Shulou(Shulou.com)06/03 Report--

Hotlink protection

In life, many people copy links from other websites to their own sites to show to their visitors, increasing the number of visits to their websites, but most visitors are not easy to find. Some bad websites expand the content of their own sites in order to increase the cost, and often steal the links of other websites. On the one hand, it harms the legitimate interests of the original website, on the other hand, it increases the burden on the server.

Experimental environment

CentOs source host ip address: 192.168.100.10

Domain name: www.benet.com

CentOs hotlink website (window 7 client) ip address: 192.168.100.3

CentOs source host: linux 6.5

Yum warehouse has been built

Mount a shared folder to the Linux 6.5 system

Bag grabbing tool fiddler

Package grab software link: https://pan.baidu.com/s/1M7Fz7yBP1Dij4aYTPWOVpQ password: 4upr

Experimental goal

1. Hotlink protection is successfully set

two。 Hide version information

Experimental procedure

First, set up hotlink protection

1. Install the basic Apache web service, see https://blog.51cto.com/13760351/2158118 for details

two。 Copy a picture

[root@localhost htdocs] # ls

110.jpg index.html

3. Modify index.html web page file

[root@localhost htdocs] # vim index.html

4. Visit the web page to view

5. Modify the web file on window7 and add a link to steal pictures

This is test!

6. Visit and view

7. Hotlink protection configuration

(1) first compile and install the Apache source code package. For more information, please see https://blog.51cto.com/13760351/2158556.

Delete the httpd that comes with the system before compiling and installing yum-y remove httpd #

(2) modify the configuration

. / configure\

-- prefix=/usr/local/httpd\ # specify the httpd installation directory

-- enable-deflate\

-- enable-so\

-- enable-rewrite\ # add mod_deflate module

-- enable-charset-lite\

-- enable-cgi

(3) configure mod_deflate module to enable

Vim / etc/httpd.conf

Options Indexes FollowSymLinks

AllowOverride None

Insert mod_deflate module under Require all granted /

RewriteEngine On

RewriteCond% {HTTP_REFERER}! ^ http://benet.com/.$ [NC]

RewriteCond% {HTTP_REFERER}! ^ http://benet.com$ [NC]

RewriteCond% {HTTP_REFERER}! ^ http://www.benet.com/.$ [NC]

RewriteCond% {HTTP_REFERER}! ^ http://www.benet.com/$ [NC]

RewriteRule. *. (gif | jpg | swf) $http://www.benet.com/error.png

(4) verify httpd.conf syntax

[root@localhost conf] # apachectl-t

Syntax OK # is syntactically correct

(5) whether the test module is installed

[root@localhost conf] #. / apachectl-t-D DUMP_MODULES | grep "rewrite"

8. Add anti-theft pictures

9. Verification

Hide the meaning of version information:

In general, the copper leak of the software is related to the version, and if someone uses the package grab software to obtain apache version information, it will invade and cause great losses to the website, so we should hide the version number to reduce the risk and protect the server security.

2. Hide version information

1. Use the package grab software to view version information

two。 Modify httpd.conf configuration file

[root@localhost conf] # vim httpd.conf

Include conf/extra/httpd-default.conf to #, open

3. Modify the httpd-default.conf file

ServerTokens Prod # change full to Prod

ServerSignature Off # change on to Off

4. Restart apache, grab the package and view it.

[root@localhost conf] # service httpd restart

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.