Hotlink protection for wordpress

max · February 1, 2010, 11:19am

Hello,

I tried to add some rewrite rule to block hotlinking from other web
sites.
But the rules don’t work, I go to my site (e.g. domain1.com), the images
won’t load at all (using wordpress as the cms). Is there anything wrong
for
my conf file? Thanks.

server {
listen 123.123.123.123:80;
server_name domain1.com www.domain1.com;

    #charset koi8-r;

    access_log  /home/logs/domain1.com.log;
error_log /home/logs/domain1.com.error.log;

    location / {
        root   /home/user/docs;
        index  index.php index.html index.htm;
        include /usr/local/nginx/conf/wp-rewrite;

}

location ~ .(jpg|jpeg|png|gif)$ {
valid_referers www.domain1.com blocked none;
if ($invalid_referer) {
rewrite ^(.*)$ /wp-content/uploads/av.gif break;
}
}

    location /zp {

        root   /home/user/docs;
        index  index.php;
        include /usr/local/nginx/conf/zp-rewrite;
    }


    error_page  404              /404.html;
    location = /404.html {
        root   /usr/local/nginx/html;
    }

    # redirect server error pages to the static page /50x.html
    #
    error_page   500 502 503 504  /50x.html;
    location = /50x.html {
        root   /usr/local/nginx/html;
    }

    # proxy the PHP scripts to Apache listening on 127.0.0.1:80
    #
    #location ~ \.php$ {
    #    proxy_pass   http://127.0.0.1;
    #}

    # pass the PHP scripts to FastCGI server listening on

127.0.0.1:9000
#
location ~ .php$ {
root /home/user/docs;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME
/home/user/docs$fastcgi_script_name;
include fastcgi_params;
}

    # deny access to .htaccess files, if Apache's document root
    # concurs with nginx's one
    #
    location ~ /\.ht {
        deny  all;
    }
}

max · February 1, 2010, 6:50pm

On Mon, Feb 01, 2010 at 05:56:22PM +0800, Max wrote:

Hello,

I tried to add some rewrite rule to block hotlinking from other web sites.
But the rules don’t work, I go to my site (e.g. domain1.com), the images
won’t load at all (using wordpress as the cms). Is there anything wrong for
my conf file? Thanks.

Have you look in error log ? Probably, you should add “root” in

location ~ \.(jpg|jpeg|png|gif)$ {

   root   /home/user/docs;
   valid_referers www.domain1.com blocked none;
          if ($invalid_referer) {
                  rewrite  ^(.*)$ /wp-content/uploads/av.gif

break;
}
}

Or you may set this “root” on the server level.

        root   /home/user/docs;

        root   /usr/local/nginx/html;
    #
        fastcgi_param  SCRIPT_FILENAME
}

nginx mailing list
[email protected]
nginx Info Page

–
Igor S.
http://sysoev.ru/en/

max · February 2, 2010, 8:51am

Yep, yesterday, I got the same mistake.

It works after I put location *.gif section into location / section.

One who ask this question should check your error.log for information.

2010/2/2 Igor S. [email protected]:

Have you look in error log ? Probably, you should add “root” in

–
Ren Xiaolei

max · February 4, 2010, 8:55am

I put this in the conf file and it works well now. I put it just under
the
“access log line”, I am not sure if I put it at the end of the conf, it
might not work.

location ~ .(jpg|jpeg|png|gif)$ {
root /home/user/docs;
valid_referers none block server_names ~(domain1.com|google.);
if ($invalid_referer) {
rewrite ^(.*)$ /wp-content/uploads/av.gif break;
}
}

You might also want to check this blog: