Configuring nginx block cross origin of p2p drive tool – anti-stealing link

The theory for implementation is as follows

  1. Put the link embed domain and allowed domains to stream into the tool’s config file
  2. Configure nginx to block other embed pages

I instructed 2 steps on the extract as below

1.Put the link embed domain and allowed domains to stream into the tool’s config file

The tool’s config file is located in the /root/p2pdrive/p2p-drive.config.json path, which will look like the image below.

You pay attention to the location where you put the arrow, which is where we will place the link embed domain and the domains that are allowed to stream into.

For example, if I have the link embed domain “p2p.vanlongstream.com” and will have two domains called vanlongstream.com and streamservice.online allowed to stream, I will do the following:

Now we just need to save the config file and use the following command to restart the tool as the tool will receive the config

cd /root/p2pdrive
./kill-tool.sh
./setup-init.sh
cp /etc/nginx/nginx.conf.old /etc/nginx/nginx.conf
nginx -s reload
./run.sh

Note: If you do not use your embed but use the m3u8 link to stream, just do what is above enough, do not need to do step 2 here! But using the m3u8 link, I have to setup it like my embed file, I advise you to use embed format.

2. Configure nginx to block other embed pages

Embed page for tool play will take the form
https://your-sub-stream-domain/public/dist/index.html

So you use the following method to block other websites embed in your embed page

In config nginx I configure the default for you at /etc/nginx/nginx.conf, edit the block / public as follows

location /public {
	root /root/p2pdrive;
	valid_referers blocked server_names
        domain1 domain2 your-sub-stream-domain;
	if ($invalid_referer) {
		return 403;
	}		
}

In above, domain1, domain2 is the domain that you allow to stream,
your-sub-stream-domain is the domain of the url that is used for embed. For example if I give 2 streamed domains vanlongstream.com and streamservice.online and domain of embed url is p2p.vanlongstream.com, then configure the segment The above will be

location /public  {
          root /root/p2pdrive;
          valid_referers blocked server_names
          vanlongstream.com streamservice.online p2p.vanlongstream.com;
          if ($invalid_referer) {
            return 403;
          }
}

If you want to allow all sub domains to be streamed, the configuration will be

location /public {
          root /root/p2pdrive;
          valid_referers blocked server_names
          vanlongstream.com *.vanlongstream.com streamservice.online *.streamservice.online p2p.vanlongstream.com;
          if ($invalid_referer) {
            return 403;
          }
}

After editing as above, you need to save nginx config file and reload nginx following the following command

nginx -t
nginx -s reload

So, step 2, now only the domains are allowed to embed the embed page of you

Final: When you complete the above 2 steps, you have completed the fight against other websites stealing your link, wish you success, I’m ready to support you, don’t be afraid to inbox when you need it!