nginx防盗链配置与负载均衡

location ~*^.+\.(gif|jpg|jpeg|png|swf|fiv|rar|zip|doc|pdf|gz|bz2|bmp|xls)$
{
valid_referers none blocked server_name *.taobao.com *.baidu.com *.google.com *.google.cn *.soso.com;
#以上网站不做防盗链设置

if ($invalid_referer){
rewrite ^/ http://www.baidu/403.html; return 403;
rewrite ^/http://www.baidu.com/nophoto.gif; #指定一个图片
}
}

访问控制（可用于负载均衡器对内网web服务器的访问）

server
{
listen 80;
server_name www.域名.com;
access_log /home/logs/bbs/access.log combined buffer=32k;
error_log /home/logs/bbs/error.log warn;
index index.html index.htm index.php;
root /usr/local/http;
allow 121.42.156.111; #允许这个ip访问
deny all; #除了allow项，deny所有的访问
}

nginx代理，负载均衡
主配置文件中修改
upstream bbs.非域名.com{
server 1.1.1.1:8080;
server 1.1.1.2:8080;
.....#上面是代理的内网web服务器ip
}

server {
listen 80;
server_name baidu.com; #用于访问的域名
proxy_pass bbs.非域名.com;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
access_log /home/logs/bbs.access combined;
}