location ~*^.+\.(gif|jpg|jpeg|png|swf|fiv|rar|zip|doc|pdf|gz|bz2|bmp|xls)$
{
valid_referers none blocked server_name *.taobao.com *.baidu.com *.google.com *.google.cn *.soso.com;
#以上网站不做防盗链设置
if ($invalid_referer){
rewrite ^/ http://www.baidu/403.html;
return 403;
rewrite ^/http://www.baidu.com/nophoto.gif; #指定一个图片
}
}
访问控制(可用于负载均衡器对内网web服务器的访问)
server
{
listen 80;
server_name www.域名.com;
access_log /home/logs/bbs/access.log combined buffer=32k;
error_log /home/logs/bbs/error.log warn;
index index.html index.htm index.php;
root /usr/local/http;
allow 121.42.156.111; #允许这个ip访问
deny all; #除了allow项,deny所有的访问
}
nginx代理,负载均衡
主配置文件中修改
upstream bbs.非域名.com{
server 1.1.1.1:8080;
server 1.1.1.2:8080;
.....#上面是代理的内网web服务器ip
}
server {
listen 80;
server_name baidu.com; #用于访问的域名
proxy_pass bbs.非域名.com;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
access_log /home/logs/bbs.access combined;
}