LNMP-Nginx防盗链

一、配置

 

1：编写conf文件

[root@host ~]# vim /usr/local/nginx/conf/vhosts/test.conf

说明：valid_referers none blocked *.test.com这段表示将test.com加入白名单

if($invalid_referer）

 

{

     return 403;

   }

上面这段表示其它域名让其返回403页面

 

加入以下内容 

location ~* ^.+\.(gif|jpg|png|swf|flv|rar|zip|doc|pdf|gz|bz2|jpeg|bmp|xls)$

{

expires 7d;

valid_referers none blocked server_names *.test.com ;

if ($invalid_referer) {

return 403;

}

access_log off;

}

 

 

 

二、测试

 

1：crul加-e选项，指定白名单外的baidu.com访问图片的url测试

[root@host ~]# curl -e "http://www.baidu.com/1.txt"  -x127.0.0.1:80 -I test.com/2.jpg

HTTP/1.1 403 Forbidden

Server: nginx/1.6.2

Date: Wed, 21 Jun 2017 07:04:08 GMT

Content-Type: text/html

Content-Length: 168

Connection: keep-alive

显示403状态码说明防盗链成功

 

2：用白名单内的test.com访问测定

[root@host ~]# curl -e "http://www.test.com/111" -x127.0.0.1:80 -I test.com/2.jpg

HTTP/1.1 200 OK

Server: nginx/1.6.2

Date: Wed, 21 Jun 2017 07:05:25 GMT

Content-Type: image/gif

Content-Length: 327

Last-Modified: Tue, 31 May 2016 03:08:36 GMT

Connection: keep-alive

ETag: "574d0034-147"

Expires: Thu, 06 Jul 2017 07:05:25 GMT

Cache-Control: max-age=1296000

Accept-Ranges: bytes

显示200状态码