nginx with valid_referers with regular expression

jiangcaiyang

I need to limit my photo and other resources to my site only. So I choose nginx to do that. The script as written as follows:

    location ~ .*\.(gif|jpg|jpeg|png|bmp|swf|mp4|avi|mkv)$
    {
            valid_referers none blocked server_names *.163.com *.126.com *.qq.com *.baidu.com ~qtdream\.com.*;
        if ( $invalid_referer ) {
        # 这里可以用rewrite来写其它的图片、网站和其它内容
            #rewrite ^/ https://qtdream.com;
            return 403;
        }
	    expires 30m;
    }

Here I'm using regular expression: ~qtdream\.com.*;, but it does not hit referer:

http://qtdream.com/stylesheet.css?v=390e8c43-7733-407b-8c6e-f33510d0e46b

Is there any way to hit the above referer? so the picture can be shown normally?

PitaJ

@jiangcaiyang you shouldn't need the .* at the end, and it leaves you open to something like qtdream.com.example.net I think.

jiangcaiyang

@PitaJ But . means any visible symbols and characters, and * means 0 or more times, this is not wildcard I think. I've tested the regular expresstion using Qt's QRegExp, but I still could not hit the referer:

http://qtdream.com/stylesheet.css?v=390e8c43-7733-407b-8c6e-f33510d0e46b

PitaJ

@jiangcaiyang have you tried just qtdream.com?

jiangcaiyang

@PitaJ Tried, but still 403.
Is there any convenient way to check if the rules are valid.
And there are few instances on regular expressions for nginx valid_referers.