Home > Article > Operation and Maintenance > How to configure Nginx anti-hotlinking method
How to configure Nginx anti-hotlinking method
- PHPzforward
- 2023-05-15 13:28:111545browse
Requirements:
Usually, sites want to protect the videos and pictures on their websites from being stolen. After all, video traffic costs money in vain (rich people don’t need to think about it) )~~.
1. Let’s get straight to the point, first load the nginx configuration file
server {
listen 80;
server_name www.test.com;
root /data/web/;
index index.php index.html;
access_log /data/logs/nginx/biao.madacode.access.log main;
location /{
root /home/data/;
}
error_page 404 /usr/local/nginx/html/404.html;
location ~ .*\.(wma|wmv|asf|mp3|mp4|mmf|zip|rar|jpg|gif|png|swf|flv)$
{
valid_referers none blocked server_names *.test.com http://ip;
if ($invalid_referer) {
return 403;
}
expires 24h;
access_log off;
}
location ~ /\.
{
deny all;
}
}2. Explanation of the anti-hotlink core configuration file
location ~ .*\.(wma|wmv|asf|mp3|mp4|mmf|zip|rar|jpg|gif|png|swf|flv)$
{
valid_referers none blocked server_names *.test.com http://ip;
if ($invalid_referer) {
return 403;
}
expires 24h;
access_log off;
} vaild_referers Valid reference connections are as follows, otherwise it will enter $invaild_refere and return 403 forbidden.
1. none
"referer" source header is empty
2.blocked
"referer" source header is not empty. However, the values inside were deleted by the proxy or firewall. These values do not start with http:// or https://.
3. server_names
The "referer" source header contains the current server_names (current domain name)
3. Simulation case test
1. Add --referer simulation reference, and see the result of 403 directly. Prove that the above configuration is ok
[root@test]# curl --referer http://baidu.com -i http://www.test.com/temp/t19254/20190820/video_out_out/1/0011.mp4 http/1.1 403 forbidden server: tengine date: wed, 21 aug 2019 09:54:44 gmt content-type: text/html content-length: 639 connection: keep-alive
The above is the detailed content of How to configure Nginx anti-hotlinking method. For more information, please follow other related articles on the PHP Chinese website!