IIS7.5/apache/nginx anti-Leech configuration

IIS7.5 configure anti-Leech

1. Download Microsoft's own iis rewrite module: http://www.microsoft.com/downloads/zh-cn/details.aspx? Familyid = 1b8c7bd8-8824-4408-b8fc-49dc7f951a00
2. Modify the web. config of the website

Reference
<System. webServer>
<Rewrite>
<Rules>
<Rule name = "Prevent hotlinking">
<Match url = "^. * \. (rar | zip) $" ignoreCase = "true"/>
<Conditions>
<Add input = "{HTTP_REFERER}" pattern = "http://www.111cn.net/.*" negate = "true"/>
<Add input = "{HTTP_REFERER}" pattern = "http://m.111cn.net/.*" negate = "true"/>
</Conditions>
<Action type = "Rewrite" url = "/no.html"/>
</Rule>
</Rules>
</Rewrite>
</System. webServer>

Sets up rar, zip-type files that only allow http://www.111cn.net, http://m.111cn.net to call the website.

Apache anti-Leech configuration

The first implementation method of Apache anti-Leech protection can be implemented using Rewrite. First, check that the Apache rewrite module is available: to control the Apache httpd. conf file, open httpd. conf, and ensure that there is such a line of configuration:

LoadModule rewrite_module modules/mod_rewrite.so

Add the following code to the VM configuration:

ServerName www.111cn.net
# Anti-Leech configuration parameters
RewriteEngine On
RewriteCond % {HTTP_REFERER }! ^ Http://111cn.net/.#$ [NC]
RewriteCond % {HTTP_REFERER }! ^ Http://111cn.net $ [NC]
RewriteCond % {HTTP_REFERER }! ^ Http://www.111cn.net/.#$ [NC]
RewriteCond % {HTTP_REFERER }! ^ Http://www.111cn.net $ [NC]
RewriteRule. * \. (gif | jpg | swf) $ yun_qi_img/nolink.gif [R, NC]

Www.111cn.net indicates your trusted site. Gif | jpg | swf indicates the extension of the file to be protected (separated by | ). Nolink.gif redirection page/image after leeching. Used to output warning information. This picture should be as small as possible.

Some users use virtual hosts and have no control over the server. They cannot modify the httpd. conf file or restart the server. Make sure that your VM supports. htaccess, write the above configuration to the. htaccess file, and put it in the root directory or the directory where the image is located:

# Anti-Leech configuration
RewriteEngine On
RewriteCond % {HTTP_REFERER }! ^ Http://111cn.net/.#$ [NC]
RewriteCond % {HTTP_REFERER }! ^ Http://111cn.net $ [NC]
RewriteCond % {HTTP_REFERER }! ^ Http://www.111cn.net/.#$ [NC]
RewriteCond % {HTTP_REFERER }! ^ Http://www.111cn.net $ [NC]
RewriteRule. * \. (gif | jpg | swf) $ yun_qi_img/nolink.gif [R, NC]

By judging the value of the referer variable, you can determine whether the image or resource reference is valid. Only the referer within the set range can access the specified resource, thus implementing Anti-Leech (Anti-Leech). It should be noted that not all user proxies (browsers) will set the referer variable, and some can also manually modify the referer, that is, the referer can be forged. This article is just a simple protection method. Of course, it is enough to deal with General leeching.

Nginx anti-Leech configuration

I. General anti-Leech protection is as follows:

Location ~ * \. (Gif | jpg | png | swf | flv) $ {
Valid_referers none blocked www.xxx.com www.xxx.net;
If ($ invalid_referer ){
Rewrite ^/http://www.xxx.com/403.html;
# Return 404;
}
}

Line 1: gif | jpg | png | swf | flv
Anti-Leech protection is enabled for gif, jpg, png, swf, and flv files.
Row 2: www.ccvita.com www.phpq.net
Indicates to judge the two routes www.ccvita.com www.phpq.net.
The content in if {} indicates that if a route is not specified, the page will jump to the error page. Of course, it is also possible to directly return 404.

If you want to replace the image with an image, you will find that it will be replaced with a red cross. The solution is as follows:

Location ~ Error \. gif {
}

Location ~ \. (Jpg | gif | png | bmp ){
Valid_referers none blocked www.xxx.com www.xxx.net;
If ($ invalid_referer ){
Rewrite ^/yun_qi_img/error.gif;
}

2. Preventing leeching for image directories

Location/images /{
Alias/data/images /;
Valid_referers none blocked server_names * .xxx.com xxx.net;
If ($ invalid_referer) {return 403 ;}
}

3. Use the third-party module ngx_http_accesskey_module to implement Nginx anti-Leech protection

The implementation method is as follows:
1. Download NginxHttpAccessKeyModule Module File: Nginx-accesskey-2.0.3.tar.gz;
2. Unzip the file and find the config file under the nginx-accesskey-2.0.3. Edit this file: replace "$ HTTP_ACCESSKEY_MODULE" with "ngx_http_accesskey_module ";
3. Recompile nginx with the following parameters:

./Configure -- add-module = path/to/nginx-accesskey

4. Modify the nginx conf file and add the following lines:

Location/download {
Accesskey on;
Accesskey_hashmethod md5;
Accesskey_arg "key ";
Accesskey_signature "mypass $ remote_addr ";
}

Where:
The accesskey is a module switch;
Accesskey_hashmethod is the MD5 or SHA-1 encryption method;
Accesskey_arg is the keyword parameter in the url;
Accesskey_signature is the encryption value. Here it is a string consisting of mypass and access IP.