In today's digital age, website content is like a precious treasure, while thieves are like hateful thieves trying to steal these treasures without effort. Imagine that you worked hard to create an exquisite website full of valuable pictures, videos, files and other resources. However, some unethical websites directly reference your resources through link stealing, which not only occupies your bandwidth, but may also affect the normal access and user experience of your website. This is like the orchard you carefully cultivated. The fruits were secretly picked by others before you could pick them. Are you angry? Therefore, in order to protect our website resources, it is crucial to configure anti-theft links in Nginx.
1. What is chain stealing?
In simple and easy-to-understand words, others directly link to your website’s resources on their website without your permission, so that users who visit their website can directly obtain your resources. For example, there is a beautiful picture on your website and another website passes<img src="Link of pictures on your website">This way you display your images on their pages is the thief.
The harm of chain stealing is not small. It is like a vampire that will suck your server resources and bandwidth. If the traffic of theft link is too high, it may cause your website to become slow or even inaccessible, like an overloaded truck that can no longer run. Moreover, this infringes on your rights, after all, these resources are prepared by you for spending time and energy.
2. The principle of Nginx anti-theft chain
Nginx anti-theft chain is mainly through the request headerRefererThe fields are checked and judged to achieve.RefererThe field records the source address of the requested resource. It's like the sender's address on a courier package telling us where the request comes from.
Nginx can be based on the rules you set,RefererThe field is analyzed. If it does not meet the legal source you set, then Nginx will reject the request, thereby achieving the purpose of anti-theft chain.
3. Nginx anti-theft chain configuration steps
Below, let’s take a look at how to configure anti-theft links in Nginx to add a solid lock to our website resources.
- Open the Nginx configuration file
Usually, Nginx's configuration file is located in/etc/nginx/Or your customized configuration file path. You can open it with your favorite text editor, e.g.viornano 。
- Add anti-theft link configuration
existserverIn the block, add the following anti-theft chain configuration:
location ~* \.(jpg|jpeg|png|gif|bmp|swf|flv|mp4|mp3|wav|wma|wmv|zip|rar|gz|bz2|pdf|doc|docx|xls|xlsx|ppt|pptx) {
valid_referers none blocked *.;
if ($invalid_referer) {
return 403;
}
}
Let's disassemble this configuration:
-
location ~* \.(jpg|jpeg|png|gif|bmp|swf|flv|mp4|mp3|wav|wma|wmv|zip|rar|gz|bz2|pdf|doc|docx|xls|xlsx|ppt|pptx): This part indicates that the file matching with the specified extension. -
valid_referers none blocked *.;: The legal one is defined hereRefererSource.noneIndicates that there is noRefererThe request for the header is legal.blockedexpressRefererThe request that the header is hidden by the firewall or proxy server is legal.*.It means that the request from your own domain name is legal. -
if ($invalid_referer) { return 403; }:ifRefererIf it is illegal, return the status code 403 prohibited access.
- Save the configuration and restart Nginx
After completing the configuration, save the file and restart the Nginx service through the following command to make the configuration take effect:
sudo service nginx restart
IV. Practical application examples of anti-theft chain configuration
In order to give you a clearer understanding of the actual effect of the anti-theft chain configuration, let me tell you a little story.
Suppose you have an image sharing website, there are many beautiful pictures inside. One day, you found an unknown websiteThe picture of your website was displayed directly on their page, and the traffic was quite large, which made you very angry.
So, you quickly configure the anti-theft chain in Nginx according to the above steps, and only allow it to come fromRequests for its subdomain to access image resources.
After the configuration is completed, whenWhen you try to steal your image again, a big error will appear on their page and the image cannot be displayed. Users who visit your website normally will not be affected by any influence and can still enjoy your pictures.
It's like you set up a solid door in front of your treasure, only holding the key you gave (legalReferer) people can enter, while those thieves (link thieves) can only be discouraged.
5. Frequently Asked Questions and Solutions
You may encounter some problems when configuring Nginx anti-theft links. Don't worry, here are some common problems and solutions for you.
- The configuration is effective but the link can still be stolen
If you find that the configuration has taken effect, but there are still link stolen, first check whether your configuration is correct, especiallyvalid_referersWhether the rules in cover all possible legal sources. In addition, some advanced link stealing methods may be forged.RefererHead, at this time you may need to consider using more complex anti-theft link methods, such as combining IP restrictions or using verification codes.
- Incorrectly intercept legal requests
Sometimes, legal requests may be intercepted by mistake, causing normal users to be unable to access resources. At this point, you need to double-check your rules to see if they are too strict. You can view Nginx's access log, analyze intercepted requests, find out the problem, and then adjust the rules.
- The configuration does not take effect
If the configuration does not take effect, first make sure that you saved the configuration file correctly and restarted the Nginx service. If it still doesn't work, check the error log of Nginx to see if there are any related error prompts, and troubleshoot and resolve them according to the prompts.
6. Summary
By configuring anti-theft links in Nginx, we can effectively protect the resources of the website and prevent them from being stolen by unethical link thieves. It's like putting a layer of solid armor on our website, allowing our efforts and efforts to be rewarded as they deserve.
However, anti-theft chain is not a one-time solution. With the development of technology, the means of chain stealing may also change. Therefore, we must always be vigilant, constantly improve and optimize our anti-theft link strategy, so that our website can thrive in a safe environment.
This is the end of this article about the method of configuring anti-theft links in Nginx. For more related content on configuring anti-theft links in Nginx, please search for my previous articles or continue browsing the related articles below. I hope everyone will support me in the future!