valid_referers 指令详解
该指令后面可以接 none blocked serevr_names string或者是正则表达式
none 代表没有referer
blocked 代表有referer但是被防火墙或者是代理给去除了
string或者正在表达式 用来匹配referer
nginx会通过查看referer字段和valid_referers后面的referer列表进行匹配,如果匹配到了就invalid_referer字段值为0 否则设置该值为1
现我为公司写出了实现这一功能的代码
valid_referers none blocked server_names;
if ($invalid_referer) {
rewrite ^/ http://********.com/ redirect;
}
如图片防止盗链:
location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
{
valid_referers none blocked www.17zhigou.com 17zhigou.com;
if ($invalid_referer){
//防止盗链
rewrite ^/ http://www.17zhigou.com/404.html;
#return 403;
}
expires 15d;
}
第一行:gif|jpg|jpeg|png|bmp|swf 表示对gif、jpg、png、bmp、swf、flv后缀的文件实行防盗链
第二行: 表示对www.myhack58.com myhack58.com这2个来路进行判断
如果invalid_referer 为真,就跳转到 http://www.17zhigou.com/404.html
图片目录防止盗链:
location /images/
{
//真实路径
alias /usr/soft/nginx/images/;
valid_referers none blocked server_names *.17zhigou.com 17zhigou.com;
if ($invalid_referer)
{
return 403;
}
}