Nginx Library

A repository of Nginx-related articles

Hotlink protection in Nginx

Hotlinked files can be a major cause for bandwidth leeching for some sites. Here’s how you can hotlink protect your images and other file types using a simple location directive in your Nginx configuration file :

location ~ \.(jpe?g|png|gif)$ {
     valid_referers none blocked mysite.com *.mysite.com;
     if ($invalid_referer) {
        return   403;
    }
}

Use the pipe (“|”) to separate file extensions you want to hotlink protect.

The valid_referers directive contains the list of site for whom hotlinking is allowed. Here is an explanation of the parameters for the valid_referers directive :

  • none - Matches the requests with no Referrer header.
  • blocked - Matches the requests with blocked Referrer header.
  • *.mydomain.com - Matches all the sub domains of mydomain.com. Since v0.5.33, * wildcards can be used in the server names.

You can also tweak the location directive for blocking files from a specific directory. Like this :

location /images/ {
     valid_referers none blocked mysite.com *.mysite.com;
     if ($invalid_referer) {
        return   403;
    }
}

This will hotlink protect every file in any images directory.

If you find this article helpful, please consider making a donation.

Comments