FAQ

Page Discussion Edit History

HttpAccessKeyModuleChs

Revision as of 07:26, 21 December 2010 by Vica (Talk)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Contents

Synopsis 总述

This module is not distributed with the Nginx source. See the installation instructions.

此模块没有被包含在Nginx官方安装包中. 请看 安装介绍.

This module denies access unless the request URL contains an access key. Keys can correspond to remote IP addresses or other variables, so that downloads may be dynamically restricted to certain clients.

这个模块可以阻止所有URL中未包含合法访问令牌的访问(防盗链)。访问令牌可以由访问者IP或者其它服务器变量生成,所以可以很好地控制客户端的下载行为。

Example configuration: 配置实例: 

location /download {
  accesskey             on;
  accesskey_hashmethod  md5;
  accesskey_arg         "key";
  accesskey_signature   "mypass$remote_addr";
}

A client might then be directed to, e.g., http://example.com/download/file.zip?key=09093abeac094.

用户得到的下载地址可能像这样: http://example.com/download/file.zip?key=09093abeac094。

Directives 指令

accesskey

syntax: accesskey [on|off]

语句: accesskey [on|off]

default: accesskey off

默认: accesskey off

context: main, server, location

可以用在: main, server, location

Enables access-key restrictions.

开启 access-key 功能。

accesskey_arg

syntax: accesskey_arg "string"

语句: accesskey_arg "字符"

default: accesskey "key"

默认: accesskey "key"

context: main, server, location

可以用在: main, server, location

The URL that contains the access key.

URL中包含 access key 的GET参数。

accesskey_hashmethod

syntax: accesskey_hashmethod [md5|sha1]

语句: accesskey_hashmethod [md5|sha1]

default: accesskey_hashmethod md5

默认: accesskey_hashmethod md5(默认用 md5 加密)

context: main, server, location

可以用在: main, server, location

Whether to use MD5 or SHA-1 for key creation.

用 MD5 还是 SHA1 加密 access key。

accesskey_signature

syntax: accesskey_signature "string"

语句: accesskey_signature "字符"

default: accesskey_signature "$remote_addr"

默认: accesskey_signature "$remote_addr"

context: main, server, location

可用在: main, server, location

The string to hash to create an access key. Include the $remote_addr variable to make keys unique to client IP addresses. Be sure to include a secret phrase as well to protect the integrity of your keys. (E.g. "myPassWord$remote_addr".)

这个值用来生成 access key。(换句话说就是会用MD5或者SHA1加密这个值)。加入$remote_addr的原因是让 access key 与特定的机器联系(通过IP地址)。要注意加入你自己的密文来保护 acccess key,防止被人破解。(例如"myPassword$remote_addr"。)

Installation 安装

Download the module source here: File:Nginx-accesskey-2.0.3.tar.gz

先在这里下载模块源码: File:Nginx-accesskey-2.0.3.tar.gz

Unpack, edit the "config" file, replace "$HTTP_ACCESSKEY_MODULE" with "ngx_http_accesskey_module", and then compile nginx with:

解压,然后编辑 "config" 文件,将 "$HTTP_ACCESSKEY_MODULE""ngx_http_accesskey_module" 替换。然后编译: 

 ./configure --add-module=path/to/nginx-accesskey

Credits 开发人员

Originally developed for OWOX project

最初是为了这个网站开发的: OWOX 项目

Translation 翻译

Translationed by Dndx On Dec,5,2009.

由 Dndx 在 2009年12月5日 翻译。

Retrieved from "http://wiki.nginx.org/index.php?title=HttpAccessKeyModuleChs&oldid=456"