I am trying to figure out how to enable hotlinking on my site in nginx but it doesn’t seem to be working. Here is the code for my configuration. I don’t want people direct access to .mp3 .jpg
Here is the code below for the configuration
include forge-conf/mydomain.com/before/*;
server {
listen 80;
listen [::]:80;
server_name mydomain.com;
root /home/forge/mydomain.com/public;
# FORGE SSL (DO NOT REMOVE!)
# ssl_certificate;
# ssl_certificate_key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_dhparam /etc/nginx/dhparams.pem;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Content-Type-Options "nosniff";
index index.html index.htm index.php;
charset utf-8;
# FORGE CONFIG (DOT NOT REMOVE!)
include forge-conf/mydomain.com/server/*;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt { access_log off; log_not_found off; }
access_log off;
error_log /var/log/nginx/mydomain.com-error.log error;
error_page 404 /index.php;
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php/php7.1-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
}
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_intercept_errors off;
fastcgi_buffer_size 16k;
fastcgi_buffers 4 16k;
fastcgi_connect_timeout 300;
fastcgi_send_timeout 300;
fastcgi_read_timeout 300;
}
#Prevent hotlinking
location ~* (\.jpg|\.png|\.css|\.mp3)$ {
valid_referers blocked mydomain.com www.mydomain.com;
if ($invalid_referer) {
return 444;
}
}
location ~ /\.ht {
deny all;
}
}
# FORGE CONFIG (DOT NOT REMOVE!)
include forge-conf/mydomain.com/after/*;
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
Instead of this line:
location ~* (\.jpg|\.png|\.css|\.mp3)$ {
Try using:
location ~ .(jpe?g|png|css|mp3)$ {
The above will cover jpeg, jpg, png, css, and mp3. You can extend that list by simply adding a new |ext where ext is the extension of the file without the . or \ used in your current.
I tried that. Didn’t work. Here is the configuration.
location ~ .(jpe?g|png|css|mp3)$ {
valid_referers none blocked mydomain.com www.mydomain.com;
if ($invalid_referer) {
return 444; # or 403 Forbidden
}
}
i got the following error
2017/03/10 20:40:14 [emerg] 1742#1742: conflicting parameter “mydomain.com” in /etc/nginx/sites-enabled/mydomain.com:77
Become a contributor for community
Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.
DigitalOcean Documentation
Full documentation for every DigitalOcean product.
Resources for startups and SMBs
The Wave has everything you need to know about building a business, from raising funding to marketing your product.
The developer cloud
Scale up as you grow — whether you're running one virtual machine or ten thousand.
Get started for free
Sign up and get $200 in credit for your first 60 days with DigitalOcean.*
*This promotional offer applies to new accounts only.