Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Advertise on LowEndTalk.com
nginx frontend proxy for apache and hotlink protection
New on LowEndTalk? Please read our 'Community Rules' by clicking on it in the right menu!

nginx frontend proxy for apache and hotlink protection

ndelaespadandelaespada Member, Provider

I have a server running nginx as frontend proxy for apache and i'm trying to configure hotlink protection, the server has mostly mp3s and hotlink is killing bw, I have the following in the site config file:

      location ~* (\.bin|\.zip|\.mp4|\.mp3|\.jpg|\.png)$ {
      valid_referers blocked mysite.com www.mysite.com *.google.com *.bing.com *.yahoo.com;
      if ($invalid_referer)  {
      return 405;
      }

but for some reason the only extension getting blocked is .bin, everything else loads without restriction.

Can anyone shed some light? I've tried several suggestions I've found on the net without any luck

owned-networks | ssd ddos protected kvm & openvz 7 | DAL - LA - SEA - NYC - MIA - AMS - LON
english, french & spanish support

Comments

  • I have never bothered much, if any, with hotlink protection, but I can tell you two things right off the bat:
    1) never ever blindly copy/paste configurations

    2) don't use "if" statements with Nginx; that is a really old, outdated, and bad way of doing things.

    That being said, check out http://www.kbeezie.com - he knows his way around Nginx, he works with us, and his is a Nginx contributor.

  • sleddogsleddog Member
    edited November 2013

    said: the only extension getting blocked is .bin

    Perhaps other extensions are being handled by other, prior, directives.

  • budi1413budi1413 Member
    edited November 2013

    You can simplify it like this:

    location ~ \.(bin|zip|mp4|mp3|jpg|png)$ {
     ...
    }
    
  • ndelaespadandelaespada Member, Provider

    @sleddog said:

    Thank was exactly it! thanks!

    @budi1413 said:
    You can simplify it like this:

    Thanks, just applied that change,

    owned-networks | ssd ddos protected kvm & openvz 7 | DAL - LA - SEA - NYC - MIA - AMS - LON
    english, french & spanish support

Sign In or Register to comment.