服务器防盗链
假设域名为www.localhost.com
1.apache配置httpd.conf
SetEnvIfNoCase Referer "^http://www.localhost.com/" local_ref=1 <FilesMatch ".(gif|jpg)"> Order Allow,Deny Allow from env=local_ref </FilesMatch>
2.apache配置.htaccess
RewriteEngine on RewriteCond %{HTTP_REFERER} !^$ RewriteCond %{HTTP_REFERER} !^http://(www.)?localhost.com /.*$ [NC] RewriteRule .(gif|jpg)$ http://www.localhost.com/noAllowed.gif [R,L] #####设置非指定域名下的防盗链图片展示
3.nginx设置/usr/local/nginx/conf/nginx.conf这个文件,将如下代码匹配在server{ }段里面即可
location ~ .*.(gif|jpg|jpeg|png|bmp|swf)$ { expires 30d; valid_referers www.locahost.com;
if ($invalid_referer) {
return 403;#禁止访问
#rewrite ^(.*)$ 403.jpg ###设置防盗链提示图片
} }
45.php设置
<?php //获取referer 浏览器打开的页面没有referer if(isset($_SERVER['HTTP_REFERER'])) { if(strpos($_SERVER['HTTP_REFERER'],"http://www.localhost.com/")==0) { ... } else {
header("Location:403.php");//跳转页面到warning.php
} } else header("Location:403.php"); ?>