Nginx-Referer anti-leech Protection

The content includes:
1 nginx Referer Module
2 valid_referers command
3. Test nginx anti-leech Protection


1 nginx Referer Module
When a request headerReferer FieldContains some incorrect fields. This module can prohibit this request from accessing the site.
This header can be forged at will. Therefore, use this module andCannot block these requests 100%The vast majority of rejected requests come from some typical browsers. It can be considered that these typical browsers do not provide a "Referer" header, or even those correct requests.


2 valid_referers command
Syntax: valid_referers [none | blocked | server_names]…
Default Value: No
Field used:Server, location
This command assigns a value to the $ invalid_referer Variable Based on the referer header.The value is 0 or 1..
You can use this command to implement the anti-leech function. If the list of valid_referersNo referer header value in, $ Invalid_referer will be set to 1.
Parameters can be in the following format:
None indicates a nonexistent referer header (indicating null, that is, direct access,For example, open it in a browser.One image)
Blocked means to disguise the referer header Based on the firewall, for example, "Referer: xxxxxxx ".
Server_names is a list of one or more servers. It can be named after version 0.5.33.Use the "*" wildcard.

650) This. width = 650; "Title =" 1.png" alt = "wkiol1plonhisjvfaacdlonl8la150.jpg" src = "http://s3.51cto.com/wyfs02/M00/3F/8F/wKioL1PLONHiSJVfAACdLOnl8LA150.jpg"/>

3 Test
3.1 normal Referer
Firefox (get) http://bbs.test.com/uc_server/images/noavatar_small.gif

3.1.1 original request header information
Accept text/html, application/XHTML + XML, application/XML; q = 0.9, */*; q = 0.8
Accept-encoding gzip, deflate
Accept-language ZH-CN, ZH; q = 0.8, en-US; q = 0.5, en; q = 0.3
Connection keep-alive
Host bbs.test.com
User-Agent Mozilla/5.0 (X11; Ubuntu; Linux x86_64; RV: 14.0) Gecko/20100101 Firefox/14.0.1

3.1.2 nginx log format

650) This. width = 650; "Title =" 2.png" alt = "wkiol1ploqoigrz_aacpifxxcto364.jpg" src = "http://s3.51cto.com/wyfs02/M01/3F/8F/wKioL1PLOQOiGRz_AACpIFXxCTo364.jpg"/>

3.1.3 nginx log Referer Field
10.0.100.82--[24/Aug/2014: 10: 50: 00 + 0800] "Get/HTTP/1.1" 200 6166"-""Mozilla/5.0 (X11; Ubuntu; Linux x86_64; RV: 14.0) Gecko/20100101 Firefox/14.0.1" 192.168.4.33 # Note: "-" indicates blank Referer, open an image in the browser.


3.2. Use Referer anti-leech Protection
3.2.1 nginx code

650) This. width = 650; "Title =" 3.png" alt = "wkiom1plobha4wq4aadifhk8xms015.jpg" src = "http://s3.51cto.com/wyfs02/M01/3F/8F/wKiom1PLOBHA4wQ4AADifHK8Xms015.jpg"/>

3.2.2 Firefox URL
URL: http: // 192.168.57.75/index.html

650) This. width = 650; "Title =" 4.png" alt = "wkiom1plodcale58aae_647zlym109.jpg" src = "http://s3.51cto.com/wyfs02/M02/3F/8F/wKiom1PLODCALE58AAE_647ZlYM109.jpg"/>

Note: index.html includes noavatar_small.gif

3.2.3 original request header information
Accept image/PNG, image/*; q = 0.8, */*; q = 0.5
Accept-encoding gzip, deflate
Accept-language ZH-CN, ZH; q = 0.8, en-US; q = 0.5, en; q = 0.3
Connection keep-alive
Host bbs.test.com
RefererHttp: // 192.168.57.75/
User-Agent Mozilla/5.0 (X11; Ubuntu; Linux x86_64; RV: 14.0) Gecko/20100101 Firefox/14.0.1

3.2.4 nginx log Referer Field
192.168.4.33--[24/Aug/2014: 10: 55: 05 + 0800] "Get/Uc_server/images/noavatar_small.gifHTTP/1.1 "403 162" http: // 192.168.57.75/"" Mozilla/5.0 (X11; Ubuntu; Linux x86_64; RV: 14.0) Gecko/20100101 Firefox/14.0.1 "-

 

Reprinted from: http://dngood.blog.51cto.com/446195/1033362

 

This article from "Zheng Yansheng" blog, please be sure to keep this source http://467754239.blog.51cto.com/4878013/1440464

Nginx-Referer anti-leech Protection