How to build file anti-leeching service in Nginx

WBOY
Release: 2023-05-11 23:58:20
forward
1212 people have browsed it

Preface

Everyone knows that many websites now charge for downloading information. Whether it is points or gold coins, if you want to free it, you can only say that there are very few. So these websites How to prevent resource hotlinking?

Here is a relatively easy-to-use artifact. nginx itself provides secure_link to complete the anti-leeching function. It can add timestamps and check codes to server file links, thereby protecting server files from being downloaded and stolen.

Timing diagram

How to build file anti-leeching service in Nginx

nginx configuration

How to install nginx I won’t go into details here. Remember to turn it on when installing. ngx_http_secure_link_module is enough.

./configure --with-http_secure_link_module #编译nginx时加入
Copy after login

Installation completion detection:

nginx -v
Copy after login

If the following appears, the configuration is successful:

configure arguments: --with-http_secure_link_module --prefix=/usr/local /nginx --with-http_stub_status_module

Instance configuration

server {
   listen    80;
   server_name download.52itstyle.com;
   charset utf-8;
   location / {
     #这里配置了2个参数一个是md5,一个是expires
     secure_link $arg_md5,$arg_expires;
     #md5的哈希格式为 secret+url+expires,expires为时间戳单位s,url为请求地址
     secure_link_md5 52itstyle$uri$arg_e;
     #这里我们的md5是我们按照secure_link_md5的方式计算的哈希,secure_link会比对它计算的哈希值是否与我们的md5参数一致
     if ($secure_link = "") {
       #资源不存在或哈希比对失败
       return 402;
     }
     if ($secure_link = "0") {
       #失效超时
       return 405;
     }
     #重命名文件名
     add_header content-disposition "attachment;filename=$arg_f";
     alias /data/site/down.52itstyle.com/;
   }
   error_page  500 502 503 504 /50x.html;
   error_page  402 405 /40x.html;
   location = /50x.html {
     root  html;
   }
   location = /40x.html {
     root  html;
   }
}
Copy after login

Parameter details

secure_link

Syntax: secure_link expression;

Default value: None

Configuration section: http, server, location

expression is expired by the check value and It consists of time, in which the check value will be compared with the md5 hash value of the specified parameter in secure_link_md5.

If the two values ​​are inconsistent, the value of the $secure_link variable is empty; if the two values ​​are consistent, an expiration check is performed; if it has expired, the value of the $secure_link variable is 0; if it has not expired, it is 1 .

If the link is time-sensitive, then the expiration time is set with a timestamp, declared after the md5 hash value, separated by commas. If no expiration time is set, the link will be valid forever.

secure_link_md5

Syntax: secure_link_md5 expression;

Default value: None

Configuration section: http, server, location

expression specifies the parameters for calculating the md5 hash value. The md5 value will be compared and verified with the md5 value passed in the URL. Expression generally contains uri (for example, demo.com/s/link uri is /s/link) and encryption key secret. If the link is time-sensitive, expression needs to contain $secure_link_expires. Expression can also add client information, such as access IP, browser version information, etc.

java backend configuration

Case, for reference only:

import org.apache.commons.codec.binary.base64;
import org.apache.commons.codec.digest.digestutils;
/**
 * 生成加密連接
 */
public class securelink {
  private static string site = "https://down.52itstyle.com/";
  private static string secret = "52itstyle";
  public static string createlink(string path,string filename){
    string time = string.valueof((system.currenttimemillis() / 1000) + 300); // 5分钟有效
    string md5 = base64.encodebase64urlsafestring(digestutils.md5(secret + path + time));
    string url = site + path + "?md5=" + md5 + "&expires=" + time + "&f="+filename;
    return url;
  }
  public static void main(string[] args) {
    //https://down.52itstyle.com/2018101025689452.pdf?md5=fndyyfzcooi9q8sh1ffkxg&expires=1539847995&f=分布式秒杀架构.pdf
    system.out.println(createlink("2018101025689452.pdf","分布式秒杀架构.pdf"));
  }
}
Copy after login

The above is the detailed content of How to build file anti-leeching service in Nginx. For more information, please follow other related articles on the PHP Chinese website!

Related labels:
source:yisu.com
Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Popular Tutorials
More>
Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template
About us Disclaimer Sitemap
php.cn:Public welfare online PHP training,Help PHP learners grow quickly!