Shulou(Shulou.com)06/02 Report--

Experimental environment

A minimally installed CentOS 7.3virtual machine

Configuration: 1 Core / 512MB

Nginx version 1.12.2

First, configure the website of stealing links

1. Start a nginx virtual machine and configure two websites

Vim / etc/nginx/conf.d/vhosts.conf

Add the following

Server {listen 80; server_name site1.test.com; root/ var/wwwroot/site1; index index.html; location / {}} server {listen 80; server_name site2.test.com; root/ var/wwwroot/site2; index index.html; location / {}}

two。 Edit the C:\ Windows\ System32\ drivers\ etc\ hosts file in the host

192.168.204.11 site1.test.com

192.168.204.11 site2.test.com

3. Create a site root directory

Mkdir / var/wwwrootcd / var/wwwrootmkdir site1mkdir site2echo-e "site1

"> site1/index.htmlecho-e" site2

> > site2/index.html

4. Upload 1.jpg to the / var/wwwroot/site1 directory

5. Start the nginx service

Systemctl restart nginxnetstat-anpt | grep nginx

6. Firewall opens port 80

Setenforce 0firewall-cmd-zone=public-add-port=80/tcp-permanentfirewall-cmd-reload

7. Access at the host

Http://site1.test.com

Http://site2.test.com

2. Configure site1.test.com hotlink protection

1. Edit nginx profile

Server {listen 80; server_name site1.test.com; root/ var/wwwroot/site1; index index.html; location / {} location ~\. (jpg | png | gif | jpeg) ${valid_referers site1.test.com; if ($invalid_referer) {return 403;} server {listen 80; server_name site2.test.com; root/ var/wwwroot/site2; index index.html; location / {}}

two。 Restart the nginx service

Systemctl restart nginx

3. Access at the host

Clear browser cache and access http://site1.test.com

Clear browser cache and access http://site2.test.com

It can be seen that hotlink protection configuration plays a role.

Configure hotlink protection to return other resources

1. Edit nginx profile

Add a virtual host to rewrite the resources protected by hotlink protection

Server {listen 80; server_name site1.test.com; root/ var/wwwroot/site1; index index.html; location / {} location ~\. (jpg | png | gif | jpeg) ${valid_referers site1.test.com; if ($invalid_referer) {rewrite ^ / http://site3.test.com/notfound.jpg; # return 403;}} server {listen 80; server_name site2.test.com; root/ var/wwwroot/site2; index index.html; location / {} server {listen 80 Server_name site3.test.com; root/ var/wwwroot/site3; index index.html; location / {}}

explain

Location ~\. (jpg | png | gif | jpeg) ${} is the file type for hotlink protection, separated by vertical bar |.

Valid_referers site1.test.com * .nginx.org; is a whitelist separated by spaces. You can use * to set the pan-domain name.

If ($invalid_referer) {} will execute the content in {} in order to determine whether it conforms to the whitelist or not.

Rewrite ^ / http://site3.test.com/notfound.jpg; is a rewrite resource, if it does not match the whitelist, it will be rewritten to that address.

The status code returned by return 403; is 403.

two。 Establish the site3 root directory

Cd / var/wwwrootmkdir site3echo-e "site3

> > site3/index.html

3. Upload the notfound.jpg file to the / var/wwwroot/site3 directory

4. Restart the nginx service

Systemctl restart nginx

5. Edit the C:\ Windows\ System32\ drivers\ etc\ hosts file in the host

Increase mapping to site3.test.com

192.168.204.11 site1.test.com

192.168.204.11 site2.test.com

192.168.204.11 site3.test.com

6. Access http://site2.test.com at the host

You can see that the 1.jpg file of site1 embezzled in site2 is redirected to the notfound.jpg file on site3.

Summary

The above is the operation method of configuring Nginx hotlink protection introduced by the editor to you. I hope it will be helpful to you. If you have any questions, please leave me a message and the editor will reply you in time. Thank you very much for your support to the website!

If you think this article is helpful to you, you are welcome to reprint it, please indicate the source, thank you!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.