Shulou(Shulou.com)06/01 Report--

This article mainly explains "how to use apache anti-theft company", the content of the article is simple and clear, easy to learn and understand, now please follow the editor's ideas slowly in depth, together to study and learn "how to use apache anti-theft company" bar!

Hotlink protection principle: the http standard protocol has a special field to record what the last inbound address of referer is, and for resource files, it can be traced to what the web address that shows it is. Therefore, all hotlink protection methods are based on this Referer field. One is to use the apache file FileMatch restriction, add it in httpd.conf (in fact, you can also save the following statement as an .htaccess file), and put it in the root directory of your website (that is, the www/html directory). In this way, there is no way for others to steal your things.

SetEnvIfNoCase Referer "^ http://aabbcc.com/" local_ref=1

Order Allow,Deny

Allow from env=local_ref

Allow from 127.0.0.1

The second is to use rewrite, need to add apache mode_rewrite, support .htaccess file directory permissions limited to the virtual host root directory to add .htaccess files, description from the direction, the non-local address refer image files are directed to warning pictures or warning web pages. First of all, make sure that the server interpretation engine of your server or space is Apache2, and supports .htaccess client settings files. If you have your own server, please first make the following changes to the. / conf/httpd.conf file: # LoadModule rewrite_module modules/mod_rewrite.so, throw the previous # to find, wait for an AllowOverride None to change to AllowOverride All, restart the Apache2 server, and then do an. Htaccess file with the content of. Htaccess file

RewriteEngine on

RewriteCond% {HTTP_REFERER}! ^ http://aabbcc.com/.*$[NC]

RewriteCond% {HTTP_REFERER}! ^ http://aabbcc.com$ [NC]

RewriteCond% {HTTP_REFERER}! ^ http://www.aabbcc.com/.*$[NC]

RewriteCond% {HTTP_REFERER}! ^ http://www.aabbcc$ [NC]

RewriteRule. *. (jpg | jpeg | gif | png | bmp | rar | zip | exe) $http://www.aabbcc.com/err.html [RMagneNC]

There is a third:

I found a problem when I was solving the problem of banning hotlinks in plog, which is also a good way.

Plog manages all resources by itself and displays them dynamically with resserver.php, so that a unified entry is easy to add permissions to operate.

At the same time, the above two methods cannot be used, because apache no longer accesses the resource file directly, but php reads through the file.

So you can only tamper with the code: before reading the output of the resource file, add the following judgment code reference

$referer = $_ SERVER ['HTTP_REFERER']

$selfurl = $_ SERVER ['HTTP_HOST']

If (false = = strpos ($referer,$selfurl))

{

Echo 'illegal chain theft!'

Exit (1)

}

Thank you for your reading, the above is the content of "how to use apache anti-theft company". After the study of this article, I believe you have a deeper understanding of how to use apache anti-theft company, and the specific use needs to be verified in practice. Here is, the editor will push for you more related knowledge points of the article, welcome to follow!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.