listen 192.168.8.208:80;
server_name www.abc.com abc.com;
access_log off;
rewrite ^/download/(.*)/(.*)\.exe$ /download/$2.exe?key=$1 last;
location / {
root /var/www/abc.com;
index index.html index.htm index.php;
location /download {
# location ~ .*\.(gz|exe)$ {
accesskey on;
accesskey_hashmethod md5;
accesskey_arg "key";
accesskey_signature "password$remote_addr";
}
location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$ {
expires 30d;
valid_referers none blocked *.abc.com *.abc.cn;
if ($invalid_referer) {
#rewrite ^/ http://www.abc.com/404.jpg;
return 404;
}
}
location ~ .*\.(js|css)$ {
expires 7d;
}
location ~ .*\.(htm|html)$ {
expires 900s;
}
}
#error_page 404 =200 http://$host;
#error_page 404 /404.html;
location ~ \.php$ {
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /var/www/abc.com/$fastcgi_script_name;
include fastcgi_params;
}
}
===============================================================================
location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$ {
expires 30d;
valid_referers none blocked *.abc.com *.abc.cn;
if ($invalid_referer) {
#rewrite ^/ http://www.abc.com/404.jpg;
return 404;
}
}
常用防盗链方式.
location /download {
accesskey on;
accesskey_hashmethod md5;
accesskey_arg "key";
accesskey_signature "password$remote_addr";
}
这就是NginxHttpAccessKeyModule防盗链,效果很好,可以防迅雷,但也存在个问题,就是用IE6下载.exe文件保存到本地,文件没后缀,比如下载test.exe,下载到本地后就变成test了.没有.exe,显然这样不行,先说下这种方式的PHP调用:
<?php
echo $_SERVER['REMOTE_ADDR']."<br/>";
echo "<a href=http://www.abc.com/download/".md5("password".$_SERVER['REMOTE_ADDR'])."/test.exe>test.exe</a>"."<br>";
echo "<a href=http://www.abc.com/download/my.tar.gz?key=".md5("password".$_SERVER['REMOTE_ADDR']).">my.tar.gz</a>";
?>
效果:
test.exe http://www.abc.com/download/baf8330ea62a5e52390cc907ae36dfca/test.exe
my.tar.gz http://www.abc.com/download/my.tar.gz?key=baf8330ea62a5e52390cc907ae36dfca
NginxHttpAccessKeyModule防盗链调用效果应该是 my.tar.gz,为什么test.exe是另外一招写法,这种写法结合了rewrite,就解决了上面说的exe文件保存后没后缀的问题,是不是觉得很有才,可惜不是我想出来的,这也是NginxHttpAccessKeyModule防盗链的一个BUG吧,rewrite就很简单:
rewrite ^/download/(.*)/(.*)\.exe$ /download/$2.exe?key=$1 last;