How to set up Referer in Nginx to prevent image theft

If the server's pictures are hotlinked by other websites, it will affect the server's bandwidth and access speed. At this time, we need to set the anti-hotlinking function of the image file or video file;

Anti-hotlinking function, simple That is to say, you can directly access the resource, but you cannot put my resource link on your own server for others to access, especially large files such as pictures or videos, which can easily cause the server to respond slowly.

If it were not a picture bed, I would be really afraid that other websites would directly use the pictures from this site. This kind of traffic is likely to be wiped out all at once. After all, CDNs are bought with free money. Therefore, it is better to set up an anti-hot link, nginx can complete this function.

Generally speaking, browsers that comply with the http protocol will bring the URL of the current website when accessing website B from website a to indicate where the click originated. Therefore, this module of nginx also relies on this to be implemented. Therefore, if the hacker does not add this header, he still cannot enjoy the anti-theft picture.

nginx official website documentation is as follows:

syntax: valid_referers none | blocked | server_names | string ...;
default: —
context: server, location

#nginx referer directive introduction

nginx module ngx_http_referer_module is usually used to block domain name requests from illegal sources. We should keep in mind that camouflaging the referer header It is a very simple thing, so this module can only be used to prevent most illegal requests. We should remember that some legitimate requests will not carry the referer source header, so sometimes do not reject the source header (referer) as Empty request.

Therefore, we can add code in the server or location block. I saved it as valid_referers.conf:

valid_referers none blocked server_names;

if ($invalid_referer) {
 return 403;
}

Then add include /etc/ where needed. nginx/valid_referers.conf. Of course, the prerequisite for executing this is that valid_referers.conf has been placed in the /etc/nginx/valid_referers.conf path on the corresponding machine.

Example:

 location /articles/img {
  include /etc/nginx/valid_referers.conf;
  root /data/blog/code;
 }

The above is the detailed content of How to set up Referer in Nginx to prevent image theft. For more information, please follow other related articles on the PHP Chinese website!