服务器防盗链
假设域名为www.localhost.com
1.apache配置httpd.conf
SetEnvIfNoCase Referer "^http://www.localhost.com/" local_ref=1 <FilesMatch ".(gif|jpg)"> Order Allow,Deny Allow from env=local_ref </FilesMatch>
2.apache配置.htaccess
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www.)?localhost.com /.*$ [NC]
RewriteRule .(gif|jpg)$ http://www.localhost.com/noAllowed.gif [R,L] #####设置非指定域名下的防盗链图片展示
3.nginx设置/usr/local/nginx/conf/nginx.conf这个文件,将如下代码匹配在server{ }段里面即可
location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
{
expires 30d;
valid_referers www.locahost.com;
if ($invalid_referer) {
return 403;#禁止访问
#rewrite ^(.*)$ 403.jpg ###设置防盗链提示图片
}
}
45.php设置
<?php
//获取referer 浏览器打开的页面没有referer
if(isset($_SERVER[‘HTTP_REFERER‘]))
{
if(strpos($_SERVER[‘HTTP_REFERER‘],"http://www.localhost.com/")==0)
{
...
} else {
header("Location:403.php");//跳转页面到warning.php
}
} else header("Location:403.php");
?>
原文:http://www.cnblogs.com/isuben/p/7061419.html