防盗链演示
1、安装配置DNS域名解析服务
[root@localhost ~]# yum install bind -y
[root@localhost ~]# vim /etc/named.conf
options {
listen-on port 53 { any; };
...
allow-query { any; };
[root@localhost ~]# vim /etc/named.rfc1912.zones
zone "accp.com" IN { type master;
file "accp.com.zone";
allow-update { none; };
};
[root@localhost ~]# cd /var/named/
[root@localhost named]# cp -p named.localhost accp.com.zone
#复制模板文件
[root@localhost named]# vim accp.com.zone
$TTL 1D
@ IN SOA @ rname.invalid. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS @
A 127.0.0.1
www IN A 192.168.235.158
#IP地址指向本机地址
[root@localhost named]# systemctl start named
[root@localhost named]# systemctl stop firewalld.service
[root@localhost named]# setenforce 02、打开一台Win7虚拟机,搭建盗链网站。创建一个网页内容,修改后缀为index.html
<html>
<head>
<title>云计算</title>
</head>
<body>
<h2>this is test web</h2>
<img src="http://www.accp.com/game.jpg"/>
</body>
</html>3、搭建网站
4、修改首选DNS服务器地址
5、分别访问原网站和盗链网站
6、修改Nginx.conf文件
[root@localhost named]# vim /usr/local/nginx/conf/nginx.conf
location ~*\.(jpg|gif|swf)$ {
#支持格式
valid_referers none blocked *.accp.com accp.com;
#允许用accp.com为后缀访问
if ( $invalid_referer ) {
#判断是否被盗链
rewrite ^/ http://www.accp.com/error.png;
#判定被盗链就跳转错误图片
}
}
[root@localhost named]# cp /abc/error.png /usr/local/nginx/html/
[root@localhost named]# systemctl stop nginx
[root@localhost named]# systemctl start nginx7、再次访问盗链网页,验证防盗效果
感谢大家的一度支持!!
