标签:
1 [root@web01 www]# cat /app/server/nginx/conf/vhosts/default.conf 2 server { 3 listen 80 default_server; 4 server_name 192.168.1.24 web01.espressos.cn; 5 root /app/www; 6 index index.php index.html index.htm; 7 location ~* \.(gif|jpg|png|swf|flv)$ { #对gif,jpg,png,swf,flv后缀的文件实行防盗链 8 valid_referers none blocked 192.168.1.24 web01.espressos.cn; #对192.168.1.24 web01.espressos.cn这两个来路进行判断(主要是根椐http协议里的referer) 9 if ($invalid_referer) { #if{}里面内容的意思是,如果来路不是指定来路就跳转到错误页面,当然直接返回403也是可以的。 10 rewrite ^/ http://192.168.1.24/403.html; 11 #return 404; 12 } 13 } 14 location ~ .*\.(php|php5)?$ 15 { 16 #fastcgi_pass unix:/tmp/php-cgi.sock; 17 fastcgi_pass 127.0.0.1:9000; 18 fastcgi_index index.php; 19 include fastcgi.conf; 20 } 21 access_log /app/log/nginx/access/default.log; 22 }
验证代码:
[root@web01 www]# cat q.html <html> <body><img alt="http://192.168.1.24/cat.png" src="http://192.168.1.24/cat.png" height="auto" width="auto"></body> </html> [root@web01 www]#
另一台WEB服务器盗用WEB01的图片(配置如下):
[root@lmr default]# cat /app/server/nginx/conf/vhosts/default.conf server { listen 80; server_name localhost; index index.html index.htm index.php; root /app/www/default; location ~ .*\.(php|php5)?$ { #fastcgi_pass unix:/tmp/php-cgi.sock; fastcgi_pass 127.0.0.1:9000; fastcgi_index index.php; include fastcgi.conf; } location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$ { expires 30d; } location ~ .*\.(js|css)?$ { expires 1h; } include /app/server/nginx/conf/rewrite/default.conf; access_log /app/log/nginx/access/default.log; }
验证:
[root@lmr default]# pwd /app/www/default [root@lmr default]# cat q.html <html> <body><img alt="http://192.168.1.24/cat.png" src="http://192.168.1.24/cat.png" height="auto" width="auto"></body> </html> [root@lmr default]#
防盗成功!!!
把web01上的防盗代码注释掉:
[root@web01 www]# cat /app/server/nginx/conf/vhosts/default.conf server { listen 80 default_server; server_name 192.168.1.24 web01.espressos.cn; root /app/www; index index.php index.html index.htm; #location ~* \.(gif|jpg|png|swf|flv)$ { #valid_referers none blocked 192.168.1.24 web01.espressos.cn; #if ($invalid_referer) { # rewrite ^/ http://192.168.1.24/403.html; # return 404; # } #} location ~ .*\.(php|php5)?$ { #fastcgi_pass unix:/tmp/php-cgi.sock; fastcgi_pass 127.0.0.1:9000; fastcgi_index index.php; include fastcgi.conf; } access_log /app/log/nginx/access/default.log; } [root@web01 www]# /app/server/nginx/sbin/nginx -s reload
重新测式盗连图片的服务器,盗图是否成功:
图片盗连成功!!
标签:
原文地址:http://www.cnblogs.com/bass6/p/5733916.html
