Regular expressions (regex) are one of the most powerful tools in a developer's toolkit — and one of the most intimidating. They can match, search, and replace text patterns with surgical precision, but their cryptic syntax scares away many programmers.
This guide will take you from regex basics to advanced patterns, with practical examples you can test immediately using our Regex Tester.
What Are Regular Expressions?
A regular expression is a sequence of characters that defines a search pattern. Originally developed in the 1950s by mathematician Stephen Cole Kleene, regex is now supported by virtually every programming language, text editor, and command-line tool.
At its core, regex answers the question: "Does this string match this pattern?"
Basic Syntax — Building Blocks
Literal Characters
The simplest regex is just a plain string. The pattern hello matches the text "hello" exactly. But regex becomes powerful when you use special characters called metacharacters.
Character Classes
[abc] — Matches any single character: a, b, or c.
[a-z] — Matches any lowercase letter.
[0-9] — Matches any digit.
[^abc] — Matches any character EXCEPT a, b, or c.
Shorthand Classes
\d — Any digit (same as [0-9]).
\w — Any word character: letter, digit, or underscore.
\s — Any whitespace: space, tab, newline.
Capital versions (\D, \W, \S) match the opposite.
Anchors
^ — Start of string (or line, with the m flag).
$ — End of string (or line).
\b — Word boundary.
Quantifiers
* — Zero or more times.
+ — One or more times.
? — Zero or one time.
{3} — Exactly 3 times.
{2,5} — Between 2 and 5 times.
Practical Patterns Every Developer Needs
Email Validation
A practical email regex that covers most real-world addresses:
[\w.-]+@[\w.-]+\.[a-zA-Z]{2,}
This matches user@example.com, first.last@company.co.uk, and similar patterns. It's not RFC 5322 complete (no regex truly is), but it works for form validation.
URL Matching
https?:\/\/[^\s]+
Matches URLs starting with http:// or https:// followed by any non-whitespace characters. For stricter validation, you'd add domain and path pattern constraints.
Phone Numbers (US Format)
\(?\d{3}\)?[-.\s]?\d{3}[-.\s]?\d{4}
Handles formats like (555) 123-4567, 555.123.4567, 555-123-4567, and 5551234567.
IPv4 Address
\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}
Basic pattern — note this doesn't validate that each octet is 0–255. For strict validation, you'd need a more complex pattern.
Hex Color Codes
#[0-9A-Fa-f]{3,8}
Matches CSS hex colors including shorthand (#fff), standard (#ffffff), and with alpha channel (#ffffff80).
ISO Date Format
\d{4}-\d{2}-\d{2}
Matches dates like 2026-03-22. Combine with time patterns for full ISO 8601 datetime matching.
Groups and Backreferences
Capturing groups (pattern) let you extract parts of a match. For example, in the URL pattern (https?):\/\/([^/]+)(.*), group 1 captures the protocol, group 2 the domain, and group 3 the path.
Non-capturing groups (?:pattern) group without capturing, which is useful when you need grouping for alternation but don't need the captured value.
Backreferences \1 refer to previously captured groups. The pattern (\w+)\s+\1 matches repeated words like "the the" — useful for finding typos.
Lookahead and Lookbehind
These zero-width assertions check for patterns without consuming characters:
(?=pattern) — Positive lookahead: matches if followed by pattern.
(?!pattern) — Negative lookahead: matches if NOT followed by pattern.
(?<=pattern) — Positive lookbehind: matches if preceded by pattern.
(?<!pattern) — Negative lookbehind: matches if NOT preceded by pattern.
Example: \d+(?= dollars) matches numbers followed by " dollars" without including "dollars" in the match.
Flags That Change Behavior
g — Global: find all matches, not just the first.
i — Case-insensitive matching.
m — Multiline: ^ and $ match line starts/ends.
s — Dotall: . matches newline characters too.
Try different flag combinations in our Regex Tester to see how they affect matching behavior.
Replace Mode — Find and Replace
Regex isn't just for matching — it's incredibly powerful for text transformation. Our Regex Tester's Replace mode lets you use group references like $1 and $2 in replacement strings.
Example: Transform John Smith to Smith, John using pattern (\w+) (\w+) and replacement $2, $1.
Common Mistakes to Avoid
Greedy vs. lazy quantifiers: .* is greedy (matches as much as possible). Add ? to make it lazy: .*? matches as little as possible. This matters enormously when parsing HTML or structured text.
Forgetting to escape special characters: Characters like ., *, +, ?, (, ), [, ] have special meaning. Escape them with \ when you want literal matches.
Catastrophic backtracking: Patterns like (a+)+b can cause exponential processing time on certain inputs. Always test your regex against edge cases.
Testing Your Patterns
The best way to learn regex is by practice. Our Regex Tester provides instant visual feedback as you type, with match highlighting, group extraction, and code generation for JavaScript and Python.
Start with the quick pattern library — pre-built patterns for email, URL, phone numbers, dates, IP addresses, HTML tags, and credit card numbers — and modify them to fit your specific needs.
Conclusion
Regular expressions are a fundamental skill for any developer. While the syntax can be daunting at first, the patterns in this guide cover the vast majority of real-world use cases. Practice regularly, use tools like our Regex Tester for immediate feedback, and you'll be writing complex patterns with confidence in no time.