Cross-domain access control

Cross-domain access

How nginx configures cross-domain access

• syntax:add_header name value [always];

• default:—

• context:http, server, location, if in location

• add_header name value [always];

• name represents the key returned by the response header

• value represents the response header The value corresponding to the returned key

• add_header cross-domain configuration

location ~ .*\.(htm|html)$ { add_header access-control-allow-origin *; add_header access-control-allow-methods get,post,put,delete,options; root /opt/app/code; }

Copy after login

Anti-hotlinking

• #Prevent resources from being misappropriated.

• Prevent abnormal user access, occupy website resources, affect website performance, and will inevitably affect normal user access

Based on http_referer anti-hotlinking Configuration module

valid_referers none blocked server_names *.example.com example.* www.example.org/galleries/ ~\.google\.; if ($invalid_referer) { return 403; }

referer_hash_bucket_size syntax

##syntax: referer_hash_bucket_size size;
default: referer_hash_bucket_size 64;
context: server, location
Syntax explanation:

referer_hash_bucket_size size; indicates that the setting is valid The storage size of the reference hash table.

syntax: referer_hash_max_size size;
default: referer_hash_max_size 2048;
context: server, location
Syntax explanation:

referer_hash_max_size size; means setting the maximum size of the effective referrer hash table .

syntax: valid_referers none | blocked | server_names | string ...;
default: —
context: server, location

• ## Syntax explanation:

• none indicates that the "referer" field is missing in the request header;

• blocked means that the "referer" field appears in the request header, but its value has been removed by the firewall or proxy server; these values are strings that do not begin with "http://" or "https://";

• server_names means the "referer" request header field contains a server name;

• string means defining the server name and optional uri prefix. The server name can contain "*" at the beginning or end. The server port in the "referer" field was ignored during the check;
Anti-hotlink small case

touch test_referer.html (In the /op/app/code directory)

    
 
　　 
张彪
   

If the anti-hotlink configuration is not transferred from the www.zhangbiao.com domain name, an error will be reported

location ~ .*\.(jpg|gif|png)$ { valid_referers none blocked www.zhangbiao.com; if ($invalid_referer) { return 403; } root /opt/app/code/images; } location ~ /test_refer.html { root /opt/app/code; }

http://192.168.1.112/test_refer.html

http://www.zhangbiao.com/test_refer.html

The above is the detailed content of How to configure Nginx cross-domain access and anti-leeching. For more information, please follow other related articles on the PHP Chinese website!