Prevent hotlinking (ngx_http_referer_module)

Igor Sysoev is at
Sun Dec 3 11:32:50 MSK 2006

> The english wiki page about ngx_http_referer_module is half-translated
> and I'm confused about the syntax. Can anyone help me with blocking
> hotlinking.
> I have a /photos/ folder with .jpeg files and I want only browsers with
> referer set to domain.tld and www.domain.tld to be able to access them.
> Pretty basic stuff.

    location ~* ^/photos/.+\.jpg$ {

    or (better)

    location /photos/ {
         valid_referers   none  blocked  domain.tld  www.domain.tld;

         if ($invalid_referer) {
             return   403;

The "none" means the absence of "Referer" header.
The "blocked" means masked "Referer" header by firewall, for example,
"Referer: XXXXXXX".

Igor Sysoev

More information about the nginx mailing list