Community
Learn
Tools Library
AI Tools
Leisure
search
English
Home Operation and Maintenance Nginx How to set up Referer in Nginx to prevent image theft

How to set up Referer in Nginx to prevent image theft

WBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWB
WBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWB
May 12, 2023 pm 06:52 PM
nginx referer

If the server's pictures are hotlinked by other websites, it will affect the server's bandwidth and access speed. At this time, we need to set the anti-hotlinking function of the image file or video file;

Anti-hotlinking function, simple That is to say, you can directly access the resource, but you cannot put my resource link on your own server for others to access, especially large files such as pictures or videos, which can easily cause the server to respond slowly.

If it were not a picture bed, I would be really afraid that other websites would directly use the pictures from this site. This kind of traffic is likely to be wiped out all at once. After all, CDNs are bought with free money. Therefore, it is better to set up an anti-hot link, nginx can complete this function.

Generally speaking, browsers that comply with the http protocol will bring the URL of the current website when accessing website B from website a to indicate where the click originated. Therefore, this module of nginx also relies on this to be implemented. Therefore, if the hacker does not add this header, he still cannot enjoy the anti-theft picture.

nginx official website documentation is as follows:

syntax: valid_referers none | blocked | server_names | string ...;
default: —
context: server, location

#nginx referer directive introduction

nginx module ngx_http_referer_module is usually used to block domain name requests from illegal sources. We should keep in mind that camouflaging the referer header It is a very simple thing, so this module can only be used to prevent most illegal requests. We should remember that some legitimate requests will not carry the referer source header, so sometimes do not reject the source header (referer) as Empty request.

Therefore, we can add code in the server or location block. I saved it as valid_referers.conf:

valid_referers none blocked server_names;

if ($invalid_referer) {
 return 403;
}
Copy after login

Then add include /etc/ where needed. nginx/valid_referers.conf. Of course, the prerequisite for executing this is that valid_referers.conf has been placed in the /etc/nginx/valid_referers.conf path on the corresponding machine.

Example: 

 location /articles/img {
  include /etc/nginx/valid_referers.conf;
  root /data/blog/code;
 }
Copy after login

The above is the detailed content of How to set up Referer in Nginx to prevent image theft. For more information, please follow other related articles on the PHP Chinese website!

Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn

Hot AI Tools

Undresser.AI Undress

Undresser.AI Undress

AI-powered app for creating realistic nude photos

AI Clothes Remover

AI Clothes Remover

Online AI tool for removing clothes from photos.

Undress AI Tool

Undress AI Tool

Undress images for free

Clothoff.io

Clothoff.io

AI clothes remover

AI Hentai Generator

AI Hentai Generator

Generate AI Hentai for free.

Show More

Hot Article

R.E.P.O. Energy Crystals Explained and What They Do (Yellow Crystal)
4 weeks ago By 尊渡假赌尊渡假赌尊渡假赌
R.E.P.O. Best Graphic Settings
4 weeks ago By 尊渡假赌尊渡假赌尊渡假赌
Assassin's Creed Shadows: Seashell Riddle Solution
2 weeks ago By DDD
R.E.P.O. How to Fix Audio if You Can't Hear Anyone
4 weeks ago By 尊渡假赌尊渡假赌尊渡假赌
R.E.P.O. Chat Commands and How to Use Them
4 weeks ago By 尊渡假赌尊渡假赌尊渡假赌
Show More

Hot Tools

Notepad++7.3.1

Notepad++7.3.1

Easy-to-use and free code editor

SublimeText3 Chinese version

SublimeText3 Chinese version

Chinese version, very easy to use

Zend Studio 13.0.1

Zend Studio 13.0.1

Powerful PHP integrated development environment

Dreamweaver CS6

Dreamweaver CS6

Visual web development tools

SublimeText3 Mac version

SublimeText3 Mac version

God-level code editing software (SublimeText3)

Show More

Hot Topics

Where is the login entrance for gmail email?
7526
15
CakePHP Tutorial
1378
52
What is the format of the account name of steam
81
11
win11 activation key permanent
54
19
nyt connections hints and answers
21
74
Show More
Related knowledge
How to check whether nginx is started How to check whether nginx is started Apr 14, 2025 pm 01:03 PM

How to confirm whether Nginx is started: 1. Use the command line: systemctl status nginx (Linux/Unix), netstat -ano | findstr 80 (Windows); 2. Check whether port 80 is open; 3. Check the Nginx startup message in the system log; 4. Use third-party tools, such as Nagios, Zabbix, and Icinga.

How to configure nginx in Windows How to configure nginx in Windows Apr 14, 2025 pm 12:57 PM

How to configure Nginx in Windows? Install Nginx and create a virtual host configuration. Modify the main configuration file and include the virtual host configuration. Start or reload Nginx. Test the configuration and view the website. Selectively enable SSL and configure SSL certificates. Selectively set the firewall to allow port 80 and 443 traffic.

How to check whether nginx is started? How to check whether nginx is started? Apr 14, 2025 pm 12:48 PM

In Linux, use the following command to check whether Nginx is started: systemctl status nginx judges based on the command output: If "Active: active (running)" is displayed, Nginx is started. If "Active: inactive (dead)" is displayed, Nginx is stopped.

How to start nginx in Linux How to start nginx in Linux Apr 14, 2025 pm 12:51 PM

Steps to start Nginx in Linux: Check whether Nginx is installed. Use systemctl start nginx to start the Nginx service. Use systemctl enable nginx to enable automatic startup of Nginx at system startup. Use systemctl status nginx to verify that the startup is successful. Visit http://localhost in a web browser to view the default welcome page.

How to start nginx server How to start nginx server Apr 14, 2025 pm 12:27 PM

Starting an Nginx server requires different steps according to different operating systems: Linux/Unix system: Install the Nginx package (for example, using apt-get or yum). Use systemctl to start an Nginx service (for example, sudo systemctl start nginx). Windows system: Download and install Windows binary files. Start Nginx using the nginx.exe executable (for example, nginx.exe -c conf\nginx.conf). No matter which operating system you use, you can access the server IP

How to solve nginx403 error How to solve nginx403 error Apr 14, 2025 pm 12:54 PM

The server does not have permission to access the requested resource, resulting in a nginx 403 error. Solutions include: Check file permissions. Check the .htaccess configuration. Check nginx configuration. Configure SELinux permissions. Check the firewall rules. Troubleshoot other causes such as browser problems, server failures, or other possible errors.

How to solve the problem of nginx cross-domain How to solve the problem of nginx cross-domain Apr 14, 2025 am 10:15 AM

There are two ways to solve the Nginx cross-domain problem: modify the cross-domain response header: add directives to allow cross-domain requests, specify allowed methods and headers, and set cache time. Use CORS modules: Enable modules and configure CORS rules that allow cross-domain requests, methods, headers, and cache times.

How to solve nginx304 error How to solve nginx304 error Apr 14, 2025 pm 12:45 PM

Answer to the question: 304 Not Modified error indicates that the browser has cached the latest resource version of the client request. Solution: 1. Clear the browser cache; 2. Disable the browser cache; 3. Configure Nginx to allow client cache; 4. Check file permissions; 5. Check file hash; 6. Disable CDN or reverse proxy cache; 7. Restart Nginx.

See all articles