介绍
防盗链,通俗讲,就是不让别人盗用你网站上的资源。这个资源,通常指的是图片、视频、歌曲、文档等。
配置
-
配置防盗链先编辑主机配置文件:
-
#vim /usr/local/apache2.4/conf/extra/httpd-vhosts.conf
<VirtualHost *:80>
ServerAdmin webmaster@dummy-host.example.com
DocumentRoot “/usr/local/apache2.4/docs/www.111.com”
ServerName www.111.com
ServerAlias 111.com
<Directory /usr/local/apache2.4/docs/www.111.com>
SetEnvIfNoCase Referer “http://www.111.com” local_ref
SetEnvIfNoCase Referer “http://111.com” local_ref
SetEnvIfNoCase Referer “^$” local_ref
<filesmatch “.(txt|doc|mp3|zip|rar|jpg|gif)”>
Order Allow,Deny
Allow from env=local_ref
< /filesmatch>
< /Directory>
ErrorLog “logs/111.com-error_log”
CustomLog “logs/111.com-access_log” combined
< /VirtualHost> -
//首先定义允许访问链接的referer,其中^$为空referer,
//当直接在浏览器里输入图片地址去访问它时,它的referer就为空。 -
#/usr/local/apache2.4/bin/apachectl -t
Syntax OK -
#/usr/local/apache2.4/bin/apachectl graceful
配置验证
- #curl -e “http://www.douxue.com/123.php” -xlocalhost:80 www.111.com/image/111.jpg -I
状态码为403,其中-e参数表示请求的来源
curl -e “http://www.111.com/123.php” -xlocalhost:80 www.111.com/image/111.jpg -I - #curl -xlocalhost:80 www.111.com/image/linux.jpg -I
空referer为白名单网页访问,状态码为200