Reputation: 1464
Block requests via intermediate host names at nginx
I have a setup where users are supposed to send requests to A.com. Requests are sent to a CDN which further sends request to A-reader.com, and A-reader routes the request to nginx.
I want A-reader to be accessible only via CDN, so, the aim is to block any request where original request url is not A.com. If any user types A-reader.com/<anything> in browser address bar, requests should be blocked at nginx
Is this possible?
Upvotes: 0
Views: 1046
Answers (1)
Reputation: 4455
Yes - You can use the nginx http referrer module - http://nginx.org/en/docs/http/ngx_http_referer_module.html
In your case, since you only want to allow A.com, the configuration should be something like:
valid_referers *.A.com;
if ($invalid_referer) {
return 403;
}
You'll have to customize the valid referral list to match your domain.
Alternatively, you can do regex matching on $http_referer:
if ($http_referer ~* (babes|click|diamond|forsale|girl|jewelry|love|nudit|poker|porn))
{ return 403; }
(HTTP referer from https://calomel.org/nginx.html via How to block referral spam using Nginx?)
Upvotes: 1
Related Questions
- Nginx restrict domains
- How to make nginx process only the specified host (alocal, blocal), but ignore the "naked" ip address?
- How to block bots in Nginx by stopping Invalid Host Headers
- How do I restrict host only to specific URIs?
- How to configure nginx to refuse connection from a suspicious host?
- How to prevent nginx from responding on a specific subdomain
- Using Nginx to block IP's behind proxy
- Nginx - How to block all IPs except one
- Nginx block access to referring url
- Reject certain subdomains on port 80 on nginx