Nginx配置静态资源缓存时间及实现防盗链

[root@fudanwuxi ~]# mkdir /root/software
[root@fudanwuxi ~]# cd /root/software/
[root@fudanwuxi software]# rz
rz waiting to receive.
Starting zmodem transfer.  Press Ctrl+C to cancel.
Transferring jdk-8u181-linux-x64.tar.gz...
  100%  181295 KB    7882 KB/sec    00:00:23       0 Errors   
Transferring apache-tomcat-8.5.32.tar.gz...
  100%    9360 KB    9360 KB/sec    00:00:01       0 Errors  

[root@fudanwuxi software]# 
  • 解压JDK到/user/local/
[root@fudanwuxi software]# tar xzvf jdk-8u181-linux-x64.tar.gz -C /usr/local/
  • 查看JAVA是否安装成功
[root@fudanwuxi software]# cd /usr/local/jdk1.8.0_181/bin/
[root@fudanwuxi bin]# ./java -version
java version "1.8.0_181"
Java(TM) SE Runtime Environment (build 1.8.0_181-b13)
Java HotSpot(TM) 64-Bit Server VM (build 25.181-b13, mixed mode)
[root@fudanwuxi bin]# 
  • 配置环境变量
[root@fudanwuxi bin]# vi /etc/profile  #新增下面三行
export JAVA_HOME=/usr/local/jdk1.8.0_181
export CLASSPATH=.:$JAVA_HOME/lib
export PATH=$PATH:$JAVA_HOME/bin

[root@fudanwuxi bin]# source /etc/profile
  • 关闭selinux
[root@fudanwuxi bin]# getenforce 
Enforcing
[root@fudanwuxi bin]# setenforce 0
[root@fudanwuxi bin]# getenforce  
Permissive
  • 安装Nginx
[root@fudanwuxi bin]# cd /etc/yum.repos.d/
[root@fudanwuxi yum.repos.d]# vim nginx.repo
[nginx]
name=nginx repo
baseurl=http://nginx.org/packages/centos/7/$basearch/
gpgcheck=0
enabled=1

[root@fudanwuxi yum.repos.d]# yum install nginx
[root@fudanwuxi yum.repos.d]# systemctl start nginx
[root@fudanwuxi yum.repos.d]# systemctl enable nginx

Nginx配置静态资源缓存时间及实现防盗链

  • 隐藏Nginx版本号
[root@fudanwuxi ~]# curl -I http://192.168.10.158
HTTP/1.1 200 OK
Server: nginx/1.14.0  #版本号
Date: Thu, 23 Aug 2018 02:22:14 GMT
Content-Type: text/html
Content-Length: 612
Last-Modified: Tue, 17 Apr 2018 15:48:00 GMT
Connection: keep-alive
ETag: "5ad61730-264"
Accept-Ranges: bytes

[root@fudanwuxi ~]# vi /etc/nginx/nginx.conf  
     21     server_tokens off;  #新增
     22     access_log  /var/log/nginx/access.log  main;

[root@fudanwuxi ~]# systemctl restart nginx
[root@fudanwuxi ~]# curl -I http://192.168.10.158
HTTP/1.1 200 OK
Server: nginx  #版本号隐藏了
Date: Thu, 23 Aug 2018 02:24:46 GMT
Content-Type: text/html
Content-Length: 612
Last-Modified: Tue, 17 Apr 2018 15:48:00 GMT
Connection: keep-alive
ETag: "5ad61730-264"
Accept-Ranges: bytes
  • 在Nginx首页添加一张图片
[root@fudanwuxi conf.d]# cd /usr/share/nginx/html/
[root@fudanwuxi html]# rz
rz waiting to receive.
Starting zmodem transfer.  Press Ctrl+C to cancel.
Transferring wuxier.jpg...
  100%       5 KB       5 KB/sec    00:00:01       0 Errors  

[root@fudanwuxi html]# cp index.html index.html.bak
[root@fudanwuxi html]# vi index.html  #在首页中添加刚上传的图片
     13 <body>
     14 <img src=http://192.168.10.158/wuxier.jpg>  #新增,wuxier.jpg就是刚上传的图片
     15 <h1>Welcome to nginx!</h1>
     16 <p>If you see this page, the nginx web server is successfully installed and
     17 working. Further configuration is required.</p>
     18 
     19 <p>For online documentation and support please refer to
     20 <a href="http://nginx.org/">nginx.org</a>.<br/>
     21 Commercial support is available at
     22 <a href="http://nginx.com/">nginx.com</a>.</p>
     23 
     24 <p><em>Thank you for using nginx.</em></p>
     25 </body>
  • 配置静态资源缓存时间
[root@fudanwuxi html]# vim /etc/nginx/conf.d/default.conf  #新增以下内容
    location ~ .*\.(gif|jpg|png|jpeg|bmp|ico|css)$ {
        root   /usr/share/nginx/html;
        expires 2d;
}
[root@fudanwuxi html]# systemctl restart nginx 

Nginx配置静态资源缓存时间及实现防盗链

  • 修改windows的hosts文件

  • 修改虚拟主机 www.wuxier.cn 的配置文件
[root@fudanwuxi conf.d]# pwd
/etc/nginx/conf.d
[root@fudanwuxi conf.d]# cp default.conf wuxier.conf
[root@fudanwuxi conf.d]# ll
total 8
-rw-r--r--. 1 root root 1206 Aug 23 10:53 default.conf
-rw-r--r--. 1 root root  283 Aug 23 12:12 wuxier.conf

[root@fudanwuxi conf.d]# cat wuxier.conf 
server {
    listen       80;
    server_name  www.wuxier.cn;

    location / {
        root   /usr/share/nginx/html;
        index  index.html index.htm;
    }

    location ~ .*\.(gif|jpg|png|jpeg|bmp|ico|css)$ {
        root   /usr/share/nginx/html;
        expires 2d;
    }

}
[root@fudanwuxi conf.d]# systemctl restart nginx 

Nginx配置静态资源缓存时间及实现防盗链

  • 验证
  • 当访问的是taobao1时,如下图

Nginx配置静态资源缓存时间及实现防盗链
Nginx配置静态资源缓存时间及实现防盗链

  • 当访问的是taobao2时,如下图

Nginx配置静态资源缓存时间及实现防盗链

  • 源主机防盗链配置
[root@fudanwuxi conf.d]# cat wuxier.conf    
server {
    listen       80;
    server_name  www.wuxier.cn;

    location / {
        root   /usr/share/nginx/html;
        index  index.html index.htm;
    }

#    location ~ .*\.(gif|jpg|png|jpeg|bmp|ico|css)$ {
#        root   /usr/share/nginx/html;
#        autoindex on;
#        expires 2d;
#    }

    location ~*\.(jpg|png|gif|jpeg)$ {
           root  /usr/share/nginx/html;  #图片路径
           valid_referers none blocked  *.wuxier.cn  wuxier.cn  *.ajie.com  ajie.com;  #可以访问图片的白名单
           if ($invalid_referer) {  #如果来路不是指定的白名单来路,则返回下面的图片
           rewrite ^/ https://timgsa.baidu.com/timg?image&quality=80&size=b9999_10000&sec=1535013233040&di=64a20c24bd1e4906ad2eb7205fe3abec&imgtype=0&src=http%3A%2F%2Fd.hiphotos.baidu.com%2Fexp%2Fw%3D480%2Fsign%3D7953092ec195d143da76e52b43f18296%2F8ad4b31c8701a18bbc22f762972f07082938fed6.jpg; 
                }
                }

}
[root@fudanwuxi conf.d]# 
[root@fudanwuxi html]# systemctl restart nginx
  • 防盗链结果验证
  • 当访问taobao1的时候,因为taobao1之前是使用了 www.wuxier.cn/wuxier.jgp 图片,所以会返回盗链的图片,如下图

Nginx配置静态资源缓存时间及实现防盗链

  • 当访问taobao2的时候,如下图

Nginx配置静态资源缓存时间及实现防盗链

  • 当访问 www.wuxier.cn 的时候,如下图(白名单)

Nginx配置静态资源缓存时间及实现防盗链

  • 当访问 www.ajie.com 的时候,如下图(白名单)

Nginx配置静态资源缓存时间及实现防盗链

  • 当从配置文件wuxier.conf中将*ajie.com和ajie.com从白名单中删除后,再进行访问
[root@fudanwuxi conf.d]# vim /etc/nginx/conf.d/wuxier.conf 
server {
    listen       80;
    server_name  www.wuxier.cn;

    location / {
        root   /usr/share/nginx/html;
        index  index.html index.htm;
    }

#    location ~ .*\.(gif|jpg|png|jpeg|bmp|ico|css)$ {
#        root   /usr/share/nginx/html;
#        autoindex on;
#        expires 2d;
#    }

    location ~*\.(jpg|png|gif|jpeg)$ {
           root  /usr/share/nginx/html;
           valid_referers none blocked  *.wuxier.cn  wuxier.cn;  #将*.ajie.com和ajie.com删除
           if ($invalid_referer) {
           rewrite ^/ https://timgsa.baidu.com/timg?image&quality=80&size=b9999_10000&sec=1535013233040&di=64a20c24bd1e4906ad2eb7205fe3abec&imgtype=0&src=http%3A%2F%2Fd.hiphotos.baidu.com%2Fexp%2Fw%3D480%2Fsign%3D7953092ec195d143da76e52b43f18296%2F8ad4b31c8701a18bbc22f762972f07082938fed6.jpg; 
                }
                }

}
[root@fudanwuxi conf.d]# 

访问结果如下
Nginx配置静态资源缓存时间及实现防盗链

评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值