nginx启用ngx_http_referer_module模块配置图片防盗链

辛辛苦苦制作的博文配置被盗用，不仅浪费自己的心血，还浪费服务器的流量和带宽，着实气人，找到一个nginx图片防盗链的配置方法。

环境：

• nginx 1.14.0 ；
• CentOS 7.5 x64；

配置：

我的nginx安装过程基于这篇文章搭建：centos7通过编译源码的方式安装nginx，然后我的配置文件位于/etc/nginx/conf.d/4spaces.conf，增加下列配置：

location ~*\.(gif|jpg|jpeg|png|bmp|swf)$ {
    valid_referers none blocked server_names *.4spaces.org *.chinahol.com *.weiyanzixun.com *.aitlp.com ~\.google\. ~\.bing\.;
    expires 15d;
    if ($invalid_referer) {
        #return 403;
        rewrite ^/ https://i.loli.net/2019/03/29/5c9dc199caf82.jpg; 
    }   
}

完整配置：

server {
   listen 443 ssl http2;
   server_name 4spaces.org www.4spaces.org;
   index  index.php index.html index.htm;
   root   /usr/share/nginx/4spaces;
   add_header X-Frame-Options DENY;
   add_header X-Content-Type-Options nosniff;

   ssl_certificate /etc/letsencrypt/live/4spaces.org/fullchain.pem;
   ssl_certificate_key /etc/letsencrypt/live/4spaces.org/privkey.pem;
   ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
   ssl_ciphers EECDH+CHACHA20:EECDH+CHACHA20-draft:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
   ssl_prefer_server_ciphers on;
   ssl_session_cache shared:SSL:10m;
   ssl_session_timeout 60m;

    location / {
        try_files $uri $uri/ /index.php?$args;  #修改内容
    }

    location ~*\.(gif|jpg|jpeg|png|bmp|swf)$ {
        valid_referers none blocked server_names *.4spaces.org *.chinahol.com *.weiyanzixun.com *.aitlp.com ~\.google\. ~\.bing\.;
        expires 30d;
        if ($invalid_referer) {
            #return 403;
            rewrite ^/ https://i.loli.net/2019/03/29/5c9dc199caf82.jpg; 
        }   
    }

    #修改此处内容支持php
    location ~ \.php$ {
        fastcgi_pass   127.0.0.1:9000;
        fastcgi_index  index.php;
        fastcgi_param  SCRIPT_FILENAME  $document_root/$fastcgi_script_name;
        include        fastcgi_params;
    }

}

参考：

1. Module ngx_http_referer_module；
2. Nginx配置图片防盗链；
3. ngx_http_referer_module模块；