lua防盗链记录,lua防盗
lua防盗链记录,lua防盗
nginx.conf
worker_processes 1;
error_log logs/error.log debug;
events {
worker_connections 102400;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
lua_package_path '/usr/local/openresty/nginx/conf/lua/?.lua;;';
resolver 8.8.8.8;
server {
listen 127.0.0.1:8080;
server_name localhost;
location ~ on_play {
access_by_lua_block {
local domain_table = require "customer"
local domain_ftag = domain_table[ngx.var.arg_domain]
if domain_ftag then
local exec_ftag = require(domain_ftag)
return exec_ftag.run()
else
return ngx.exit(200)
end
}
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
}
customer.lua
local _M = {
-- sed start
-- sed stop
["域名"] = "publish"
}
return _M
publish.lua
local _M = { }
local secret_key = {"test_time",
"test"
}
function _M.time()
local time_out = 300
local time_now = os.time()
local ftag_t = ngx.var.arg_t
local t_switch = tonumber(ftag_t, 16)
if t_switch + time_out < time_now then
ngx.log(ngx.DEBUG, '[' .. " time_out:" .. time_out .. " + t:" .. t_switch .. " < time_now:" .. time_now .. ']')
return ngx.exit(403)
else
ngx.log(ngx.DEBUG, '[' .. " time_out:" .. time_out .. " t:" .. t_switch .. " time_now:" .. time_now .. ']')
end
end
function _M.ftag()
local ftag_t = ngx.var.arg_t
local arg_uri = ngx.var.arg_uri
local ftag_uri = arg_uri:match("/(.*)")
local ftag_md5 = ngx.var.arg_k
for i, k in pairs(secret_key) do
local default_key = k
local origin_code = default_key .. ftag_uri .. ftag_t
local secret_code = ngx.md5(origin_code)
if secret_code == ftag_md5 then
ngx.log(ngx.DEBUG, "[ " .. i .. " ]" .. " code: origin " .. '[' .. origin_code .. ']')
ngx.log(ngx.DEBUG, "[ " .. i .. " ]" .. " code: secret " .. '[' .. secret_code .. " = " .. ftag_md5 .. ']')
return ngx.exit(200)
else
ngx.log(ngx.DEBUG, "[ " .. i .. " ]" .. " code: origin " .. '[' .. origin_code .. ']')
ngx.log(ngx.DEBUG, "[ " .. i .. " ]" .. " code: secret " .. '[' .. secret_code .. " != " .. ftag_md5 .. ']')
end
end
return ngx.exit(403)
end
function _M.run()
_M.time()
_M.ftag()
end
return _M
评论暂时关闭