how to forbidden other site stealing my forum attachment ?
Edho Arief
me at myconan.net
Mon Jun 20 05:55:39 UTC 2016
Hi,
On Mon, Jun 20, 2016, at 14:54, 二戒 wrote:
> sorry. I have found my forum can't show attachment now.
>
> blow is the nginx vhost config fles, where is the mistake?
>
> thank you.
>
> server
> {
> listen 80;
> server_name www.cnprint.org;
> index index.php index.html index.htm;
> root /home/website/cnprint;
> location /bbs/ {
> rewrite ^/bbs/((urllist|sitemap_).*\.(xml|txt)(\.gz)?)$
> /bbs/vbseo_sitemap/vbseo_getsitemap.php?sitemap=$1 last;
> try_files $uri $uri/ /bbs/vbseo.php?$args;
> }
>
> location ~ ^/bbs/.+\.php$ {
> fastcgi_pass 127.0.0.1:9000;
> fastcgi_param SCRIPT_FILENAME $document_root/bbs/vbseo.php;
> include fastcgi_params;
> }
>
> location = /bbs/attachment.php
> {
> valid_referers none blocked *.cnprint.org server_names ~\.google\.
> ~\.baidu\. ~\.360\. ~\.bing\.;
> if ($invalid_referer) {
> # return 403;
> rewrite ^.*$ http://www.cnprint.org;
> }
> }
If you read my message:
> 2. You need fastcgi stuff in the block as well otherwise it'll just return the attachment.php file.
More information about the nginx
mailing list