Nginx 怎样配置防盗链
|
一、单刀直入,先上nginx配置文件 server { listen 80; server_name ; root /data/web/; index index.php index.html; access_log /data/logs/nginx/biao.madacode.access.log main;
location /{ root /home/data/; }
error_page 404 /usr/local/nginx/html/404.html;
location ~ .*.(wma|wmv|asf|mp3|mp4|mmf|zip|rar|jpg|gif|png|swf|flv)$ { valid_referers none blocked server_names *.test.com ; if ($invalid_referer) { return 403; } expires 24h; access_log off;
} location ~ /. { deny all; }
} 二、防盗链核心配置文件解释 location ~ .*.(wma|wmv|asf|mp3|mp4|mmf|zip|rar|jpg|gif|png|swf|flv)$ { valid_referers none blocked server_names *.test.com ; if ($invalid_referer) { return 403; } expires 24h; access_log off;
} vaild_referers 有效的引用连接,如下,否则就进入$invaild_refere,返回403 forbiden。 1. none "Referer" 来源头部为空的情况 2. blocked "Referer"来源头部不为空,但是里面的值被代理或者防火墙删除了,这些值都不以或者https://开头. 3. server_names "Referer"来源头部包含当前的server_names(当前域名) 三、模拟案例测试 添加 --referer 模拟引用,看结果直接403.证明上面配置是OK的 [root@test]# curl --referer -I HTTP/1.1 403 Forbidden Server: Tengine Date: Wed, 21 Aug 2019 09:54:44 GMT Content-Type: text/html Content-Length: 639 Connection: keep-alive (编辑:晋中站长网) 【声明】本站内容均来自网络,其相关言论仅代表作者个人观点,不代表本站立场。若无意侵犯到您的权利,请及时与联系站长删除相关内容! |
