    
22. # 6. 空间页重写 (支持 username 或 uid)
    
23. # 原: rewrite ^([^\.]*)/space-(username|uid)-(.+)\.html$ $1/home.php?mod=space&$2=$3 last;
    
24. # 注意: 此处 $2 是动态参数名 (username/uid)，$3 是值。使用命名捕获后，变量名分别为 $type 和 $value
    
25. rewrite ^(?<prefix>[^\.]*)/space-(?<type>username|uid)-(?<value>.+)\.html$ $prefix/home.php?mod=space&$type=$value last;
    
26. 
    
27. # 7. 博客页重写
    
28. # 原: rewrite ^([^\.]*)/blog-([0-9]+)-([0-9]+)\.html$ $1/home.php?mod=space&uid=$2&do=blog&id=$3 last;
    
29. rewrite ^(?<prefix>[^\.]*)/blog-(?<uid>[0-9]+)-(?<id>[0-9]+)\.html$ $prefix/home.php?mod=space&uid=$uid&do=blog&id=$id last;
    
30. 
    
31. # 8. 索引动作重写 (fid/tid)
    
32. # 原: rewrite ^([^\.]*)/(fid|tid)-([0-9]+)\.html$ $1/index.php?action=$2&value=$3 last;
    
33. rewrite ^(?<prefix>[^\.]*)/(?<action>fid|tid)-(?<value>[0-9]+)\.html$ $prefix/index.php?action=$action&value=$value last;
    
34. 
    
35. # 9. 插件页重写
    
36. # 原: rewrite ^([^\.]*)/([a-z]+[a-z0-9_]*)-([a-z0-9_\-]+)\.html$ $1/plugin.php?id=$2:$3 last;
    
37. rewrite ^(?<prefix>[^\.]*)/(?<plugin_id>[a-z]+[a-z0-9_]*)-(?<plugin_identifier>[a-z0-9_\-]+)\.html$ $prefix/plugin.php?id=$plugin_id:$plugin_identifier last;
    
38. 
    
39.         if (!-e $request_filename) {
    
40.                         return 404;
    
41.         }
    
42. }
    
43. 
    

复制代码

不升级nginx可以防护 CVE-2026-42945 安全漏洞