Ruby Forum NGINX > hotlink protection for wordpress

Hello,

I tried to add some rewrite rule to block hotlinking from other web 
sites.
But the rules don't work, I go to my site (e.g. domain1.com), the images
won't load at all (using wordpress as the cms). Is there anything wrong 
for
my conf file? Thanks.

server {
        listen      123.123.123.123:80;
        server_name domain1.com www.domain1.com;

        #charset koi8-r;

        access_log  /home/logs/domain1.com.log;
    error_log /home/logs/domain1.com.error.log;

        location / {
            root   /home/user/docs;
            index  index.php index.html index.htm;
            include /usr/local/nginx/conf/wp-rewrite;
}

 location ~ \.(jpg|jpeg|png|gif)$ {
       valid_referers www.domain1.com blocked none;
               if ($invalid_referer) {
                       rewrite  ^(.*)$ /wp-content/uploads/av.gif break;
               }
       }

        location /zp {

            root   /home/user/docs;
            index  index.php;
            include /usr/local/nginx/conf/zp-rewrite;
        }


        error_page  404              /404.html;
        location = /404.html {
            root   /usr/local/nginx/html;
        }

        # redirect server error pages to the static page /50x.html
        #
        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   /usr/local/nginx/html;
        }

        # proxy the PHP scripts to Apache listening on 127.0.0.1:80
        #
        #location ~ \.php$ {
        #    proxy_pass   http://127.0.0.1;
        #}

        # pass the PHP scripts to FastCGI server listening on 
127.0.0.1:9000
        #
        location ~ \.php$ {
            root           /home/user/docs;
            fastcgi_pass   127.0.0.1:9000;
            fastcgi_index  index.php;
            fastcgi_param  SCRIPT_FILENAME
/home/user/docs$fastcgi_script_name;
            include        fastcgi_params;
        }

        # deny access to .htaccess files, if Apache's document root
        # concurs with nginx's one
        #
        location ~ /\.ht {
            deny  all;
        }
    }

On Mon, Feb 01, 2010 at 05:56:22PM +0800, Max wrote:

> Hello,
> 
> I tried to add some rewrite rule to block hotlinking from other web sites.
> But the rules don't work, I go to my site (e.g. domain1.com), the images
> won't load at all (using wordpress as the cms). Is there anything wrong for
> my conf file? Thanks.

Have you look in error log ? Probably, you should add "root" in

    location ~ \.(jpg|jpeg|png|gif)$ {
+        root   /home/user/docs;
         valid_referers www.domain1.com blocked none;
                if ($invalid_referer) {
                        rewrite  ^(.*)$ /wp-content/uploads/av.gif 
break;
                }
        }

Or you may set this "root" on the server level.

>             root   /home/user/docs;
> 
>             root   /usr/local/nginx/html;
>         #
>             fastcgi_param  SCRIPT_FILENAME
>     }
> _______________________________________________
> nginx mailing list
> nginx@nginx.org
> http://nginx.org/mailman/listinfo/nginx


--
Igor Sysoev
http://sysoev.ru/en/

Yep, yesterday, I got the same mistake.

It works after I put location *.gif section into location / section.

One who ask this question should check your error.log for information.

2010/2/2 Igor Sysoev <igor@sysoev.ru>:
> Have you look in error log ? Probably, you should add "root" in

--
Ren Xiaolei

I put this in the conf file and it works well now. I put it just under 
the
"access log line", I am not sure if I put it at the end of the conf, it
might not work.

location ~ \.(jpg|jpeg|png|gif)$ {
root /home/user/docs;
valid_referers none block server_names ~(domain1.com|google.);
if ($invalid_referer) {
rewrite  ^(.*)$ /wp-content/uploads/av.gif break;
               }
       }

You might also want to check this blog:
http://linuxsysadminblog.com/2009/08/using-wildcards-in-nginx-valid_referers/