apache 防盗链
apache 配置防盗链
防止其他网站引用图片资源等
方法1
- 通过限制referer来实现防盗链的功能
- vim /usr/local/apache2.4/conf/extra/httpd_vhosts.conf
<Directory /data/www/test01>
SetEnvIfNoCase Referer "http://www.test01.com" local_ref
SetEnvIfNoCase Referer "http://test01.com" local_ref
SetEnvIfNoCase Referer "^$" local_ref
<filesmatch "\.(txt|doc|mp3|zip|rar|jpg|gif)">
Order Allow,Deny
Allow from env=local_ref
</filesmatch>
</Directory>
- curl -e “http://test02.com“ -x192.168.31.20:80 www.test01.com #自定义referer
方法2
-
编辑httpd-vhosts.conf,利用转发功能 选项去防盗链
-
referer 前一个访问链接,(从哪个网站来访问的)
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTP_REFERER} !http://www.test01.com.*$ [NC] #本机访问不进行转发,原样查找
RewriteCond %{HTTP_REFERER} !^$ [NC] #referer 为空也是不进行转发,原样查找(referer 为空,就是直接访问这个服务器而不是通过其他网站链接上来)
#RewriteCond expr "! %{HTTP_REFERER} -strmatch 'http://test01.com/.*$'" [NC]
RewriteRule .*\.jpg https://www.baidu.com [R=301,NC]
</IfModule>
- curl 测试 -e http://www.test01.com/ #设置referer 网址
[root@xujb01 conf]# curl -x192.168.31.20:80 http://test01.com/sm.jpg -I
HTTP/1.1 200 OK
Date: Tue, 26 Dec 2017 11:50:02 GMT
Server: Apache/2.4.26 (Unix) PHP/5.6.30
Last-Modified: Tue, 26 Dec 2017 11:49:57 GMT
ETag: "ce875-5613ce1c8e9aa"
Accept-Ranges: bytes
Content-Length: 845941
MyHeader: hello world
Content-Type: image/jpeg
---------------------------------------------------------------
[root@xujb01 conf]# curl -x192.168.31.20:80 -e http://www.test01.com/ http://test01.com/sm.jpg -I
HTTP/1.1 200 OK
Date: Tue, 26 Dec 2017 11:51:40 GMT
Server: Apache/2.4.26 (Unix) PHP/5.6.30
Last-Modified: Tue, 26 Dec 2017 11:49:57 GMT
ETag: "ce875-5613ce1c8e9aa"
Accept-Ranges: bytes
Content-Length: 845941
MyHeader: hello world
Content-Type: image/jpeg
-------------------------------------------------------------------
[root@xujb01 conf]# curl -x192.168.31.20:80 -e http://www.xx.com/ http://test01.com/sm.jpg -I
HTTP/1.1 301 Moved Permanently
Date: Tue, 26 Dec 2017 11:40:26 GMT
Server: Apache/2.4.26 (Unix) PHP/5.6.30
Location: https://www.baidu.com
Content-Type: text/html; charset=iso-8859-1