Nginx配置防盜鏈
進入Nginx配置文件:
[root@LHQ vhosts]# vim test.conf
server
{
listen 80;
server_name www.test.com www.aaa.com www.bbb.com;
if ($host != 'www.test.com')
{
rewrite ^/(.*)$ http://www.test.com/$1 permanent;
}
index index.html index.htm index.php;
root /data/www;
access_log /tmp/access.log qiangzi;
location ~ .*admin\.php$ {
auth_basic "aminglinux auth";
auth_basic_usre_file /usr/local/nginx/conf/.htpasswd;
include fastcgi_params;
fastcgi_pass unix:/tmp/www.sock;
#fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /data/www$fastcgi_script_name;
}
location ~.*\.(gif|jpg|jpeg|png|bmp|swf|flv|rar|zip|gz|bz2)$
{
access_log off;
expires 15d;
valid_referers none blocked *.test.com *.aaa.com; (可用的referer)
if ($invalid_referer) (if:是如果的意思;valid_referers反義詞invalid_referer)
{
return 403;
}
}
localtion ~\(js|css)
{
access_log off;
expires 2h;
}
location ~(static|cache)
{
access_log off;
}
location ~ \.php$ {
include fastcgi_params;
fastcgi_pass unix:/tmp/www.sock;
#fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /data/www$fastcgi_script_name;
}
}
保存退出
查看文件是否有錯:
[root@LHQ vhosts]# /usr/local/nginx/sbin/nginx -t
[root@LHQ vhosts]# /usr/local/nginx/sbin/nginx -s reload (重新加載)
[root@LHQ vhosts]# curl -e "http://www.baidu.com/1111" -I -x127.0.0.1:80 '要做防盜鏈的網站圖片地址'
(選項:-e指定referer;百度的referer不是真實存在的,只爲做防盜鏈測試,如果是403則防盜鏈設置成功)