LNMP搭建11:Nginx配置防盗链
2017-02-25 13:03
351 查看
我们网站上的资源如果没有设置防盗链,那么其他人可以通过资源链接盗用我们的资源,占用我们的带宽,影响我们网站对合法用户的服务质量。举个例子,假如我们网站上有一张图片,如下图所示:
复制图片地址,可以直接在浏览器中搜到我们的图片,也可以在其他地方通过该图片地址引用或下载该图片。
为了不让别人盗用我们的资源,我们可以在服务器上设置防盗链。
编辑虚拟主机配置文件
[root@cp1 vhosts]# vim test.conf
添加指定类型文件的防盗链
没错误重新加载配置文件
[root@cp1 vhosts]# /usr/local/nginx/sbin/nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
[root@cp1 vhosts]# /usr/local/nginx/sbin/nginx -s reload
使用curl测试,看看百度能不能引用我们的图片
[root@cp1 vhosts]# curl -e "http://www.baidu.com" -I -x127.0.0.1:80 'http://www.test.com/data/attachment/forum/201702/24/020448ytywyltbbzatdgdo.jpg'
HTTP/1.1 403 Forbidden
Server: nginx/1.6.2
Date: Thu, 23 Feb 2017 18:24:47 GMT
Content-Type: text/html
Content-Length: 168
Connection: keep-alive
正常情况下是可以访问的
[root@cp1 vhosts]# curl -I -x127.0.0.1:80 'http://www.test.com/data/attachment/forum/201702/24/020448ytywyltbbzatdgdo.jpg'
HTTP/1.1 200 OK
Server: nginx/1.6.2
Date: Thu, 23 Feb 2017 18:22:34 GMT
Content-Type: image/jpeg
Content-Length: 188486
Last-Modified: Thu, 23 Feb 2017 18:04:49 GMT
Connection: keep-alive
ETag: "58af2441-2e046"
Expires: Fri, 10 Mar 2017 18:22:34 GMT
Cache-Control: max-age=1296000
Accept-Ranges: bytes
指定的白名单能访问我们的图片
[root@cp1 vhosts]# curl -e "http://www.test.com" -I -x127.0.0.1:80 'http://www.test.com/data/attachment/forum/201702/24/020448ytywyltbbzatdgdo.jpg'
HTTP/1.1 200 OK
Server: nginx/1.6.2
Date: Thu, 23 Feb 2017 18:25:24 GMT
Content-Type: image/jpeg
Content-Length: 188486
Last-Modified: Thu, 23 Feb 2017 18:04:49 GMT
Connection: keep-alive
ETag: "58af2441-2e046"
Expires: Fri, 10 Mar 2017 18:25:24 GMT
Cache-Control: max-age=1296000
Accept-Ranges: bytes
[root@cp1 vhosts]# curl -e "http://www.aaa.com" -I -x127.0.0.1:80 'http://www.test.com/data/attachment/forum/201702/24/020448ytywyltbbzatdgdo.jpg'
HTTP/1.1 200 OK
Server: nginx/1.6.2
Date: Thu, 23 Feb 2017 18:25:32 GMT
Content-Type: image/jpeg
Content-Length: 188486
Last-Modified: Thu, 23 Feb 2017 18:04:49 GMT
Connection: keep-alive
ETag: "58af2441-2e046"
Expires: Fri, 10 Mar 2017 18:25:32 GMT
Cache-Control: max-age=1296000
Accept-Ranges: bytes
其他不能访问我们的图片
[root@cp1 vhosts]# curl -e "http://www.google.com" -I -x127.0.0.1:80 'http://www.test.com/data/attachment/forum/201702/24/020448ytywyltbbzatdgdo.jpg'
HTTP/1.1 403 Forbidden
Server: nginx/1.6.2
Date: Thu, 23 Feb 2017 18:24:24 GMT
Content-Type: text/html
Content-Length: 168
Connection: keep-alive
复制图片地址,可以直接在浏览器中搜到我们的图片,也可以在其他地方通过该图片地址引用或下载该图片。
为了不让别人盗用我们的资源,我们可以在服务器上设置防盗链。
编辑虚拟主机配置文件
[root@cp1 vhosts]# vim test.conf
添加指定类型文件的防盗链
没错误重新加载配置文件
[root@cp1 vhosts]# /usr/local/nginx/sbin/nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
[root@cp1 vhosts]# /usr/local/nginx/sbin/nginx -s reload
