How to forbidden other site stealing my forum attachment?

Rafa_F · June 20, 2016, 7:20am

Hello everyone,

My forum posts and attachments have been stolen much more by other site.
and I write a nginx rule to prevent, without success, please guide.

example this forum:
http://dysmyh.com/thread-41217-1-1.html

and my attachments url as
http://www.cnprint.org/bbs/attachment.php?attachmentid=205810&d=1359965752

and my forum domain is www.cnprint.org, and forum script put into /bbs/
directory.

now I forbidden others site show my attachment, this rule don’t work,
please help me.

I think should this line “location ~* ^/bbs/attachment+.php?$” has
mistake, but I can’t resolve it.

location ~* ^/bbs/attachment+.php?$
{
valid_referers none blocked *.cnprint.org server_names ~.google.
~.baidu. ~.360. ~.bing.;
if ($invalid_referer) {

return 403;

rewrite ^.*$ http://www.cnprint.org;
}
}

casper_the_ghost · June 20, 2016, 7:31am

Hi,

On Mon, Jun 20, 2016, at 14:20, 二戒 wrote:

}
}

There’s probably another regexp location block matching the url
before this block is defined (something like location ~ \.php$ { })
and definition order matters in regexp location.
You need fastcgi stuff in the block as well otherwise it’ll just
return the attachment.php file.
The regexp, while does match /bbs/attachment.php fine, it is a bit
confusing since it also matches /bbs/attachmentttttttt.ph .

3.1. might as well use exact match (location = /bbs/attachment.php { }).

casper_the_ghost · June 20, 2016, 7:54am

sorry. I have found my forum can’t show attachment now.

blow is the nginx vhost config fles, where is the mistake?

thank you.

server
{
listen 80;
server_name www.cnprint.org;
index index.php index.html index.htm;
root /home/website/cnprint;
location /bbs/ {
rewrite ^/bbs/((urllist|sitemap_).*.(xml|txt)(.gz)?)$
/bbs/vbseo_sitemap/vbseo_getsitemap.php?sitemap=$1 last;
try_files $uri $uri/ /bbs/vbseo.php?$args;
}

location ~ ^/bbs/.+.php$ {
fastcgi_pass 127.0.0.1:9000;
fastcgi_param SCRIPT_FILENAME $document_root/bbs/vbseo.php;
include fastcgi_params;
}

location = /bbs/attachment.php
{
valid_referers none blocked *.cnprint.org server_names ~.google.
~.baidu. ~.360. ~.bing.;
if ($invalid_referer) {

return 403;

rewrite ^.*$ http://www.cnprint.org;
}
}

location ~ .*.php?$
{
try_files $uri =404;
include fastcgi.conf;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
}

location ~ .*.(gif|jpg|jpeg|png|bmp|swf)$
{
expires 30d;
}

}

2016-06-20 13:45 GMT+08:00 二戒 [email protected]:

casper_the_ghost · June 20, 2016, 7:56am

Hi,

On Mon, Jun 20, 2016, at 14:54, 二戒 wrote:

index index.php index.html index.htm;
include fastcgi_params;
}
If you read my message:

casper_the_ghost · June 20, 2016, 7:46am

Edho A. ,

thank you very much.
it’s work fine now.
have a good day, thank again.

2016-06-20 13:30 GMT+08:00 Edho A. [email protected]:

casper_the_ghost · June 20, 2016, 8:10am

Hello,Edho A.
sorry, just be not careful to understand.
It’s ok now, thank again.

2016-06-20 13:55 GMT+08:00 Edho A. [email protected]: