zoukankan      html  css  js  c++  java
  • 防资源盗链

    1)配置被盗链的网站

    [root@web02 /etc/nginx/conf.d]# vim beidaolian.conf
    server {
        listen 80;
        server_name linux.beidaolian.com;
    
        location / {
            root /code/beidaolian;
            index index.html;
        }
    }
    
    [root@web02 /etc/nginx/conf.d]# mkdir /code/beidaolian
    [root@web02 /etc/nginx/conf.d]# cd /code/beidaolian/
    [root@web02 /code/beidaolian]# rz
    [root@web02 /code/beidaolian]# ll
    total 13444
    -rw-r--r-- 1 root root   18632 2020-09-11 15:57 1.jpg
    -rw-r--r-- 1 root root  471421 2020-09-11 15:57 3.jpg

    2)配置盗链的网站

    [root@web01 /]# vim /etc/nginx/conf.d/daolian.conf
    server {
        listen 80;
        server_name linux.daolian.com;
        root /code/cache;
    }
    
    [root@web01 /]# vim /code/cache/index.html 
    <img src="http://linux.beidaolian.com/1.jpg" />
    
    #配置hosts
    [root@web01 /]# vim /etc/hosts
    10.0.0.8 linux.beidaolian.com
    
    #windows配置访问页面
    10.0.0.7 linux.daolian.com
    访问http://linux.daolian.com/

    3)配置防盗链语法

    Syntax:    valid_referers none | blocked | server_names | string ...;
    Default:    —
    Context:    server, location
    
    none        #nginx日志中referer部分为空
    blocked        #nginx日志中referer部分没有携带协议,没有http或者https
    server_names    #nginx日志中referer部分为指定的域名

    4)防盗链配置

    [root@web02 /code/beidaolian]# cat /etc/nginx/conf.d/beidaolian.conf 
    server {
        listen 80;
        server_name linux.beidaolian.com;
    
        location / {
            root /code/beidaolian;
            index index.html;
        }
    
        location ~* .jpg$ {
            root /code/beidaolian;
            #valid_referers none blocked server_name linux.beidaolian.com *.baidu.com;
            valid_referers none blocked linux.beidaolian.com;
            if ($invalid_referer) {
                return 403;
            }
        }
    }

    5)伪造referer请求头

    [root@web01 ~]# curl -e "http://linux.daolian.com" -I linux.beidaolian.com/1.jpg
    HTTP/1.1 500 Internal Server Error
    Server: nginx/1.18.0
    Date: Fri, 11 Sep 2020 08:23:52 GMT
    Content-Type: text/html
    Content-Length: 177
    Connection: close
    
    [root@web01 ~]# curl -e "http://linux.beidaolian.com" -I linux.beidaolian.com/1.jpg
    HTTP/1.1 200 OK
    Server: nginx/1.18.0
    Date: Fri, 11 Sep 2020 08:24:19 GMT
    Content-Type: image/jpeg
    Content-Length: 18632
    Last-Modified: Fri, 11 Sep 2020 07:57:48 GMT
    Connection: keep-alive
    ETag: "5f5b2dfc-48c8"
    Accept-Ranges: bytes
  • 相关阅读:
    Ubuntu安装deb软件包错误(依赖关系问题)解决
    scrapy抓取的中文结果乱码解决办法
    删除Git记录里的大文件
    Ubuntu18.04 修改DNS
    linux实现ssh免密码登录
    Vim进阶指南
    查找相同图片并重命名
    Markdown进阶指南
    一眼看穿flatMap和map的区别
    Java8简明指南
  • 原文地址:https://www.cnblogs.com/chenlifan/p/13652094.html
Copyright © 2011-2022 走看看