Nginx配置防盗链

Nginx配置防盗链

进入Nginx配置文件：

[root@LHQ vhosts]# vim test.conf

server

{

listen 80;

server_name www.test.com www.aaa.com www.bbb.com;

if ($host != 'www.test.com')

{

rewrite ^/(.*)$ http://www.test.com/$1 permanent;

}

index index.html index.htm index.php;

root /data/www;

access_log /tmp/access.log qiangzi;

location ~ .*admin\.php$ {

auth_basic "aminglinux auth";

auth_basic_usre_file /usr/local/nginx/conf/.htpasswd;

include fastcgi_params;

fastcgi_pass unix:/tmp/www.sock;

#fastcgi_pass 127.0.0.1:9000;

fastcgi_index index.php;

fastcgi_param SCRIPT_FILENAME /data/www$fastcgi_script_name;

}

location ~.*\.(gif|jpg|jpeg|png|bmp|swf|flv|rar|zip|gz|bz2)$

{

access_log off;

expires 15d;

valid_referers none blocked *.test.com *.aaa.com; （可用的referer）

       if ($invalid_referer)  （if：是如果的意思；valid_referers反义词invalid_referer）

       {

           return 403;

       }

}

localtion ~\(js|css)

{

access_log off;

expires 2h;

}

location ~(static|cache)

{

access_log off;

}

location ~ \.php$ {

include fastcgi_params;

fastcgi_pass unix:/tmp/www.sock;

#fastcgi_pass 127.0.0.1:9000;

fastcgi_index index.php;

fastcgi_param SCRIPT_FILENAME /data/www$fastcgi_script_name;

}

}

保存退出

查看文件是否有错：

[root@LHQ vhosts]# /usr/local/nginx/sbin/nginx -t

[root@LHQ vhosts]# /usr/local/nginx/sbin/nginx -s reload  （重新加载）

[root@LHQ vhosts]# curl -e "http://www.baidu.com/1111" -I -x127.0.0.1:80 '要做防盗链的网站图片地址'

(选项：-e指定referer;百度的referer不是真实存在的,只为做防盗链测试，如果是403则防盗链设置成功)