Examples of anti hotlinking configuration methods are Nginx and Apache
- 2020-05-09 19:55:13
- OfStack
To achieve hotlinking, we must first understand the implementation principle of hotlinking, mentioned the implementation principle of hotlinking has to start from the HTTP protocol, in the HTTP protocol, there is a header field called referer, using the format of URL to indicate where to link to the current web page or file. In other words, with referer, a website can detect the source page visited by the target page and, if it is a resource file, track it to the page where it is displayed. With referer tracking the source is easy to do, at this point can be processed through technical means, 1 once the source is detected is not the site will be blocked or back to the specified page.
Nginx anti-hotlinking configuration
1. Anti-hotlinking configuration method of nginx for file types:
location ~* \.(gif|jpg|png|swf|flv|bmp)$ {
valid_referers none blocked *.ofstack.com ofstack.com;
if ($invalid_referer) {
#rewrite ^/ //www.ofstack.com/403.html;
return 403;
}
}
This method is added in the server or location section: valid_referers none blocked, where none refers to the empty source, that is, direct access, such as directly open a file in the browser, blocked refers to the route marked by the firewall, *.ofstack.com refers to all subdomains.
2. Anti-hotlinking configuration method of nginx for file directory:
location /img/ {
root /data/img/;
valid_referers none blocked *.ofstack.com ofstack.com;
if ($invalid_referer) {
rewrite ^/ //www.ofstack.com/error.gif;
#return 403;
}
}
Apache anti-hotlinking configuration
The first implementation of Apache against hotlinking can be implemented using Rewrite. First make sure Apache rewrite module is available: if you can control Apache httpd.conf file, open httpd.conf and make sure you have this 1 line configuration:
LoadModule rewrite_module modules/mod_rewrite.so
Then in the corresponding virtual host configuration, add the following code:
ServerName www.ofstack.com
# Anti-hotlinking configuration parameter
RewriteEngine On
RewriteCond %{HTTP_REFERER} !^http://ofstack.com/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://ofstack.com$ [NC]
RewriteCond %{HTTP_REFERER} !^//www.ofstack.com/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^//www.ofstack.com$ [NC]
RewriteRule .*\.(gif|jpg|swf)$ //www.ofstack.com/img/nolink.gif [R,NC]
ofstack. com/www. ofstack. com said he trusted sites. gif|jpg|swf represents the extension to protect the file (separated by |). Redirection page/image after nolink.gif hotlinking. The image should be as small as possible to output warning information.
Some users are using a virtual host and do not have control over the server to modify the httpd.conf file and restart the server. Please confirm that your virtual host supports.htaccess, write the above configuration to.htaccess file, and put it into the root directory or the directory where the image is located:
# Anti-hotlinking configuration
RewriteEngine On
RewriteCond %{HTTP_REFERER} !^http://ofstack.com/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://ofstack.com$ [NC]
RewriteCond %{HTTP_REFERER} !^//www.ofstack.com/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^//www.ofstack.com$ [NC]
RewriteRule .*\.(gif|jpg|swf)$ //www.ofstack.com/img/nolink.gif [R,NC]
By judging the value of referer variable and whether the reference of image or resource is legal, the specified resource can be accessed only when referer is within the setting range, thus realizing the purpose of anti-hotlinking (Anti-Leech). It is important to note that not all user agents (browsers) set the referer variable, and some can modify referer manually, that is, referer can be counterfeited. What this article talks about, it is a kind of simple protection means only. Of course, dealing with 1 - like hotlinking is enough.