首页 > 代码库 > HTTP防盗链与反防盗链
HTTP防盗链与反防盗链
HTTP防盗链
通过上一次,我没对HTTP请求不再那么陌生了。防盗链无非就是别人来请求自己网站的信息,用于其他网站,那么如果我们能识别请求是来自那个网站,如果是外网,那么就重定向等其他处理。但在web服务器层面,服务器根据HTTP协议的Referer头信息来判断该请求是来自外网还是内网。到此基本了解原理。接下来进行操作。
-
加载重写模块
apache配置文件中去掉重写模块前 #
-
在需要防盗链的网站或目录,建 .htaccess 文件,写重写规则
RewriteEngine On
#对请求的文件是图片的需要重写 RewriteCond %{REQUEST_FILENAME} .*\.(jpg|jpeg|gif|png|html) [NC] #对网站外网访问进行重写
RewriteCond %{HTTP_REFERER} !localhost [NC] RewriteRule .* www.baidu.com
反防盗链
既然防盗链是通过头信息 Referer 来判断,那么我们就伪造一个头信息进行采集等操作。
class implement_socket implements php_socket { protected $http_tpye = ‘HTTP/1.1‘; protected $url = ‘‘; protected $request_type = ‘‘; protected $lines = ‘‘; protected $fsoket_open = ‘‘; protected $port = ‘‘; protected $errstr = ‘‘; protected $timeout = 0; public $parse_url = ‘‘; protected $content_type = ‘‘; protected $content_length = 0; protected $body = ‘‘; protected $header_info = array(); function __construct($url, $request_type = ‘‘, $port = 80, $timeout = 5) { $this->url = $url; $this->request_type = $request_type; $this->port = $port; $this->timeout = $timeout; $this->parse_url = parse_url($url); //链接 $this->connect(); } /* *设置请求行 * */ public function get() { $this->content_type = ‘text/html‘; $this->lines = $this->request_type . ‘ ‘ . $this->parse_url[‘path‘] . ‘ ‘ . $this->http_tpye; return $this->request(); } public function post($param) { //设置头信息 $this->content_type = ‘application/x-www-form-urlencoded‘; $data = $this->body_info($param); $this->header_info[] = ‘Content-Length:‘ . strlen($data); $this->lines = $this->request_type . ‘ ‘ . $this->parse_url[‘path‘] . ‘ ‘ . $this->http_tpye; $this->body = $data; return $this->request(); } public function request() { $getinfo = ‘‘; /*echo $this->lines . "\r\n" . implode("\r\n", $this->header_info) . " \n\r\n" . $this->body; exit();*/ //链接成功进行写入头信息 fwrite($this->fsoket_open, $this->lines . "\n" . implode("\n", $this->header_info) . "\n\r\n" . $this->body); while (!feof($this->fsoket_open)) { $getinfo .= fgets($this->fsoket_open, 2048); } fclose($this->fsoket_open); return $getinfo; } /* * 链接 * */ public function connect() { try { $this->fsoket_open = fsockopen($this->parse_url[‘host‘], $this->port, $this->errstr, $this->timeout); } catch (Exception $exception) { echo ‘connect is failed :‘ . $exception->getMessage() . ‘r\n‘ . $this->errstr; } } /* * 设置头信息 * */ public function header_info($head_arraay = array()) { $this->header_info = $head_arraay; } /* * 设置主体 * */ public function body_info($param = ‘‘) { // 生成 URL-encode 之后的请求字符串 return $param; } } //防盗链 $http = new implement_socket(‘http://localhost/smarty/explain.png‘, ‘GET‘); $http->header_info(array( ‘Referer:http://localhost/smarty/‘, "Host:" . $http->parse_url[‘host‘] )); //写入文件里 //echo strstr($http->get(),‘\r\n\r\n); file_put_contents(‘caiji.png‘,substr(strstr($http->get(),"\r\n\r\n"),4));
HTTP防盗链与反防盗链
声明:以上内容来自用户投稿及互联网公开渠道收集整理发布,本网站不拥有所有权,未作人工编辑处理,也不承担相关法律责任,若内容有误或涉及侵权可进行投诉: 投诉/举报 工作人员会在5个工作日内联系你,一经查实,本站将立刻删除涉嫌侵权内容。