How to configure Nginx cross-domain access and anti-leeching
Cross-domain access control
Cross-domain access
Not safe, prone to CSRF attacks!
How nginx configures cross-domain access
add_header syntax- syntax:add_header name value [always];
- default:—
- context:http, server, location, if in location
- add_header name value [always];
- name represents the key returned by the response header
- value represents the response header The value corresponding to the returned key
- add_header cross-domain configuration
location ~ .*\.(htm|html)$ {
add_header access-control-allow-origin *;
add_header access-control-allow-methods get,post,put,delete,options;
root /opt/app/code;
}Anti-hotlinking
- #Prevent resources from being misappropriated.
- Prevent abnormal user access, occupy website resources, affect website performance, and will inevitably affect normal user access
Based on http_referer anti-hotlinking Configuration module
ngx_http_referer_module module is used to prevent requests with invalid values in the "referer" header field from accessing the site. Examplevalid_referers none blocked server_names
*.example.com example.* www.example.org/galleries/
~\.google\.;
if ($invalid_referer) {
return 403;
}referer_hash_bucket_size syntax
- ##syntax: referer_hash_bucket_size size;
- default: referer_hash_bucket_size 64;
- context: server, location
- Syntax explanation:
referer_hash_bucket_size size; indicates that the setting is valid The storage size of the reference hash table.
referer_hash_max_size Syntax- syntax: referer_hash_max_size size;
- default: referer_hash_max_size 2048;
- context: server, location
- Syntax explanation:
referer_hash_max_size size; means setting the maximum size of the effective referrer hash table .
- syntax: valid_referers none | blocked | server_names | string ...;
- default: —
- context: server, location
- ## Syntax explanation:
- none indicates that the "referer" field is missing in the request header;
- blocked means that the "referer" field appears in the request header, but its value has been removed by the firewall or proxy server; these values are strings that do not begin with "http://" or "https://";
- server_names means the "referer" request header field contains a server name;
- string means defining the server name and optional uri prefix. The server name can contain "*" at the beginning or end. The server port in the "referer" field was ignored during the check;
- Anti-hotlink small case
touch test_referer.html (In the /op/app/code directory)
<html> <head> <meta charset="utf-8"> <title>imooc1</title> </head> <body style="background-color:red;"><br data-filtered="filtered"> <h1 id="张彪">张彪</h1> <img src="/static/imghw/default1.png" data-src="http://192.168.1.112/wei.png" class="lazy" / alt="How to configure Nginx cross-domain access and anti-leeching" > </body> </html>
If the anti-hotlink configuration is not transferred from the www.zhangbiao.com domain name, an error will be reported
location ~ .*\.(jpg|gif|png)$ {
valid_referers none blocked www.zhangbiao.com;
if ($invalid_referer) {
return 403;
}
root /opt/app/code/images;
}
location ~ /test_refer.html {
root /opt/app/code;
}http://192.168.1.112/test_refer.html
http://www.zhangbiao.com/test_refer.html
##Allow other websites to access your website resource configuration 
The above is the detailed content of How to configure Nginx cross-domain access and anti-leeching. For more information, please follow other related articles on the PHP Chinese website!
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
AI Hentai Generator
Generate AI Hentai for free.
Hot Article
Hot Tools
Notepad++7.3.1
Easy-to-use and free code editor
SublimeText3 Chinese version
Chinese version, very easy to use
Zend Studio 13.0.1
Powerful PHP integrated development environment
Dreamweaver CS6
Visual web development tools
SublimeText3 Mac version
God-level code editing software (SublimeText3)
Hot Topics
1377
52
How to check the running status of nginx
Apr 14, 2025 am 11:48 AM
The methods to view the running status of Nginx are: use the ps command to view the process status; view the Nginx configuration file /etc/nginx/nginx.conf; use the Nginx status module to enable the status endpoint; use monitoring tools such as Prometheus, Zabbix, or Nagios.
How to configure load balancing in nginx
Apr 14, 2025 am 08:33 AM
How to configure Nginx for load balancing? Defines the upstream server pool and specifies the server IP and port. Define virtual hosts, listen for connections and forward them to the upstream pool. Specify the location, match the request and forward it to the upstream pool.
How to redirect in nginx
Apr 14, 2025 am 08:42 AM
Methods for redirecting through Nginx are 301 permanent redirects (update links or mobile pages) and 302 temporary redirects (handling errors or temporary changes). Configuring redirection involves using location directives in server blocks, advanced features include regular expression matching, proxy redirection, and condition-based redirection. Common uses of redirects include updating URLs, handling errors, redirecting HTTP to HTTPS, and guiding users to a specific country or language version.
How to enable stream in nginx
Apr 14, 2025 am 09:45 AM
How to enable Nginx's Stream module? Enabling the Stream module requires six steps: Installing the Stream module configuration Nginx Create Stream Server Block Configuration Stream Server Options Restart Nginx Verification Enable
How to solve the problem of nginx cross-domain
Apr 14, 2025 am 10:15 AM
There are two ways to solve the Nginx cross-domain problem: modify the cross-domain response header: add directives to allow cross-domain requests, specify allowed methods and headers, and set cache time. Use CORS modules: Enable modules and configure CORS rules that allow cross-domain requests, methods, headers, and cache times.
How to solve nginx403
Apr 14, 2025 am 10:33 AM
How to fix Nginx 403 Forbidden error? Check file or directory permissions; 2. Check .htaccess file; 3. Check Nginx configuration file; 4. Restart Nginx. Other possible causes include firewall rules, SELinux settings, or application issues.
How to build a website in nginx
Apr 14, 2025 am 11:21 AM
Using Nginx to build a website is carried out in five steps: 1. Install Nginx; 2. Configure Nginx, mainly configuring the listening port, website root directory, index file and error page; 3. Create website files; 4. Test Nginx; 5. Advanced configuration can be carried out as needed, such as SSL encryption, reverse proxy, load balancing and caching.
How to set nginx access address to server ip
Apr 14, 2025 am 11:36 AM
To set the access address to server IP in Nginx, configure the server block, set the listening address (such as listen 192.168.1.10:80) Set the server name (such as server_name example.com www.example.com), or leave it blank to access the server IP and reload Nginx to apply the changes
