conditional within an "if" in Nginx

December 17, 2014 127.4k views
cesarapodacamon
By:
cesarapodacamon

Is it possible to do more than one comparison within an “if” in Nginx? For instance in a language like JAVA we use “if(comparison 1 || comparison 2)” and the || works as an “or”

1 comment
  • czerasz January 25, 2016

    Nginx doesn’t allow multiple or nested if statements.

    But you could do something like this (not elegant):

    if ( <condition 1> ) {
  set $test  "1";
}

if ( <condition 2> ) {
  set $test  "${test}1";
}

# $test can have the following values:
# - 00
# - 01
# - 10
# - 11 

# Truthy if <condition 1> or <condition 2>
if ( $test ~* "1" ) {
  # Executed if $test has one of the following values:
  # - 01
  # - 10
  # - 11 
}
Sign In to Comment
4 Answers
asb MOD December 17, 2014

In general, if statements should be avoided when possible, particularly inside location blocks. From the aptly titled “If Is Evil”:

Directive if has problems when used in location context, in some cases it doesn’t do what you expect but something completely different instead. In some cases it even segfaults. It’s generally a good idea to avoid it if possible.

The only 100% safe things which may be done inside if in location context are:

  • return ...;
  • rewrite ... last;

Anything else may possibly cause unpredictable behaviour, including potential SIGSEGV.

As to your specific question, you can leverage regex to have multiple matches in the condition but not multiple conditions. So you can do something like:

if ($geoip_country_code ~ (BR|CN|KR|RU|UA) ) {
    # Do something
}

but not:

if ($geoip_country_code ~ (US|CA) ) | ($http_cookie ~* "CCCC=.+(?:;|$)"  ) {
    # Do something else
}

There are some workarounds using multiple if statements. Check out this post.

ZenCocoon November 23, 2015

You can also use something like:

    if ($request_uri = /) {
      set $test "root";
    }

    if ($host ~* zencocoon.com) {
      set $test  "${test}+zencocoon.com";
    }

    if ($http_cookie !~* "auth_token") {
      set $test  "${test}+no_auth_token";
    }

    if ($test = "root+zencocoon.com+no_auth_token") {
      proxy_pass http://www.zencocoon.com;
      break;
    }

Taken from https://gist.github.com/jrom/1760790

testinaweb May 8, 2015
AlexeyPortnov April 11, 2018

Using so many ‘if’ is bad practice and in most case means misunderstanding of nginx way configuration, the real power of nginx.

1) Regarding
if ($request_uri = /) {}

Writing such statement means you do not understand nginx 'location’ directive.
Location is already optimized for checking $request_uri againt expressions. It works faster and safer.

So your statement can be replaced with more proper
location = / {
}

2) Regarding other 'if’ - in most cases it can be reduced with nginx 'map’.

This statement:

if ($host ~* zencocoon.com) {
set $test “${test}+zencocoon.com”;
}

if ($http_cookie !~* "auth_token") {
  set $test  "${test}+no_auth_token";
}

if ($test = "root+zencocoon.com+no_auth_token") {
  proxy_pass http://www.zencocoon.com;
  break;
}

Can be rewritten with

map “$hostname:$httpcookie” $passtoproxy {
default 0;
“~*zencocoon.com:?!authtoken” 1;
}

if ($passtoproxy) {
proxy_pass http://www.zencocoon.com;
break;
}

It’s more short, safe, elegant and nginx-way.

Have another answer? Share your knowledge.