zoukankan      html  css  js  c++  java
  • 防盗链配置

    1. 防盗链配置

    配置要点

    • none : 允许没有http_refer的请求访问资源;
    • blocked : 允许不是http://开头的,不带协议的请求访问资源;
    • 119.28.190.215 : 只允许指定ip来的请求访问资源;
    location ~ .*.(jpg|gif|png)$ {
        valid_referers none blocked 119.28.190.215;
        if ($invalid_referer) {
            return 403;
        }
        root  /opt/app/code/images;
    }
    

    2. 重载nginx服务

    [root@localhost ~]# nginx -s reload -c /etc/nginx/nginx.conf
    

    3. 测试防盗链

    3.1 不带http_refer

    [root code]# curl -I http://119.28.190.215/1.jpg
    HTTP/1.1 200 OK
    Server: nginx/1.12.2
    Date: Thu, 30 Nov 2017 18:26:10 GMT
    Content-Type: image/jpeg
    Content-Length: 68227
    Last-Modified: Thu, 30 Nov 2017 17:46:19 GMT
    Connection: keep-alive
    ETag: "5a2043eb-10a83"
    Accept-Ranges: bytes
    

    3.2 带非法http_refer

    [root code]# curl -e "http://www.baidu.com" -I http://119.28.190.215/1.jpg
    HTTP/1.1 403 Forbidden
    Server: nginx/1.12.2
    Date: Thu, 30 Nov 2017 18:25:52 GMT
    Content-Type: text/html
    Content-Length: 169
    Connection: keep-alive
    

    3.3 带合法http_refer

    [root code]# curl -e "http://119.28.190.215" -I http://119.28.190.215/1.jpg
    HTTP/1.1 200 OK
    Server: nginx/1.12.2
    Date: Thu, 30 Nov 2017 18:27:30 GMT
    Content-Type: image/jpeg
    Content-Length: 68227
    Last-Modified: Thu, 30 Nov 2017 17:46:19 GMT
    Connection: keep-alive
    ETag: "5a2043eb-10a83"
    Accept-Ranges: bytes
    

    4. 其他配置

    4.1 匹配域名

    location ~ .*.(jpg|gif|png)$ {
        valid_referers ~/google./;
        if ($invalid_referer) {
            return 403;
        }
        root  /opt/app/code/images;
    }
    
  • 相关阅读:
    Mysql事务隔离级
    51nod1076(tarjan)
    求无向图的割点和桥模板(tarjan)
    51nod1770(xjb)
    51nod1640(kruscal)
    51nod1639(组合数学)
    51nod1625(枚举&贪心)
    51nod1562(set&模拟)
    51nod1483(打表)
    51nod1475(贪心&枚举)
  • 原文地址:https://www.cnblogs.com/LoveShare/p/12972076.html
Copyright © 2011-2022 走看看