使用curl测试,看看百度能不能引用我们的图片
[root@cp1 vhosts]# curl -e "http://www.baidu.com" -I -x127.0.0.1:80 'http://www.test.com/data/attachment/forum/201702/24/020448ytywyltbbzatdgdo.jpg'
HTTP/1.1 403 Forbidden
Server: nginx/1.6.2
Date: Thu, 23 Feb 2017 18:24:47 GMT
Content-Type: text/html
Content-Length: 168
Connection: keep-alive
正常情况下是可以访问的
[root@cp1 vhosts]# curl -I -x127.0.0.1:80 'http://www.test.com/data/attachment/forum/201702/24/020448ytywyltbbzatdgdo.jpg'
HTTP/1.1 200 OK
Server: nginx/1.6.2
Date: Thu, 23 Feb 2017 18:22:34 GMT
Content-Type: image/jpeg
Content-Length: 188486
Last-Modified: Thu, 23 Feb 2017 18:04:49 GMT
Connection: keep-alive
ETag: "58af2441-2e046"
Expires: Fri, 10 Mar 2017 18:22:34 GMT
Cache-Control: max-age=1296000
Accept-Ranges: bytes
指定的白名单能访问我们的图片
[root@cp1 vhosts]# curl -e "http://www.test.com" -I -x127.0.0.1:80 'http://www.test.com/data/attachment/forum/201702/24/020448ytywyltbbzatdgdo.jpg'
HTTP/1.1 200 OK
Server: nginx/1.6.2
Date: Thu, 23 Feb 2017 18:25:24 GMT
Content-Type: image/jpeg
Content-Length: 188486
Last-Modified: Thu, 23 Feb 2017 18:04:49 GMT
Connection: keep-alive
ETag: "58af2441-2e046"
Expires: Fri, 10 Mar 2017 18:25:24 GMT
Cache-Control: max-age=1296000
Accept-Ranges: bytes
[root@cp1 vhosts]# curl -e "http://www.aaa.com" -I -x127.0.0.1:80 'http://www.test.com/data/attachment/forum/201702/24/020448ytywyltbbzatdgdo.jpg'
HTTP/1.1 200 OK
Server: nginx/1.6.2
Date: Thu, 23 Feb 2017 18:25:32 GMT
Content-Type: image/jpeg
Content-Length: 188486
Last-Modified: Thu, 23 Feb 2017 18:04:49 GMT
Connection: keep-alive
ETag: "58af2441-2e046"
Expires: Fri, 10 Mar 2017 18:25:32 GMT
Cache-Control: max-age=1296000
Accept-Ranges: bytes
其他不能访问我们的图片
[root@cp1 vhosts]# curl -e "http://www.google.com" -I -x127.0.0.1:80 'http://www.test.com/data/attachment/forum/201702/24/020448ytywyltbbzatdgdo.jpg'
HTTP/1.1 403 Forbidden
Server: nginx/1.6.2
Date: Thu, 23 Feb 2017 18:24:24 GMT
Content-Type: text/html
Content-Length: 168
Connection: keep-alive
相关文章推荐
- Linux Debian 下LNMP服务器——nginx+mysql+php环境搭建及配置
- LNMP搭建4:Nginx启动脚本和配置文件
- LNMP第二部分nginx、php配置(用户认证、域名重定向、日志、配置缓存、防盗链) 推荐
- 【LNMP】Nginx防盗链、Nginx访问控制、Nginx解析php相关配置和Nginx代理
- LNMP架构 (4) 之 Nginx的防盗链、访问控制、解析php相关配置
- LNMP - nginx配置防盗链
- LNMP架构(四)Nginx防盗链-访问配置-解析PHP配置
- LNMP环境搭建:Nginx安装、测试与域名配置
- 搭建LNMP(linux+nginx+mysql+php)服务器环境配置实例教程
- LNMP - Nginx配置防盗链
- Ubuntu系统下lnmp环境搭建和Nginx多站点配置
- LNMP框架的搭建(nginx的安装与配置)
- LNMP(nginx防盗链,访问控制,解析php相关配置,Nginx代理,常见502问题)
- LNMP环境搭建:Nginx安装、测试与域名配置
- LNMP搭建10:Nginx配置静态文件过期时间
- LNMP--Nginx配置防盗链
- 配置nginx支持php yum搭建lnmp环境(CentOS6)
- CentOS 7 配置 Nginx + php + mysql 搭建 lnmp 环境过程全纪录
- Ubuntu 搭建LNMP环境图文教程 配置nginx支持PHP
- centos下 nginx+resin搭建配置 nginx配置 resin配置