zoukankan      html  css  js  c++  java
  • FastDFS防盗链

    FastDFS扩展模块内置了通过token来实现防盗链的功能。开启防盗链后,访问文件是需要在url中加两个参数:token和ts。ts为时间戳,token为系统根据时间戳和密码生成的信物。为了系统的安全,下面一起来开启防盗链吧!

    1. 配置http访问

    1.1 开启防盗链检查

    vim /etc/fdfs/http.conf

    # HTTP default content type
    http.default_content_type = application/octet-stream
    
    # MIME types mapping filename
    # MIME types file format: MIME_type  extensions
    # such as:  image/jpeg  jpeg jpg jpe
    # you can use apache's MIME file: mime.types
    http.mime_types_filename=mime.types
    
    # if use token to anti-steal
    # default value is false (0)
    http.anti_steal.check_token=true       # 修改1,开启防盗链检查
    
    # token TTL (time to live), seconds
    # default value is 600
    http.anti_steal.token_ttl=900  # 选择性修改token的过期时间
    
    # secret key to generate anti-steal token
    # this parameter must be set when http.anti_steal.check_token set to true·
    # the length of the secret key should not exceed 128 bytes
    http.anti_steal.secret_key=123456    # 修改2,防盗链密码
    
    # return the content of the file when check token fail
    # default value is empty (no file sepecified)
    http.anti_steal.token_check_fail=/root/error.jpg    # 修改3,配置拒绝访问后显示的图片,需要是个有效可访问的图片
    
    # if support multi regions for HTTP Range
    # default value is true
    http.multi_range.enabed = true
    

    1.2 重启nginx

    service nginx restart 
    # 或
    nginx -s reload
    

    1.3 验证

    1. 没有开启防盗链,文件可以正常访问:

    2. 成功开启防盗链后,访问文件时携带了错误的token,文件不能访问并且显示访问出错的图片

    3. 携带正确的token,效果已经达到,只要保证密码不被泄露,我们的文件就是相对安全的

    2. 开发服务端代码修改

    2.1 fdfs_client.conf配置

    http.anti_steal_token = true  # 启动防盗链
    http.secret_key = 123456   # 防盗链密码
    
    tracker_server=192.168.56.10:22122
    tracker_server=192.168.56.11:22122
    

     

    2.2 服务器端

    服务器端为文件访问生成token
    remoteFilename:不能加group1(group name)

    package com.aixin.tuna.fdfs;
    
    import org.csource.common.MyException;
    import org.csource.fastdfs.ProtoCommon;
    
    import java.io.UnsupportedEncodingException;
    import java.security.NoSuchAlgorithmException;
    
    /**
     * Created by dailin on 2018/6/12.
     */
    public class FdfsFDL {
        public static void main(String[] args) throws UnsupportedEncodingException, NoSuchAlgorithmException, MyException {
            String fileName = "M00/00/00/wKg4C1tFmTWAFPKBAADdeFFxlXA240.png";
            String host = "http://192.168.56.10:8888";
            String secretKey = "123456";
            String sourceUrl = getSourceUrl(fileName, host, secretKey);
            System.out.println(sourceUrl);
        }
    
        /**
         * 生成防盗链token
         * @param remoteFilename 文件路径,不带group:M00/00/00/wKg4C1tFmTWAFPKBAADdeFFxlXA240.png
         * @param httpHost         文件服务器web访问地址
         * @param secretKey         密码
         * @return
         * @throws UnsupportedEncodingException
         * @throws NoSuchAlgorithmException
         * @throws MyException
         */
        public static String getSourceUrl(String remoteFilename, String httpHost,String secretKey) throws UnsupportedEncodingException, NoSuchAlgorithmException, MyException {
            int lts = (int)(System.currentTimeMillis() / 1000);
            String token = ProtoCommon.getToken(remoteFilename, lts, secretKey); //初始化secret_key
            return httpHost + "/" + remoteFilename + "?token=" + token + "&ts=" + lts;
        }
    }

    得到

    http://192.168.56.10:8888/M00/00/00/wKg4C1tFmTWAFPKBAADdeFFxlXA240.png?token=2fd428c6acc14126239e3a7d7d1d872b&ts=153
  • 相关阅读:
    Linux下文件权限的设置
    JavaEE中一些缩写的含义
    Xcode7.1环境下上架iOS App到AppStore 流程 转
    iOS UILabel UITextView自适应文本,或文本大小自适应
    Xcode常用快捷键总结
    iOS9的新特性以及适配方案-----转载
    Python下读取转换unicode的json格式
    python pip 不能用报错: ImportError: No module named _internal
    Python获取二维数组的行列数
    Python作用域
  • 原文地址:https://www.cnblogs.com/xiaolinstudy/p/9341779.html
Copyright © 2011-2022 走看看