Cloudflare R2对象存储桶,绑定域名为博客图片外链安全性规则,安全自定义规则,图片防盗链表达式规则。表达式(Expression)
选择 Edit expression(编辑表达式)
填入:
(
http.request.uri.query contains "union select"
or http.request.uri.query contains "select%20"
or http.request.uri.query contains "sleep("
or http.request.uri.query contains "benchmark("
or http.request.uri.query contains "<script"
or http.request.uri.query contains "onerror="
or http.request.uri.query contains "onload="
or http.user_agent contains "sqlmap"
or http.user_agent contains "nikto"
or http.user_agent contains "nmap"
)2 设置 CORS策略(完整稳定版)
R2 → Settings → CORS Policy
填:
[
{
"AllowedOrigins": [
"https://zairun.com",
"https://www.zairun.com"
],
"AllowedMethods": [
"GET",
"HEAD",
"PUT"
],
"AllowedHeaders": [
"*"
],
"ExposeHeaders": [
"ETag"
],
"MaxAgeSeconds": 3600
}
]