nginx referer限制

nginx referer限制

如果用类似$http_referer来正则判断,然后做处理,类似下面这种是不可行的.

       if ($http_referer ~* "www.baidu.com") {
           rewrite ^/(.*)$ http://www.lishiming.net redirect;
       }

因为压根就没有$http_referer这个变量了.所有变量都在这了.http://nginx.org/en/docs/varindex.html

唯一可以找到跟referer有关系的大概就是$invalid_referer了.他得用法详见http://nginx.org/en/docs/http/ngx_http_referer_module.html

valid_referers none blocked server_names
               *.example.com example.* www.example.org/galleries/
               ~\.google\.;

if ($invalid_referer) {
    return 403;
}

有个例子是上面这样的,配合valid_referer用,设置一些合法的referer,然后剩下的就是$invalid_referer,之后用if 处理就简单很多了.

server_names 有两种表示法,一般的字符串和正则的,看e文就可以咯.简单明了.主要是我怕我翻译的有问题,误人子弟就不好了..

  • arbitrary string
    defines a server name and an optional URI prefix. A server name can have an “*” at the beginning or end. During the checking, the server’s port in the “Referer” field is ignored;
  • regular expression
    the first symbol should be a “~”. It should be noted that an expression will be matched against the text starting after the “http://” or “https://”.

你可能感兴趣的:(nginx)