Nginx image filter + caching of results.

readme.txt

Nginx image filter + caching of results.

Supports dynamic thumbnails images sizes processing + caching results, simple to use.

Awesome!!!

nginx.conf

        location /resize {
                alias /tmp/nginx/resize;
                set $width 150;
                set $height 100;
                set $dimens "";

                if ($uri ~* "^/resize_(\d+)x(\d+)/(.*)" ) {
                        set $width  $1;
                        set $height $2;
                        set $image_path $3;
                        set $dimens "_$1x$2";
                }
                if ($uri ~* "^/resize/(.*)" ) {
                        set $image_path $1;
                }
                set $image_uri image_resize/$image_path?width=$width&height=$height;

                if (!-f $request_filename) {
                        proxy_pass http://127.0.0.1:8080/$image_uri;
                        break;
                }

                proxy_store          /tmp/nginx/resize$dimens/$image_path;
                proxy_store_access   user:rw  group:rw  all:r;
                proxy_temp_path      /tmp/images;
                proxy_set_header     Host $host;
        }

        location /image_resize {
                alias /path/to/media/;
                image_filter resize $arg_width $arg_height;
                image_filter_jpeg_quality 75;
                allow 127.0.0.0/8;
                deny all;
        }

How to prevent resource abuse or DDOS on this?

Hi! I use the following config:

 location /pics {
          alias /var/www/pics;
          set $width 500;
          set $height 500;
          set $dimens "";
​
          if ($uri ~* "^/pics_(\d+)x(\d+)/(.*)" ) {
                  set $width  $1;
                  set $height $2;
                  set $image_path $3;
                  set $demins "$1x$2";
          }
          if ($uri ~* "^/pics/(.*)" ) {
                  set $image_path $1;
          }
          set $image_uri image_resize/$image_path?width=$width&height=$height;
​
          if (!-f $request_filename) {
                  proxy_pass http://192.168.1.1/$image_uri;
                  break;
          }
          proxy_store          /var/www/pics/$demins/$image_path;
          proxy_store_access   user:rw  group:rw  all:r;
          proxy_temp_path      /tmp/images;
          proxy_set_header     Host $host;
​
  }
​
  location /image_resize {
          alias /var/www/pics;
          image_filter resize $arg_width $arg_height;
          image_filter_jpeg_quality 75;
          allow 127.0.0.0/8;
          allow 192.168.1.1/32;
          deny all;
  }

Resizing works. But cache not. The directory /var/www/pics/$demins/$image_path isn't created =(

Q: How to prevent resource abuse or DDOS on this?

• I think you should set the width and height parameters in the url, i.e. image_resize/100x100/{image_path}

• and either parse the image width and height or make specific locations for desired image sizes

• And limit the available width/heights so people cannot enter width=10000 etc..

• In combination with caching this should provide some protection

• Configure nginx to limit the max request rate for an ipfor the image endpoints, i.e. @see https://www.nginx.com/blog/mitigating-ddos-attacks-with-nginx-and-nginx-plus/

Howto remove ratio when i using image_filter resize w_size h_size? I think sometimes it must specific exactly width and hieght of picture.

There is a typo since version 1. :)

set $dimens "";
      ^

set $demins "$1x$2";
      ^

proxy_store /var/www/pics/$demins/$image_path;
                            ^

Should be $dimens everywhere I believe.

oh, lol! @cadavre thanks!