Having Hotlink Protectin problem in nginx
Posted
by
Ayaz Malik
on Server Fault
See other posts from Server Fault
or by Ayaz Malik
Published on 2010-12-10T11:26:16Z
Indexed on
2011/01/31
23:28 UTC
Read the original article
Hit count: 408
Hello, i am having image hotlink protection problem in my nginx need help. i have a huge issue of my site's images being submited to social networks like stumbleupon with direct link ... xxxxx.jpg
which some times get huge traffic and increases cpu usage plus bandwidth usage. what i am trying to do is block direct access to image from other refrers and hotlink protection.
Here is the code from my vhost.conf
server {
access_log off;
error_log logs/vhost-error_log warn;
listen 80;
server_name mydomain.com www.mydomain.com;
# uncomment location below to make nginx serve static files instead of Apache
# NOTE this will cause issues with bandwidth accounting as files wont be logged
location ~* \.(gif|jpg|jpeg|png|wmv|avi|mpg|mpeg|mp4|htm|html|js|css)$ {
root /home/username/public_html;
expires 1d;
}
root /home/mydomain/public_html;
}
location / {
client_max_body_size 10m;
client_body_buffer_size 128k;
proxy_send_timeout 90;
proxy_read_timeout 90;
proxy_buffer_size 4k;
# you can increase proxy_buffers here to suppress "an upstream response
# is buffered to a temporary file" warning
proxy_buffers 16 32k;
proxy_busy_buffers_size 64k;
proxy_temp_file_write_size 64k;
proxy_connect_timeout 30s;
proxy_redirect http://www.mydomain.com:81 http://www.mydomain.com;
proxy_redirect http://mydomain.com:81 http://mydomain.com;
proxy_pass http://ip_address/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
expires 24h;
}
}
So for hotlink protection i added this code :
location ~* (\.jpg|\.png|\.gif|\.jpeg)$ {
valid_referers blocked www.mydomain.com mydomain.com;
if ($invalid_referer) {
return 403;
}
This is how the current nginx code for this domain looks like but didn't worked:
server {
access_log off;
error_log logs/vhost-error_log warn;
listen 80;
server_name mydomain.com www.mydomain.com;
# uncomment location below to make nginx serve static files instead of Apache
# NOTE this will cause issues with bandwidth accounting as files wont be logged
location ~* \.(gif|jpg|jpeg|png|wmv|avi|mpg|mpeg|mp4|htm|html|js|css)$ {
root /home/username/public_html;
expires 1d;
}
root /home/mydomain/public_html;
}
location ~* (\.jpg|\.png|\.gif|\.jpeg)$ {
valid_referers blocked www.mydomain.com mydomain.com;
if ($invalid_referer) {
return 403;
}
location / {
client_max_body_size 10m;
client_body_buffer_size 128k;
proxy_send_timeout 90;
proxy_read_timeout 90;
proxy_buffer_size 4k;
# you can increase proxy_buffers here to suppress "an upstream response
# is buffered to a temporary file" warning
proxy_buffers 16 32k;
proxy_busy_buffers_size 64k;
proxy_temp_file_write_size 64k;
proxy_connect_timeout 30s;
proxy_redirect http://www.mydomain.com:81 http://www.mydomain.com;
proxy_redirect http://mydomain.com:81 http://mydomain.com;
proxy_pass http://ip_address/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
expires 24h;
}
}
Thank you in advance :)
cheers
© Server Fault or respective owner