由于服务器最近几天被入侵，在分析日志的时候发现很多盗链请求。所以顺手给Nginx加了个防盗链配置。

配置内容：

location ~* .(js|css|png|jpg|jpeg|gif|ico|bmp|swf|flv|mp3|wma)$ {
        expires max;
        log_not_found off;
        referer_hash_bucket_size 64;
        referer_hash_max_size 2048;
        valid_referers none blocked server_names
            *.biaodianfu.com
            *.sogoucdn.com
            *.baidu.com
            ~.google.;
        if ($invalid_referer) {
            rewrite ^/ http://img02.sogoucdn.com/v2/thumb/resize/zi/on/retype/ext/auto?appid=100140033&url=https://www.biaodianfu.com/wp-content/uploads/2019/11/bg_link.jpg;
            #return 403;}
    }

指令说明：

valid_referers [none | blocked | server_names]

• none：refer头缺席被认为是有效的；
• blocked：由防火墙伪装的referer被认为有效；如XXXXXX
• server_names：被指定的名字被认为是有效的；

The post Nginx开启图片防盗链配置 appeared first on 标点符.